Messages

It has been about a week on Cloudflare DNS and not a single issue as everyone has described.

Must be an incompatibility somewhere as I and other posters have suggested previously.

Ill likely end up migrating to the NetCloud client when I have time here soon.

i also have the same issue.. unbound is green and running but dns is not working.
i am also using nextdns.. seems to happen every 2 days or so..
i am going to switch to 1.1.1.1 and 8.8.8.8 to see if that makes any difference..

I have been running two days now on Cloudflare with the exact same settings, without once freezing up. So that would lead me to believe that my assumption was true about NextDNS and Unbound having problems when used together.

It does look like the NextDNS client on GitHub will work on OPNSense; much the same as it will on PfSense, seeing as they are both on FreeBSD.

I will likely end up going that route and disabling Unbound, once I get the chance to test it out.

https://github.com/nextdns/nextdns/wiki

I'm not at home now to test, but the Unbound service always appears to be running, but no lookups will work.

My best guess at this point is that something about the combination of NextDNS and Unbound is causing lookups to just stall out permanently. Its not that the service is crashing, which would show up in the logs, its just stalling out until I end up rebooting it. But that is just my guess.

It looks like NextDNS has issues with unbound, but its a little above my head about what they are referring to in the GitHub post.

https://github.com/NLnetLabs/unbound/issues/132

Just to confirm, are you saying that the Unbound service is stopping/crashing? Do you see any errors in the log file?

I've been using a custom config forwarding DoT to Quad9 for years as soon as it was supported by Unbound back in 2018. This has been very stable and the Unbound service itself has never shown any issues. There may be some clues in the log if it's a DNS provider problem.

As best as I can tell unbound is stopping. There is little if anything in the log to indicate such, but the symptoms are pointing to it (lookups fail, but can still ping ip addresses) and restarting the service an/or opnsense fixes it.

The problem has not occurred since I just changed to Cloudflare as of last night. Makes me wonder if mixing Unbound and NextDNS is the problem.

I just removed my custom config for NextDNS and changed things to Cloudflare DoT.

Going to test and see if it works or not. At least I can eliminate something from the list.

And now it is back and even worse than before. I haven't touched anything setting wise...

I haven't touched anything on my config and it seems to be stabilized. It seems really weird that it was doing it for several days straight and now its been solid for a day or so.

I still have DoT running as well. I built a backup Pi-Hole just in case I need to switch DNS over to it temporarily, but unbound seems to be working...for now.

Hello everyone, I just updated to version 21.1.7_1, and now am having what appears to be issues with Unbound crashing every few hours seemingly at random.

As far as I can tell, when it happens, DNS lookups fail but I can still ping out via IP address from a terminal. The only way I have found to solve it is by restarting Unbound or rebooting OPNsense all together.

I've looked in the logs that I know about and don't see anything catastrophic. Also checked the forums and tried several things listed for older versions of OPNSense, all with no luck.

Also, not sure if it is of any help, I have Unbound set up to be forwarding queries to NextDNS over TLS.

Thanks in advance for any help!

So i figured it out after all...

It seems that DNS settings under system > settings > general, cannot coexist with the lines we are adding to the custom options in unbound.

They both write forward-zones in the unbound.conf and unbound notices duplicates and drops one as far as i can tell.

So make sure you don't have manually defined servers elsewhere.

I'm having trouble with this myself.

Anyone mind showing me an update unbound config file?

Bump

I have been trying to manually config DNS over TLS, using the unbound custom config, but cant seem to get anywhere.

Would prefer to use unbound instead of the NextDNS CLI.

Any help would be greatly appreciated.