Messages

[unbound/logger.py]

What sticks out to me between the two diagnostic outputs is that unbound/logger.py was on the "lockf" state. But after restarting it, it became "kqread".

Also, unbound_watcher.py is not present on the list prior to restarting the service. So perhaps whatever that is fails silently and isn't present in the Opnsense logs.

Since unbound_watcher.py seems to be dhcp-related, I pulled some general Opnsense logs for the term "dhcp" and I see that every hour at the 50-minute mark dhcp6c_script is running. Not sure if this is helpful/related but figured I'd include it:

Code Select Expand

2024-04-16T08:50:24-04:00 Notice dhcp6c dhcp6c_script: RENEW on igc0 executing
2024-04-16T07:50:24-04:00 Notice dhcp6c dhcp6c_script: RENEW on igc0 executing
2024-04-16T06:50:24-04:00 Notice dhcp6c dhcp6c_script: RENEW on igc0 executing
2024-04-16T05:50:24-04:00 Notice dhcp6c dhcp6c_script: RENEW on igc0 executing
2024-04-16T04:50:24-04:00 Notice dhcp6c dhcp6c_script: RENEW on igc0 executing
2024-04-16T03:50:24-04:00 Notice dhcp6c dhcp6c_script: RENEW on igc0 executing
2024-04-16T02:50:24-04:00 Notice dhcp6c dhcp6c_script: RENEW on igc0 executing
2024-04-16T01:50:24-04:00 Notice dhcp6c dhcp6c_script: RENEW on igc0 executing
2024-04-16T00:50:24-04:00 Notice dhcp6c dhcp6c_script: RENEW on igc0 executing
2024-04-15T23:50:24-04:00 Notice dhcp6c dhcp6c_script: RENEW on igc0 executing
2024-04-15T22:50:24-04:00 Notice dhcp6c dhcp6c_script: RENEW on igc0 executing
2024-04-15T21:50:23-04:00 Notice dhcp6c dhcp6c_script: RENEW on igc0 executing
...

I did some searching on the forums for why this renewal could be happening, and I saw that someone asked to post the dhcp6c.conf files. I don't really know how these files are produced but on my box here is the output if its helpful to anyone:

Code Select Expand


root@OPNsense:/var/etc # cat dhcp6c.conf
interface igc0 {
  send ia-pd 0; # request prefix delegation
  request domain-name-servers;
  request domain-name;
  script "/var/etc/dhcp6c_wan_script.sh"; # we'd like some nameservers please
};
id-assoc pd 0 {
  prefix ::/56 infinity;
  prefix-interface igc1 {
    sla-id 0;
    sla-len 8;
  };
};
root@OPNsense:/var/etc # cat dhcp6c_wan.conf
interface igc0 {
  send ia-pd 0; # request prefix delegation
  request domain-name-servers;
  request domain-name;
  script "/var/etc/dhcp6c_wan_script.sh"; # we'd like some nameservers please
};
id-assoc pd 0 {
  prefix ::/56 infinity;
  prefix-interface igc1 {
    sla-id 0;
    sla-len 8;
  };
};



Just providing whatever I can that might be helpful for context:

Code Select Expand


root@OPNsense:/var/unbound # cat /var/etc/radvd.conf
# Automatically generated, do not edit
# Generated RADVD config for dhcp6 assignment from wan on lan
interface igc1 {
        AdvSendAdvert on;
        AdvLinkMTU 1500;
        AdvManagedFlag on;
        AdvOtherConfigFlag on;
        prefix REDACTED::/64 {
                DeprecatePrefix on;
                AdvOnLink on;
                AdvAutonomous on;
        };
        RDNSS REDACTED { };
        DNSSL home.arpa { };
};


[after manually restarting the Unbound service]

Attached is the output of System: Diagnostics: Activity filtered for the term "unbound" after manually restarting the Unbound service (to temporarily resolve this issue)

Attached is the output of System: Diagnostics: Activity filtered for the term "unbound"

Hi all,

Since my update to 24.1.x, I've noticed that Unbound stops working randomly at times until I restart the Unbound service or reboot the router manually.

In the attached screenshot, you can see the Unbound reporting showing that all client activity has stopped. On my network, I have so many devices being used, there really should never be a period of no activity like this. Unbound has stopped working somehow and restarting the service would temporarily resolve it. This occurs 1 to 2 times per day.

Under System: Log Files: General, I see only the following unrelated messages for warning and above:

Code Select Expand

2024-04-16T01:15:50-04:00 Error php remove config-1693717200.xml from Google Drive
2024-04-16T01:15:49-04:00 Error php backup configuration as config-1713244548.xml
2024-04-15T01:49:02-04:00 Error php remove config-1693630800.xml from Google Drive
2024-04-15T01:49:01-04:00 Error php backup configuration as config-1713160140.xml

Under Services: Unbound DNS: Log File, I don't see any corresponding events with the time that Unbound stopped working:

Code Select Expand

2024-04-16T02:00:53-04:00 Informational unbound [73324:0] info: dnsbl_module: blocklist loaded. length is 243545
2024-04-16T02:00:52-04:00 Informational unbound [73324:0] info: dnsbl_module: updating blocklist.
2024-04-16T02:00:02-04:00 Notice unbound blocklist parsing done in 2.59 seconds (243545 records)
2024-04-16T02:00:02-04:00 Notice unbound blocklist: https://big.oisd.nl/domainswild (exclude: 0 block: 233645 wildcard: 233645)
2024-04-16T02:00:02-04:00 Notice unbound blocklist download: 233660 total lines downloaded for https://big.oisd.nl/domainswild
2024-04-16T02:00:00-04:00 Notice unbound blocklist: https://threatfox.abuse.ch/downloads/hostfile (exclude: 1 block: 14123 wildcard: 0)
2024-04-16T02:00:00-04:00 Notice unbound blocklist download: 14133 total lines downloaded for https://threatfox.abuse.ch/downloads/hostfile
2024-04-16T02:00:00-04:00 Notice unbound blocklist download : exclude domains matching .*localhost$

Environment:

OPNsense 24.1.5_3-amd64
FreeBSD 13.2-RELEASE-p11
OpenSSL 3.0.13
Intel(R) N100 (4 cores, 4 threads)

Hi all,

I recently upgraded from an N5105 topton box to an N100 router by the same manufacturer. I loaded the config I backed up from the old router to the new. Additionally, I also setup Opnsense with ZFS on the new router (previously it wasn't). Prior to this I was running 23.x on my N5105 box -- so now I'm on 24.1.5_3:

OPNsense 24.1.5_3-amd64
FreeBSD 13.2-RELEASE-p11
OpenSSL 3.0.13

The internet mostly works, but something is broken with IPV6 -- and unbound seems to be breaking if I leave it for a while. I can see it not capturing any data in the reporting output. Restarting the unbound service resolves it -- but why does this happen?

On boot, pretty reliably I see the following 4 errors/warnings:

Code Select Expand

2024-04-14T11:43:45-04:00 Error opnsense /usr/local/etc/rc.newwanip: The command '/usr/local/sbin/ntpd -g -c '/var/etc/ntpd.conf'' returned exit code '1', the output was ''
2024-04-14T11:43:38-04:00 Error dhcp6c transmit failed: Can't assign requested address
2024-04-14T11:43:37-04:00 Error opnsense /usr/local/etc/rc.bootup: The command '/sbin/umount '/var/unbound/lib'' returned exit code '1', the output was 'umount: /var/unbound/lib: not a file system root directory'
2024-04-14T11:43:37-04:00 Warning opnsense /usr/local/etc/rc.bootup: dhcpd_radvd_configure(auto) found no suitable IPv6 address on lan(igc1)

So I'm having this issue: https://forum.opnsense.org/index.php?topic=39469.0

But I also have some other issue with IPV6 "found no suitable IPv6 address on lan" that I'm not sure how to resolve.

To add to the confusion, some clients on my networks (android phones) can't load some websites (like llbean.com). But they load fine on my Windows machine on the same network.

Any ideas? I changes a lot of variables all at once by doing this hardware upgrade, with the new version of Opnsense. So I'm not sure where to begin.

Also seeing this, my filesystem was also full, had to restart unbound dns.

How did you tell your filesystem was full and how did you resolve it?


If I run "dh -h" on opnsense, I see that /var/unbound/dev is at 100%. That seems bad. I don't know why it's setup that way. Is that something I should fix? if so -- how?

Code Select Expand


root@OPNsense:~ # df -h
Filesystem                  Size    Used   Avail Capacity  Mounted on
zroot/ROOT/default          442G    1.2G    441G     0%    /
devfs                       1.0K    1.0K      0B   100%    /dev
/dev/gpt/efiboot0           260M    1.8M    258M     1%    /boot/efi
zroot/var/mail              441G     96K    441G     0%    /var/mail
zroot/tmp                   441G     96K    441G     0%    /tmp
zroot                       441G     96K    441G     0%    /zroot
zroot/var/audit             441G     96K    441G     0%    /var/audit
zroot/var/crash             441G     96K    441G     0%    /var/crash
zroot/usr/ports             441G     96K    441G     0%    /usr/ports
zroot/var/log               441G    1.1M    441G     0%    /var/log
zroot/usr/home              441G     96K    441G     0%    /usr/home
zroot/var/tmp               441G     96K    441G     0%    /var/tmp
zroot/usr/src               441G     96K    441G     0%    /usr/src
tmpfs                       3.1G    1.8M    3.1G     0%    /var/log
tmpfs                       806M    1.3M    804M     0%    /tmp
devfs                       1.0K    1.0K      0B   100%    /var/dhcpd/dev
devfs                       1.0K    1.0K      0B   100%    /var/unbound/dev
/usr/local/lib/python3.9    442G    1.2G    441G     0%    /var/unbound/usr/local/lib/python3.9
/lib                        442G    1.2G    441G     0%    /var/unbound/lib


[Versions:]

I'm also seeing this error:

Code Select Expand


2024-04-13T04:00:56-04:00 Error opnsense /usr/local/etc/rc.restart_webgui: The command '/usr/sbin/daemon -f -p '/var/run/updaterrd.pid' '/var/db/rrd/updaterrd.sh'' returned exit code '3', the output was 'daemon: process already running, pid: 31061'
2024-04-13T04:00:56-04:00 Error opnsense /usr/local/etc/rc.newwanipv6: The command '/usr/local/sbin/ntpd -g -c '/var/etc/ntpd.conf'' returned exit code '1', the output was ''
2024-04-13T04:00:49-04:00 Error dhcp6c transmit failed: Can't assign requested address
2024-04-13T04:00:48-04:00 Error opnsense /usr/local/etc/rc.bootup: The command '/sbin/umount '/var/unbound/lib'' returned exit code '1', the output was 'umount: /var/unbound/lib: not a file system root directory'


Versions:

OPNsense 24.1.5_3-amd64
FreeBSD 13.2-RELEASE-p11
OpenSSL 3.0.13