OPNsense
  • Home
  • Help
  • Search
  • Login
  • Register

  • OPNsense Forum »
  • Archive »
  • 20.7 Legacy Series »
  • Unbound service routinely stopping/crashing following 20.7.7 update
« previous next »
  • Print
Pages: 1 [2] 3 4 ... 7

Author Topic: Unbound service routinely stopping/crashing following 20.7.7 update  (Read 51199 times)

dinguz

  • Full Member
  • ***
  • Posts: 189
  • Karma: 7
    • View Profile
Re: Unbound service routinely stopping/crashing following 20.7.7 update
« Reply #15 on: December 18, 2020, 04:58:59 pm »
I also noticed that unbound wasn't restarted after the upgrade 20.7.6 -> 20.7.7, I had to do that manually. Is this intentional?
Logged
In theory there is no difference between theory and practice. In practice there is.

miruoy

  • Newbie
  • *
  • Posts: 31
  • Karma: 2
    • View Profile
Re: Unbound service routinely stopping/crashing following 20.7.7 update
« Reply #16 on: December 18, 2020, 05:04:01 pm »
Quote from: miruoy on December 18, 2020, 04:24:05 pm
Setting the interfaces manually appears to have stabilized the issue. Will report back if the situation changes.

Spoke too soon :( It just crashed again.

Reverted to unbound 20.7.6 as suggested by Franco
Logged

guest25283

  • Guest
Re: Unbound service routinely stopping/crashing following 20.7.7 update
« Reply #17 on: December 18, 2020, 06:16:35 pm »
I can confirm I have the same behaviour. This however only seems to happen when I reboot the firewall, not throughout the day.

Starting Unbound manually solves it for now.
Hope that a fix is available soon.
Logged

deejacker

  • Newbie
  • *
  • Posts: 4
  • Karma: 2
    • View Profile
Re: Unbound service routinely stopping/crashing following 20.7.7 update
« Reply #18 on: December 18, 2020, 06:27:39 pm »
Changing and then reverting the interfaces didn’t resolve anything for me, experienced another Unbound service stop shortly afterwards.
Logged

guest15389

  • Guest
Re: Unbound service routinely stopping/crashing following 20.7.7 update
« Reply #19 on: December 19, 2020, 11:19:05 pm »
It would be better to pull this update as it completely breaks the system and makes it unusable since DNS crashes over and over.
Logged

mimugmail

  • Hero Member
  • *****
  • Posts: 6286
  • Karma: 432
    • View Profile
Re: Unbound service routinely stopping/crashing following 20.7.7 update
« Reply #20 on: December 20, 2020, 07:20:04 am »
Quote from: Animosity022 on December 19, 2020, 11:19:05 pm
It would be better to pull this update as it completely breaks the system and makes it unusable since DNS crashes over and over.

opnsense-revert -r 20.7.6 unbound
Logged
Twitter: mimu_muc
WWW: www.routerperformance.net
Support plans: https://www.max-it.de/en/it-services/opnsense/
Commercial Plugins (German): https://opnsense.max-it.de/

crowbarz

  • Newbie
  • *
  • Posts: 1
  • Karma: 0
    • View Profile
Re: Unbound service routinely stopping/crashing following 20.7.7 update
« Reply #21 on: December 20, 2020, 11:40:32 am »
I think @Animosity022 meant stop offering the broken unbound 1.13.0 package in System > Firmware > Updates, or releasing 20.7.7_2 with unbound pinned at 1.12.0, or withdrawing 20.7.7_1 altogether (I get there are security issues resolved in this release so that might not be the best option).

Is it possible to at least add a note in the release notes warning people about this issue if they are using unbound in their configuration? So they can then make a more informed decision about whether to upgrade or not.

My backup firewall hasn't been upgraded yet, and 20.7.7_1 with unbound 1.13.0 is still being offered when I check for upgrades. So even if I read the release notes carefully, if I hit upgrade on that firewall, it would be guaranteed to break until unbound is manually reverted (after figuring out unbound had crashed and then finding this thread).
Logged

guest25283

  • Guest
Re: Unbound service routinely stopping/crashing following 20.7.7 update
« Reply #22 on: December 20, 2020, 02:10:01 pm »
Quote from: Fright on December 18, 2020, 03:53:19 pm
related?
https://github.com/NLnetLabs/unbound/issues/376

Meanwhile, I reverted to Unbound 1.12.0 using the command that was posted here.
However, it looks like a patch is now included in FreeBSD-ports, based on the latest reply on GitHub.
@franco any chance to include this in a hotfix release, before you guys start to enjoy your much deserved Christmas break? :-) (otherwise indeed a good idea to update the release notes post. Could save some frustration).
Logged

guest15389

  • Guest
Re: Unbound service routinely stopping/crashing following 20.7.7 update
« Reply #23 on: December 20, 2020, 02:24:42 pm »
Quote from: mimugmail on December 20, 2020, 07:20:04 am
Quote from: Animosity022 on December 19, 2020, 11:19:05 pm
It would be better to pull this update as it completely breaks the system and makes it unusable since DNS crashes over and over.

opnsense-revert -r 20.7.6 unbound

I was saying to stop pushing a patch that bricks your router.
Logged

alexroz

  • Newbie
  • *
  • Posts: 43
  • Karma: 0
    • View Profile
Re: Unbound service routinely stopping/crashing following 20.7.7 update
« Reply #24 on: December 20, 2020, 08:10:50 pm »
Same here.
I updated my opnsense instance to v 20.7.7_1  yesterday.
Today my unbound 1.13.0 crashed, and I can't start it back.
Rollback to unbound 1.12.0 with
Code: [Select]
opnsense-revert -r 20.7.6 unbound command didn't help.
I had no choice but completely disable unbound.
ְAny suggestions for alternative stable local DNS?
Logged

franco

  • Administrator
  • Hero Member
  • *****
  • Posts: 13624
  • Karma: 1172
    • View Profile
Re: Unbound service routinely stopping/crashing following 20.7.7 update
« Reply #25 on: December 20, 2020, 08:48:02 pm »
Quote from: Animosity022 on December 20, 2020, 02:24:42 pm
I was saying to stop pushing a patch that bricks your router.

That's not a reasonable way to describe a choice to update or revert. If Unbound wants 1.13.0 out being the only way to deal with a CVE it should make sure it works. Users need to accept the possibility that this is mostly the case, but not always.


Cheers,
Franco
Logged

guest15389

  • Guest
Re: Unbound service routinely stopping/crashing following 20.7.7 update
« Reply #26 on: December 20, 2020, 08:56:33 pm »
Quote from: franco on December 20, 2020, 08:48:02 pm
Quote from: Animosity022 on December 20, 2020, 02:24:42 pm
I was saying to stop pushing a patch that bricks your router.

That's not a reasonable way to describe a choice to update or revert. If Unbound wants 1.13.0 out being the only way to deal with a CVE it should make sure it works. Users need to accept the possibility that this is mostly the case, but not always.


Cheers,
Franco

If an update breaks a device and makes it not functional and the vendor understands the problem being caused (3rd party or not), they usually remove the broken update so it stops creating more havoc for people since it was not intended to break the device.


Logged

franco

  • Administrator
  • Hero Member
  • *****
  • Posts: 13624
  • Karma: 1172
    • View Profile
Re: Unbound service routinely stopping/crashing following 20.7.7 update
« Reply #27 on: December 20, 2020, 09:00:46 pm »
Quote from: Animosity022 on December 20, 2020, 08:56:33 pm
If an update breaks a device and makes it not functional and the vendor understands the problem being caused (3rd party or not), they usually remove the broken update so it stops creating more havoc for people since it was not intended to break the device.

There is a distinction I think is being missed here: "affects all people" vs. "affects some people".

Also, "break a device" is used opportunistically here. The device isn't bricked. The admin can still do something (if actually necessary, see first point).

Also maybe this is a bit unexpected: there is no clean rollback of published repositories with FreeBSD package manager. It can break your dependency chain worst case, deinstalling the core package leaving the device really really dead in the water. It's not a risk to take vs. first point.

There are more points, but I fear they are not relevant to the desires of the perfect consumer of the perfect project.


Cheers,
Franco
« Last Edit: December 20, 2020, 09:02:58 pm by franco »
Logged

Archanfel80

  • Jr. Member
  • **
  • Posts: 54
  • Karma: 6
    • View Profile
Re: Unbound service routinely stopping/crashing following 20.7.7 update
« Reply #28 on: December 20, 2020, 09:45:33 pm »
Affected our firewalls too, from 12 of 10. So its pretty much affect almost everyone, not just a few people.
Disabled unbound and using dnsmasq solve the issue.
Logged

lar.hed

  • Full Member
  • ***
  • Posts: 168
  • Karma: 5
    • View Profile
Re: Unbound service routinely stopping/crashing following 20.7.7 update
« Reply #29 on: December 20, 2020, 09:50:23 pm »
Quote from: alexroz on December 20, 2020, 08:10:50 pm
ְAny suggestions for alternative stable local DNS?

I would say DNSCrypt-proxy. That is what I use since I have (other) problems with Unbound (mainly DNSBL and network port going up/down with complete restart of Unbound and as a result DNS outage). However it is not as integrated with OPNsense...
Logged

  • Print
Pages: 1 [2] 3 4 ... 7
« previous next »
  • OPNsense Forum »
  • Archive »
  • 20.7 Legacy Series »
  • Unbound service routinely stopping/crashing following 20.7.7 update
 

OPNsense is an OSS project © Deciso B.V. 2015 - 2023 All rights reserved
  • SMF 2.0.19 | SMF © 2021, Simple Machines
    Privacy Policy
    | XHTML | RSS | WAP2