20.7.7 upgrade made unbound unstable

Started by ssbarnea, December 24, 2020, 01:39:04 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
December 24, 2020, 01:39:04 PM Last Edit: December 24, 2020, 01:56:50 PM by ssbarnea
Something really happened with 20.7.7 upgrade that got the Unbound resolved to a status where it stops responding, quite often, sometimes even after less than 24h.

Reloading all services does restore it but that is not something I want to do. So far I was not able to identify what is causing this as the logs are huge and I do not know what to search for in them.

Clearly this is a regression as it was not happening until recently. I do use `Enable DNSSEC Support`, logging verbosity is 2.

The only thing weird I found on resolver logs was a small number of lines like:
notice: sendto failed: Permission denied

Update: But at the same time I was able to spot something interesting general log, which may correlate with the moment it went down. Maybe is not really the dns? Still I have no idea how to fix it. I do use ipv6 and is fixed.


2020-12-24T12:36:42   opnsense[95177]   /usr/local/etc/rc.newwanipv6: Failed to detect IP for WAN[wan]   
2020-12-24T12:36:40   dhcp6c[99706]   transmit failed: Can't assign requested address   
2020-12-24T12:36:39   opnsense[40415]   /usr/local/etc/rc.newwanipv6: Failed to detect IP for WAN[wan]   
2020-12-24T12:20:10   opnsense[7251]   /usr/local/etc/rc.newwanipv6: Failed to detect IP for WAN[wan]   
2020-12-24T12:20:05   opnsense[72599]   /usr/local/etc/rc.newwanipv6: Failed to detect IP for WAN[wan]   
2020-12-23T23:08:08   opnsense[9414]   /usr/local/etc/rc.newwanipv6: Failed to detect IP for WAN[wan]   
2020-12-23T23:08:06   dhcp6c[99706]   transmit failed: Can't assign requested address

December 24, 2020, 02:36:30 PM #1
This issue (or related) has been covered already in >> https://forum.opnsense.org/index.php?topic=20516.0

You should test with the provided upgrade of unbound to 1.13.1 in this thread and report back if it solved your issue.
December 24, 2020, 03:10:51 PM #2
Thanks, I applied `opnsense-revert -r 20.7.6 unbound` and I will find out soon. I am also watching the upstream bug.

I will report the results in a day or two. Hopefully my xmas streaming would not be affected.
December 24, 2020, 03:21:38 PM #3
It fixed it for me. The did restart unbound aftewards.
January 01, 2021, 10:26:12 PM #4
Don't know if this helps:
2021-01-01T15:19:44   monit[21916]   'UNBOUND' connection succeeded to [127.0.0.1]:53 [UDP/IP]   
2021-01-01T15:18:43   monit[21916]   'UNBOUND' start: '/usr/local/sbin/pluginctl -s unbound start'   
2021-01-01T15:18:43   monit[21916]   'UNBOUND' stop: '/usr/local/sbin/pluginctl -s unbound stop'   
2021-01-01T15:18:43   monit[21916]   'UNBOUND' trying to restart   
2021-01-01T15:18:43   monit[21916]   'UNBOUND' failed protocol test [DNS] at [127.0.0.1]:53 [UDP/IP] -- DNS: error receiving response -- Resource temporarily unavailable   
2021-01-01T15:18:24   kernel   -> pid: 72522 ppid: 1 p_pax: 0xa50<SEGVGUARD,ASLR,NOSHLIBRANDOM,NODISALLOWMAP32BIT>   
2021-01-01T15:18:24   kernel   [HBSD SEGVGUARD] [unbound (72522)] Suspension expired.   
2021-01-01T15:18:24   kernel   pid 72522 (unbound), jid 0, uid 59: exited on signal 11
Print
Go Up Pages1
User actions