DNSCrypt-Proxy + Unbound = need to restart service after the boot

[karlson2k]

Hello,

I have combination of DNSCrypt-Proxy + Unbound configured as described at https://docs.opnsense.org/manual/how-tos/dnscrypt-proxy.html and https://forum.opnsense.org/index.php?topic=10670.0.

The problem is uncoordinated starts of DNSCrypt-Proxy and Unbound.
During the boot process Unbound started usually before DNSCrypt-Proxy and even when DNSCrypt-Proxy is started, Unbound still fails to resolve addresses. This could be solved by manual restart of Unbound service, but it is quite annoying to manually restart Unbound after each reboot.

Could it be solved somehow?

[blblblb]

+1 this is causing me issues too. I also replied to the thread about SERVFAIL responses that creep up over time.

[franco]

> The problem is uncoordinated starts of DNSCrypt-Proxy and Unbound.

For a rigid system and traceable bootup sequence "uncoordinated" is a strange word. If you rely with core tools like  Unbound on plugin tools such as Dnscrypt-proxy of course you will run into design obstacles for the simple fact that core tools are started before plugin tools.

If you just want to restart Unbound after Dnscrypt-proxy you can use the autostart described here:

https://docs.opnsense.org/development/backend/autorun.html

The "start" priority should be higher than 50 to let plugins start first, e.g. 60 is fine for the script. And the command to restart Unbound is:

pluginctl dns


Cheers,
Franco