Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
17.7 Legacy Series
»
Unbound restarts
« previous
next »
Print
Pages: [
1
]
Author
Topic: Unbound restarts (Read 3880 times)
dcol
Hero Member
Posts: 635
Karma: 51
Unbound restarts
«
on:
November 13, 2017, 12:55:56 am »
Figured I start a new thread instead of reviving an old one.
Unbound DNS restarts every few seconds when IPS Mode is enabled. DHCP server is disabled, I don't need it.
If I uncheck the IPS Mode, then Unbound DNS stays on as well as the internet connection.
This is a fresh install of OPNsense 17.7 on a Supermicro system with an 8 core Intel C2758.Using all the default IDS settings. Everything works great until I turn on IPS mode. Tried 2 different Intel igb NIC's.
[UPDATE] Reinstalled OPNsense from scratch and now there are no more issues with Unbound.
«
Last Edit: November 13, 2017, 10:01:14 pm by dcol
»
Logged
franco
Administrator
Hero Member
Posts: 17661
Karma: 1611
Re: Unbound restarts
«
Reply #1 on:
November 14, 2017, 04:45:54 am »
Hi dcol,
Suricata seemed to have unspecified allergies against the resolver operation somewhere between late 17.1.x and early 17.7.x. We never got to the bottom of it. Some said older suricata worked better, but we suspected an interaction with et open rules but now it seems to be resolved either through latest suricata or new rulesets.
More dat points are alwasys useful so here are two questions.
Did you use a subset of et open? Did you upgrade after 17.7 install before trying IPS in both cases?
Cheers,
Franco
Logged
dcol
Hero Member
Posts: 635
Karma: 51
Re: Unbound restarts
«
Reply #2 on:
November 14, 2017, 03:52:17 pm »
Thanks for the response. I have more data.
I thought the issue disappeared because I switched the WAN and gateway to DHCP. As soon as I went back to Static, Unbound is again having restart issues when IPS is enabled.
Here is why. I am using the same gateway on a pfsense box with a different WAN IP,
I was assigned 4 IP's by my ISP with one gateway. So the OPNsense box is clashing with the pfsense box competing with the same gateway. This seems to be a problem for IPS. Pfsense box is running Suricata in legacy mode, not inline. The pfsense box has never been able to run inline because of too many netmap bad packet errors.
And ys, I used the ET open rules and updated them. Everything worked when I was using DHCP for the WAN except when I left it to run overnight, the internet connection was broken the next day.
My question is, is there a way to isolate the gateway from the two firewalls boxes?
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
17.7 Legacy Series
»
Unbound restarts