restarting unbound by cron

Started by JL, August 20, 2018, 03:02:37 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
August 20, 2018, 03:02:37 PM
Because of recurring performance issues with unbound i think it is wise to restart the service every n hours.

I could not find the way to configure this from the web interface or in the manual pages.

Please advise.


Thank you
October 17, 2018, 12:53:28 AM #1
Bump. Same problem. Thanks!
November 12, 2018, 10:23:43 PM #2
Bump, please. This is becoming a significant issue for us and requires manual restart of unbound at least daily.
November 27, 2018, 12:58:47 PM #3
Check this:

https://github.com/opnsense/core/issues/2894

the command to restart unbound is "/usr/local/sbin/pluginctl dns", just add it to /etc/crontab (the next firmware update will overwrite crontab, but if you're looking for a solution until unbound is updated that's probably it)
January 24, 2019, 04:20:47 PM #4
Confirmed, this is still an issue on:

OPNsense 18.7.10_3-amd64
FreeBSD 11.1-RELEASE-p18
OpenSSL 1.0.2q 20 Nov 2018

We are having to manually restart unbound on average at least once a day.
January 24, 2019, 10:17:13 PM #5
Working from this thread and the following posts: https://forum.opnsense.org/index.php?topic=2263.0 and http://kb.unixservertech.com/other/networking/opnsense/cron-jobs I was able to create the following and get everything to work from the command line, and schedule via the Cron GUI, but it is still failing to run via the Cron GUI  ???

Here are the steps I followed, please help me understand where I failed.

Use vi to create file:
Code Select
root@opnsense:~ # vi /usr/local/opnsense/service/conf/actions.d/actions_unbound_restart.conf

Information in file:
Code Select
[restart]
command:/usr/local/sbin/pluginctl dns
parameters:
type:script
message:Restart Unbound DNS Service
description:Restart Unbound DNS Service

Restart configd service:
Code Select
root@opnsense:~ # service configd restart
Stopping configd...done
Starting configd.

Verify new action file works as expected:
Code Select
root@opnsense:~ # configctl unbound_restart restart
OK

Next I went to Services:Unbound DNS:Log File and the logs show Unbound restarted successfully.
Code Select
Date                Message
Jan 24 16:01:29     unbound: [67123:0] info: start of service (unbound 1.8.3).

Then I did this to ensure it would show up in the OPNsense GIU:
Code Select
root@opnsense:~ # /usr/local/etc/rc.restart_webgui
Starting web GUI...done.
Generating RRD graphs...done.

I then went to System:Settings:Cron and created a cron job (image attached):

But when the time comes for it to run and I then check Services:Unbound DNS:Log File I do not see that it has restarted.

Please help.

Thanks!
January 24, 2019, 10:18:06 PM #6
Screenshot
January 25, 2019, 11:12:10 PM #7
Are you guys with crashing Unbound using:

[ ] LibreSSL
[ ] DNS over HTTPS (manual options)
[ ] DNS over TLS (manual options)


Cheers,
Franco
January 26, 2019, 06:25:42 PM #8 Last Edit: January 26, 2019, 06:44:25 PM by mtn406
My apologies, we have no idea why unbound keeps dying. If you can direct me where to look or which log files to post I will. Attached is a screenshot of our unbound config page. I do not think we are running LibreSSL as it is not selected in the firmware page, screenshot also attached.

OPNsense 18.7.10_3-amd64
FreeBSD 11.1-RELEASE-p18
OpenSSL 1.0.2q 20 Nov 2018

Many thanks!
January 30, 2019, 12:37:16 PM #9
It could be an unstable WAN causing this... unstable in general or IPv6 in particular. Make sure to disable IPv6 if you don't have connectivity from your ISP and watch out for the system log restarting the WAN interface.

In general, crashes for Unbound need to be reported with Unbound authors. We can deal with configuration errors, but not with segmentation faults without touching code we shouldn't touch.


Cheers,
Franco
January 30, 2019, 09:23:45 PM #10
Ok, we will investigate this, thank you!
Print
Go Up Pages1
User actions