-
-
Notifications
You must be signed in to change notification settings - Fork 341
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Unbound cannot be started after configuring dnscrypt #602
Comments
What is the error from unbound, that it prints why it cannot start? It can be found in the logs. |
How to output error log? |
The error logs should be located in the syslog for the machine. By default this is where unbound logs contents. You can configure unbound to log somewhere else with the log-file directive with a filename of your choice. And set the amount of logging with the verbosity directive. https://unbound.docs.nlnetlabs.nl/en/latest/manpages/unbound.conf.html#term-logfile-filename If you have trouble finding out why unbound does not start, there is a commandline option to help with that. To use it, start unbound from the commandline, from the terminal, and briefly attempt to start it from there. If it starts running, you would have to kill the process. By giving unbound the This is in the man page here. |
/usr/local/etc/unbound/unbound.conf:92: error: syntax error
|
The issue is a missing line between line 91 and 92, |
|
From what I can see, there is no listed combination with subnetcache and cachedb that is known to work. What you suggest seems reasonable, if that works, I can add it to the list of known combinations. |
I have added the combination to the list of allowed entries, in the commit above. |
thank you 😁 |
* nlnet/master: Changelog note for NLnetLabs#612: - Merge PR NLnetLabs#612: TCP race condition. - Fix NLnetLabs#588: Unbound 1.13.2 crashes due to p->pc is NULL in serviced_udp_callback. - Better bookkeeping when reclaiming the TCP buffer. - Mark waiting_tcp and serviced_query as being in the cb_and_decommission stage to signal later code about their state; prevents premature item deletion. Changelog note for NLnetLabs#610 - Fix NLnetLabs#610: Undefine-shift in sldns_str2wire_hip_buf. - Fix NLnetLabs#610: Undefine-shift in sldns_str2wire_hip_buf. - Add serviced_query timer to send upstream queries outside of the mesh flow to prevent race conditions. - For dnstap, do not wakeupnow right there. Instead zero the timer to force the wakeup callback asap. - For NLnetLabs#602: Allow the module-config "subnetcache validator cachedb iterator". - Add rpz: for-downstream: yesno option, where the RPZ zone is authoritatively answered for, so the RPZ zone contents can be checked with DNS queries directed at the RPZ zone. Changelog note for NLnetLabs#605: - Merge PR NLnetLabs#605: Fix EDNS to upstream where the same option could be attached more than once. - Make sure callback changes for EDNS are not lost. - Fix EDNS to upstream where the same option could be attached more than once. - Add a region to serviced_query for allocations.
The configuration is as follows:
interface: 0.0.0.0@8443
interface: ::0@8443
dnscrypt:
dnscrypt-enable: yes
dnscrypt-port: 8443
dnscrypt-provider: 2.dnscrypt-cert.exp.domain.com.
dnscrypt-secret-key: /etc/dnscrypt/ssl.key
dnscrypt-provider-cert: /etc/dnscrypt/ssl.cert
The text was updated successfully, but these errors were encountered: