Hello,
to resolve the rcctl start unbound timeout issue,
I tried increasing daemon_timeout value in multiple files (and failing)
finally i edited line 300 of /etc/rc.d/rc.subr
- [ -z "${daemon_timeout}" ] && daemon_timeout=30
+ [ -z "${daemon_timeout}" ] && daemon_timeout=300
------------------------------------------------------------------------------
The above fixed... it ...
but im not so sure I should be editing rc.subr like that...
Is there an easier / more elegant way of setting daemon_timeout
for unbound ?
I did try rebooting the box to ensure that settings took effect
The Long version of failed attempts is listed below for those interested
/etc/rc.conf.local
unbound_flags"daemon_timeout=300"
---------------------------------------------------
the above didnt seem to work
then I tired adding daemon_timout=300 to
/etc/login.conf
unbound:\
:openfiles=512:\
:daemon_timeout=300:\
:tc=daemon:
-----------------------------------------------------
the above didnt seem to work
then I tried daemon_timeout=300 in the top of
/etc/rc.d/unbound
daemon_timeout=300
-----------------------------------------------------
the above didnt seem to work
Thanks
On Thu, 25 Oct 2018 at 09:06, Tom Smyth <[email protected]> wrote:
>
> Hi Predrag,
>
> Thanks for taking a look,
> im running
> OpenBSD fns1.ogmaconnect.com 6.4 GENERIC.MP#364 amd64
> It would appear that the killed message was due to insufficient memory on the
> machine,
> However the issue with rcctl start unbound still remains despite the
> increase
> of the ram on the vm
>
> ok so it looks like you are getting the (timeout) when trying rcctl start
> unbound
> (I was getting this too)
> but if you try nohup unbound it will take about 30 seconds to load.... but it
> should run fine...
>
> the rcctl start
> when I look at the process list when I run rcctl start unbound it looks like
> the
> unbound-checkconf is called and then disappears from the process list after
> about 30 seconds, (and unbound its self doesnt start and we get a timeout
> message
>
> Im going to look at increasing the daemon timeout setting
> To see if that fixes the issue...
>
>
> On Thu, 25 Oct 2018 at 04:30, Predrag Punosevac <[email protected]> wrote:
> >
> > Tom Smyth wrote:
> >
> > > Hello all,
> > > unbound-checkconf "Killed" when cheking a large local zone config file
> > > rcctl start unbound fails because of the above command failing
> > >
> > > background
> > >
> > > we were migrating our dns filtering from one platform to openbsd
> > > so we have a basic unbound configuration file that loads another
> > > configuration file that contains zones for an educational institution
> > > to filter inappropiate sites for kids.
> > > the zone file is located below (89M)
> > > http://5.134.89.24/unboundlocalzone.conf
> > > the above file was loaded into /var/unbound/etc/
> > > and then was included in the unbound.conf file using the include
> > > directive
> > > include: /var/unbound/etc/unboundlocalzone.conf
> > >
> > > when I run unbound-checkconf it runs for about 30 seconds and then
> > > i see a "Killed" message on the commandline
> > >
> >
> > I just run unbound-checkconf with your local zone file and I can't
> > reproduce your report
> >
> > oko# uname -a
> > OpenBSD oko.bagdala2.net 6.4 GENERIC.MP#364 amd64
> >
> > oko# ls -l
> > total 183368
> > -rw-r--r-- 1 root wheel 2366 Oct 24 23:03 unbound.conf
> > -rw-r--r-- 1 _unbound _unbound 93821046 Oct 24 23:00
> > unboundlocalzone.conf
> >
> > oko# head -10 unboundlocalzone.conf
> >
> > server:
> > local-zone: "000000000gratisporno.ontheweb.nl" redirect
> > local-data: "000000000gratisporno.ontheweb.nl A 5.134.89.24"
> > local-zone: "000000000sexe.free.fr" redirect
> > local-data: "000000000sexe.free.fr A 5.134.89.24"
> > local-zone: "00000nwebcamnow.com" redirect
> > local-data: "00000nwebcamnow.com A 5.134.89.24"
> > local-zone: "0000.1.free.fr" redirect
> > local-data: "0000.1.free.fr A 5.134.89.24"
> > local-zone: "000069.com" redirect
> >
> >
> >
> > oko# grep "include" unbound.conf
> >
> > include: "/var/unbound/etc/unboundlocalzone.conf"
> >
> > oko# unbound-checkconf
> > unbound-checkconf: no errors in /var/unbound/etc/unbound.conf
> >
> >
> > It did take good 30-45 seconds for my machine to parse the file. However
> > I was NOT able to start the unbound with your zone file due to the time
> > out error.
> >
> > oko# rcctl start unbound
> > unbound(timeout)
> >
> >
> > I have four cores and 16 GB of RAM on this machine. I can try
> > tomorrow at work on much more powerful machine with 64 GB of RAM.
> >
> > Cheers,
> > Predrag
> >
> >
> >
> >
> > > rcctl start unbound fails after about the same time and it woudl appear
> > > that the rcctl script calls unbound-checkconf before starting the
> > > unbound
> > >
> > > however running unbound or nohup unbound works fine..
> > > to load that local zone into memory it takes about 4G of Ram,
> > >
> > > /var/log/messages is clear
> > > /var/log/daemon is clear
> > >
> > >
> > >
> > >
> > >
> > > --
> > > Kindest regards,
> > > Tom Smyth
> >
>
>
> --
> Kindest regards,
> Tom Smyth
>
> Mobile: +353 87 6193172
> The information contained in this E-mail is intended only for the
> confidential use of the named recipient. If the reader of this message
> is not the intended recipient or the person responsible for
> delivering it to the recipient, you are hereby notified that you have
> received this communication in error and that any review,
> dissemination or copying of this communication is strictly prohibited.
> If you have received this in error, please notify the sender
> immediately by telephone at the number above and erase the message
> You are requested to carry out your own virus check before
> opening any attachment.
--
Kindest regards,
Tom Smyth
Mobile: +353 87 6193172
The information contained in this E-mail is intended only for the
confidential use of the named recipient. If the reader of this message
is not the intended recipient or the person responsible for
delivering it to the recipient, you are hereby notified that you have
received this communication in error and that any review,
dissemination or copying of this communication is strictly prohibited.
If you have received this in error, please notify the sender
immediately by telephone at the number above and erase the message
You are requested to carry out your own virus check before
opening any attachment.
