Re: Unbound exiting on stats write failure?,Re: Unbound exiting on stats write failure?

[Havard Eidnes via Unbound-users]

> The error is on a pipe between unbound processes (threads).  It should
> not be out of resources (it might block of course, waiting for them, and
> blocking pipes are not a problem for unbound, but this error is like a
> pipe randomly breaks up).

Hm.

> Are you on OpenBSD?  Perhaps upgrade the kernel?

Nope, on NetBSD 7.0.

Regards,

- Håvard

Unbound exiting on stats write failure?

[Havard Eidnes via Unbound-users]

Hi,

one of our unbound hosts recently exited, and before it did, it
logged this:

  Sep 19 14:25:56 xxx unbound: [96:4] error: tube msg write failed: 
Resource temporarily unavailable
  Sep 19 14:25:56 xxx unbound: [96:4] fatal error: could not write stat 
values over cmd channel

Now, we're periodically polling stats via "unbound-control stats" and
feeding this into collectd, and our collectd hasn't exactly been fully
stable.  However, is there a good reason the failure to write the
stats values is considered a fatal error?  One would have thought that
it would not be, and that abandoning the output channel would be a
rasonable error recovery mechanism, allowing the main task of unbound
to proceed uninterrupted?

Regards,

- Håvard

Re: Unbound exiting on stats write failure?

[W.C.A. Wijngaards via Unbound-users]

Hi Havard,

The error is on a pipe between unbound processes (threads).  It should
not be out of resources (it might block of course, waiting for them, and
blocking pipes are not a problem for unbound, but this error is like a
pipe randomly breaks up).

Are you on OpenBSD?  Perhaps upgrade the kernel?

Best regards, Wouter

On 20/09/16 09:47, Havard Eidnes via Unbound-users wrote:
> Hi,
> 
> one of our unbound hosts recently exited, and before it did, it
> logged this:
> 
>   Sep 19 14:25:56 xxx unbound: [96:4] error: tube msg write failed: 
> Resource temporarily unavailable
>   Sep 19 14:25:56 xxx unbound: [96:4] fatal error: could not write stat 
> values over cmd channel
> 
> Now, we're periodically polling stats via "unbound-control stats" and
> feeding this into collectd, and our collectd hasn't exactly been fully
> stable.  However, is there a good reason the failure to write the
> stats values is considered a fatal error?  One would have thought that
> it would not be, and that abandoning the output channel would be a
> rasonable error recovery mechanism, allowing the main task of unbound
> to proceed uninterrupted?
> 
> Regards,
> 
> - Håvard
> 




signature.asc
Description: OpenPGP digital signature

Re: [NLnet Labs Maintainers] Unbound 1.5.10rc1 prerelease

[Paul Wouters via Unbound-users]

On Tue, 20 Sep 2016, W.C.A. Wijngaards wrote:


Unbound 1.5.10rc1 prerelease is available:
http://www.unbound.net/downloads/unbound-1.5.10rc1.tar.gz
sha256 2e4caddab49bb07900d5ae8d9d4571ee1f32d2d3cabac6c02d6cfc3f78907fa8
pgp http://www.unbound.net/downloads/unbound-1.5.10rc1.tar.gz.asc
win32 http://www.unbound.net/downloads/unbound-1.5.10rc1.zip and
http://www.unbound.net/downloads/unbound_setup_1.5.10rc1.exe

This is the maintainers prerelease to catch packaging and release issues.


Seems to work, although I haven't tested any of the new features.

Paul

Unbound 1.5.10rc1 prerelease

[W.C.A. Wijngaards via Unbound-users]

Unbound 1.5.10rc1 prerelease is available:
http://www.unbound.net/downloads/unbound-1.5.10rc1.tar.gz
sha256 2e4caddab49bb07900d5ae8d9d4571ee1f32d2d3cabac6c02d6cfc3f78907fa8
pgp http://www.unbound.net/downloads/unbound-1.5.10rc1.tar.gz.asc
win32 http://www.unbound.net/downloads/unbound-1.5.10rc1.zip and
http://www.unbound.net/downloads/unbound_setup_1.5.10rc1.exe

This is the maintainers prerelease to catch packaging and release issues.

In this release there is a fix for long downtime after connectivity
loss, which was a longstanding unsolved issue.  Features for tcp, TCP
Fast Open and timeout pressure to close connections when the tcp
connections are getting full.  Option to use ipv6 /64 for extra entropy.


Features
-   Create a pkg-config file for libunbound in contrib.
-   TCP Fast open patch from Sara Dickinson.
-   Finegrained localzone control with define-tag, access-control-tag,
access-control-tag-action, access-control-tag-data, local-zone-tag, and
local-zone-override. And added types always_transparent, always_refuse,
always_nxdomain with that.
-   If more than half of tcp connections are in use, a shorter timeout
is used (200 msec, vs 2 minutes) to pressure tcp for new connects.
-   [bugzilla: 787 ] Fix #787: outgoing-interface netblock/64 ipv6
option to use linux freebind to use 64bits of entropy for every query
with random local part.
-   For #787: prefer-ip6 option for unbound.conf prefers to send
upstream queries to ipv6 servers.
-   Add default root hints for IPv6 E.ROOT-SERVERS.NET, 2001:500:a8::e.
-   keep debug symbols in windows build.

Bug Fixes
-   [bugzilla: 778 ] Fix unbound 1.5.9: -h segfault (null deref).
-   Fix unbound-anchor.exe file location defaults to Program Files with
(x86) appended.
-   Fix to not ignore return value of chown() in daemon startup.
-  Better help text from -h (from Ray Griffith).
-   [bugzilla: 773 ] Fix Non-standard Python location build failure with
pyunbound.
-   Improve threadsafety for openssl 0.9.8 ecdsa dnssec signatures.
-   Revert fix for NetworkService account on windows due to breakage it
causes.
-   Fix that windows install will not overwrite existing service.conf
file (and ignore gui config choices if it exists).
-   And delete service.conf.shipped on uninstall.
-   In unbound.conf directory: dir immediately changes to that
directory, so that include: file below that is relative to that
directory. With chroot, make the directory an absolute path inside chroot.
-   do not delete service.conf on windows uninstall.
-   document directory immediate fix and allow EXECUTABLE syntax in it
on windows.
-   Fix directory: fix for unbound-checkconf, it restores cwd.
-   Use QTYPE=A for QNAME minimisation.
-   Keep track of number of time-outs when performing QNAME
minimisation. Stop minimising when number of time-outs for a QNAME/QTYPE
pair is more than three.
-   [bugzilla: 775 ] Fix unbound-host and unbound-anchor crash on
windows, ignore null delete for wsaevent.
-   Fix spelling in freebind option man page text.
-   Fix windows link of ssl with crypt32.
-   [bugzilla: 779 ] Fix Union casting is non-portable.
-   [bugzilla: 780 ] Fix MAP_ANON not defined in HP-UX 11.31.
-   [bugzilla: 781 ] Fix prealloc() is an HP-UX system library call.
-   Decrease dp attempts at each QNAME minimisation iteration
-   [bugzilla: 784 ] Fix Build configure assumess that having getpwnam
means there is endpwent function available.
-   Updated repository with newer flex and bison output.
-   Fix static compile on windows missing gdi32.
-   Fix dynamic link of anchor-update.exe on windows.
-   Fix detect of mingw for MXE package build.
-   Fixes for 64bit windows compile.
-   [bugzilla: 788 ] Fix for nettle 3.0: Failed to build with Nettle >=
3.0 and --with-libunbound-only --with-nettle.
-   Fixed unbound.doxygen for 1.8.11.
-   [bugzilla: 798 ] Fix Client-side TCP fast open fails (Linux).
-   [bugzilla: 801 ] Fix missing error condition handling in
daemon_create_workers().
-   [bugzilla: 802 ] Fix workaround for function parameters that are
"unused" without log_assert.
-   [bugzilla: 803 ] Fix confusing (and incorrect) code comment in
daemon_cleanup().
-   [bugzilla: 806 ] Fix wrong comment removed.
-   use sendmsg instead of sendto for TFO.
-   [bugzilla: 807 ] Fix workaround for possible some "unused" function
parameters in test code, from Jinmei Tatuya.
-   Note that OPENPGPKEY type is RFC 7929.
-   [bugzilla: 804 ] Fix #804: unbound stops responding after outage.
Fixes queries that attempt to wait for an empty list of subqueries.
-   Fix for #804: lower num_target_queries for iterator also for failed
lookups.
-   [bugzilla: 820 ] Fix set sldns_str2wire_rr_buf() dual meaning len
parameter in each iteration in find_tag_datas().
-   [bugzilla: 777 ] Fix OpenSSL 1.1.0 compatibility, patch from
Sebastian A. Siewior.
-   RFC 7958 is now out, updated docs for unbound-anchor.
-   Fix for compile without warnings with openssl 1.1.0.
-   [bugzilla: 826 ] Fix refuse_non_local