Re: Unbound on Debian 10 VM - Every query SERVFAIL

2020-02-03 Thread Toni Mueller via Unbound-users 


Hi Mark!

thank you for this hint!

On Mon, Feb 03, 2020 at 10:53:59PM +, Mark Picone via Unbound-users wrote:
> If unbound works correctly after restarting the service, you may need to 
> configure a systemd override.
> This was required to get the service to start correctly on boot on my Debian 
> 10.2 host.
> 
> root@host:~# grep After /lib/systemd/system/unbound.service
> After=network.target
> 
> root@host:~# cat /etc/systemd/system/unbound.service.d/override.conf
> [Unit]
> After=systemd-networkd-wait-online.service

I've just checked on my laptop: It's also 10.2. I added your override,
did a systemctl daemon-reload, and commented the do-ipv6: no statement
from Unbound's configuration. Then I restarted unbound. And I got
"SERVFAIL" immediately, on everything. Conversely, explicitly disabling
IPv6 and restarting Unbound made resolution work again, immediately, and
on the same names where resolution failed before.

I think this is a problem with at least Debian's version of Unbound
(1.9.0).


Cheers,
Toni

RE: Unbound on Debian 10 VM - Every query SERVFAIL

2020-02-03 Thread Mark Picone via Unbound-users 
If unbound works correctly after restarting the service, you may need to 
configure a systemd override.
This was required to get the service to start correctly on boot on my Debian 
10.2 host.

root@host:~# grep After /lib/systemd/system/unbound.service
After=network.target

root@host:~# cat /etc/systemd/system/unbound.service.d/override.conf
[Unit]
After=systemd-networkd-wait-online.service

Regards,

Mark Picone


From: unbound-users  On Behalf Of 
Brendan Konings via unbound-users
Sent: Thursday, 16 January 2020 2:22 PM
To: unbound-users@lists.nlnetlabs.nl
Subject: Unbound on Debian 10 VM - Every query SERVFAIL

Hello All,

I have set up a Debian 10 container in Proxmox, for the purpose of running 
pi-hole. This works fine.

I installed Unbound from apt, and configured as per these instructions: 
https://docs.pi-hole.net/guides/unbound
I reach the point of testing Unbound (before plugging in to pihole, so 
effectively a stand alone installation at this point), but the testing fails. 
Any dig sent to @http://127.0.0.1 -p 5353 (Unbound) returns SERVFAIL.

I have tried working out the issue with the pihole team, but my configuration 
matches other working systems, so something seems to be going wrong with my 
Unbound installation, or the OS environment it is running in.

Has anyone had issues running Unbound in a CT/Proxmox?

Kind Regards,
Brendan J Konings, BEng(Electronics)(Hons), BCompSc

https://keys.mailvelope.com/pks/lookup?op=get&search=0x9531F80123B4E094

Important Notice: The contents of this email are intended solely for the named 
addressee and are confidential; any unauthorised use, reproduction or storage 
of the contents is expressly prohibited. If you have received this email in 
error, please delete it and any attachments immediately and advise the sender 
by return email or telephone.

Deakin University does not warrant that this email and any attachments are 
error or virus free.

Re: Unbound on Debian 10 VM - Every query SERVFAIL

2020-02-03 Thread Toni Mueller via Unbound-users 
Hi Brendan,

On Thu, Jan 16, 2020 at 01:51:40PM +1030, Brendan Konings via unbound-users 
wrote:
> I have set up a Debian 10 container in Proxmox, for the purpose of running

I have Unbound on my laptop, also running Buster, and the same problem.

> fails. Any dig sent to @127.0.0.1 -p 5353 (Unbound) returns SERVFAIL.

I can confirm. I don't think it has anything to do with Proxmox.

Although the documentation says that Unbound will automatically figure
out whether to talk IPv4 or IPv6, or at least, that it does not prefer
IPv6, but only after saying

  do-ipv6: no

in the configuration and a server restart, things started to work.

To me, this looks like a bug. I would also like to note that, at least
these days, one can encounter both IPv4-only and IPv6-only networks, and
it's quite inconvenient to have to reconfigure the local unbound when
connecting your laptop to these kinds of networks.


HTH.


Cheers,
Toni

Re: Unbound on Debian 10 VM - Every query SERVFAIL

2020-01-16 Thread Ondřej Caletka via unbound-users 
Dne 16. 01. 20 v 4:21 Brendan Konings via unbound-users napsal(a):
> Any dig sent to @127.0.0.1  -p 5353 (Unbound) returns
> SERVFAIL.

Can you confirm (for instance by ss -ulnp) that it is actually Unbound
listening on port 5353? This port is assigned to Multicast DNS. Many
Linux distributions have a mdns daemon sitting on it.

--
Ondřej Caletka



signature.asc
Description: OpenPGP digital signature

___
unbound-users mailing list
unbound-users@lists.nlnetlabs.nl
https://lists.nlnetlabs.nl/mailman/listinfo/unbound-users

Re: Unbound on Debian 10 VM - Every query SERVFAIL

2020-01-15 Thread Brendan Konings via unbound-users 
The box itself does not allow the systemd time keeping system to start, due
to being in a container. I assume proxmox is working as the time keeper for
the containers.

Proxmox does sync time, and the time zone is set correctly on both
hypervisor and container.

So short answer is that running 'date' in the debian container returns the
correct time and time zone.


On Thu, 16 Jan. 2020, 17:05 Erik Dobák,  wrote:

>
>
> On Thu, 16 Jan 2020 at 04:22, Brendan Konings via unbound-users <
> unbound-users@lists.nlnetlabs.nl> wrote:
>
>> Hello All,
>>
>> I have set up a Debian 10 container in Proxmox, for the purpose of
>> running pi-hole. This works fine.
>>
>> I installed Unbound from apt, and configured as per these instructions:
>> https://docs.pi-hole.net/guides/unbound
>> I reach the point of testing Unbound (before plugging in to pihole, so
>> effectively a stand alone installation at this point), but the testing
>> fails. Any dig sent to @127.0.0.1 -p 5353 (Unbound) returns SERVFAIL.
>>
>> I have tried working out the issue with the pihole team, but my
>> configuration matches other working systems, so something seems to be going
>> wrong with my Unbound installation, or the OS environment it is running in.
>>
>> Has anyone had issues running Unbound in a CT/Proxmox?
>>
>> Kind Regards,
>> Brendan J Konings, BEng(Electronics)(Hons), BCompSc
>>
>> https://keys.mailvelope.com/pks/lookup?op=get&search=0x9531F80123B4E094
>>
>> ___
>> unbound-users mailing list
>> unbound-users@lists.nlnetlabs.nl
>> https://lists.nlnetlabs.nl/mailman/listinfo/unbound-users
>
> is yout time corrects on that box?
>
> E
>

___
unbound-users mailing list
unbound-users@lists.nlnetlabs.nl
https://lists.nlnetlabs.nl/mailman/listinfo/unbound-users

Re: Unbound on Debian 10 VM - Every query SERVFAIL

2020-01-15 Thread Erik Dobák via unbound-users 
On Thu, 16 Jan 2020 at 04:22, Brendan Konings via unbound-users <
unbound-users@lists.nlnetlabs.nl> wrote:

> Hello All,
>
> I have set up a Debian 10 container in Proxmox, for the purpose of running
> pi-hole. This works fine.
>
> I installed Unbound from apt, and configured as per these instructions:
> https://docs.pi-hole.net/guides/unbound
> I reach the point of testing Unbound (before plugging in to pihole, so
> effectively a stand alone installation at this point), but the testing
> fails. Any dig sent to @127.0.0.1 -p 5353 (Unbound) returns SERVFAIL.
>
> I have tried working out the issue with the pihole team, but my
> configuration matches other working systems, so something seems to be going
> wrong with my Unbound installation, or the OS environment it is running in.
>
> Has anyone had issues running Unbound in a CT/Proxmox?
>
> Kind Regards,
> Brendan J Konings, BEng(Electronics)(Hons), BCompSc
>
> https://keys.mailvelope.com/pks/lookup?op=get&search=0x9531F80123B4E094
>
> ___
> unbound-users mailing list
> unbound-users@lists.nlnetlabs.nl
> https://lists.nlnetlabs.nl/mailman/listinfo/unbound-users

is yout time corrects on that box?

E

___
unbound-users mailing list
unbound-users@lists.nlnetlabs.nl
https://lists.nlnetlabs.nl/mailman/listinfo/unbound-users