[Unbound-users] New member, maybe old question?

Filipe Cifali cifali.filipe at gmail.com
Fri Jun 6 11:34:03 UTC 2014


Well, compiled from source and it worked, thanks for the tip to search
for SO_REUSEADDR,
it helped me to debug this!

But I still get the same behavior as before, the reply comes w/ ethernet IP
not loopback IP.


On Thu, Jun 5, 2014 at 7:13 AM, Filipe Cifali <cifali.filipe at gmail.com>
wrote:

> I'll update the kernel to search for that option, running 3.10.10 atm.
>
> Yes I have binds running on another 2 interfaces (that's one reason for
> not running 0.0.0.0, the other is: simple configure the only IPs for him to
> use that he needs only)
>
>
> On Thu, Jun 5, 2014 at 4:38 AM, W.C.A. Wijngaards <wouter at nlnetlabs.nl>
> wrote:
>
>> -----BEGIN PGP SIGNED MESSAGE-----
>> Hash: SHA1
>>
>> Hi Filipe,
>>
>> For me such a trace would end like this (with interface-automatic: yes):
>> socket(PF_INET, SOCK_DGRAM, IPPROTO_IP) = 5
>> setsockopt(5, SOL_SOCKET, SO_REUSEADDR, [1], 4) = 0
>> setsockopt(5, SOL_IP, IP_MTU_DISCOVER, [0], 4) = 0
>> bind(5, {sa_family=AF_INET, sin_port=htons(53),
>> sin_addr=inet_addr("0.0.0.0")}, 16) = 0
>>
>> Notice the SO_REUSEADDR option. The trace you post is missing that.
>> That must be a #ifdef SO_REUSEADDR that fails at compile time
>> (services/listen_dnsport.c) ?
>>
>> In latest code there is a so-reuseport option for linux (very recent
>> 3.9) kernels.  This option is really there to distribute queries over
>> threads more easily, but it may also act like reuseaddr in some ways
>> that you need.
>>
>> Also, something else is using port 53 somehow?  Or does your system
>> have secure-linux or something like that that prevents binding to this
>> port by any old program?
>>
>> Best regards,
>>    Wouter
>>
>> On 06/04/2014 11:32 PM, Filipe Cifali wrote:
>> > Just installed -> http://pastebin.com/R8wLXrX7
>> >
>> > Just tried w/ only interface-automatic: yes (no interface: ips)
>> > and still same error.
>> >
>> > Thanks for the help everyone btw.
>> >
>> >
>> >
>> > On Wed, Jun 4, 2014 at 6:15 PM, W.C.A. Wijngaards
>> > <wouter at nlnetlabs.nl <mailto:wouter at nlnetlabs.nl>> wrote:
>> >
>> > Hi Filipe,
>> >
>> > On 06/04/2014 07:33 PM, Filipe Cifali wrote:
>> >> On Wed, Jun 4, 2014 at 7:17 AM, Jarno Huuskonen
>> >> <jarno.huuskonen at uef.fi <mailto:jarno.huuskonen at uef.fi>
>> >
>> >> Have you tested with interface-automatic: yes ?
>> >
>> >> interface-automatic: yes works for me with keepalived managed
>> >> vips (and interface: 0.0.0.0).
>> >
>> >> -Jarno
>> >
>> >
>> >
>> >> Yes, I have tested, which returned the message that I sent
>> >> before:
>> >
>> >> $ /usr/sbin/unbound -d -c /etc/unbound/unbound.conf [1401816527]
>> >> unbound[19141:0] error: bind: address already in use
>> >> [1401816527] unbound[19141:0] fatal error: could not open ports
>> >
>> >> Which makes no sense (interface: 0.0.0.0) since there's nothing
>> >> already runinng on 53
>> >
>> > If you enable interface-automatic, the interface: statements are
>> > ignored, the code uses 0.0.0.0 (and ::0 if ipv6 is enabled), and
>> > the options should make it work.  So if there is nothing running,
>> > why does it fail?  Use strace? (that shows trace of system calls).
>> > Could it be that ipv4 works but the bind to ::0 for ipv6 somehow
>> > fails?  This is controlled with do-ip6.
>> >
>> > Best regards, Wouter
>> >
>> > _______________________________________________ Unbound-users
>> > mailing list Unbound-users at unbound.net
>> > <mailto:Unbound-users at unbound.net>
>> > http://unbound.nlnetlabs.nl/mailman/listinfo/unbound-users
>> >
>> >
>> >
>> >
>> > -- [ ]'s
>> >
>> > Filipe Cifali Stangler
>>
>> -----BEGIN PGP SIGNATURE-----
>> Version: GnuPG v1
>> Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
>>
>> iQIcBAEBAgAGBQJTkB5pAAoJEJ9vHC1+BF+NuwcP/ikSxBbBdeLMmvD3hGW1iztN
>> yBf6xsSxlwtQdIcdxaweYBBWQEUKlLzGEzQoRr/Pz+695zYzAHjoy4i27H39jkI8
>> MgDYeEKqFE+g9xB7ZZHyePLbNEP4TU/M1foG/laRfWhgQblL208ViXrz9zjeAXFR
>> wvFKsDYdXuTzfQv9zDG7tj4uJo5Rb6XUQLHC/8fe0t/hW7v+senbenbxRk2x+tbf
>> KUZtF6RG7F7A2Tt8Bv0W4i8Tmw8/2mBSeyBRa6n0LiH5hz+nvodvWLksFPez6qZu
>> iSvUwyxQrk/H9TZSPqIyaq7k1+Bn1ACw/r2lWPYaex3hHfpEEqhUER2aMFAzkAM/
>> iE+j8YfsOUl0p8x4i32p3V76u/UBKtHg0CeX5u2Bx/3b6PKcIoU9OrXdTlKaQvQ6
>> j1s3frU/scp84grZFNKCkuw4rxRf+bOrv2jksD1gCnUXb5vv9hhw9WGuQXRn2AEP
>> qZn8cR/bfiFfp6qdZSUSDfHab0DjuUyBhZPVy+3zw9XlntN0KJtfmtyGSR1Gh2Lk
>> aIjfbbS5cZM7FP6xlG+mM1CTi78TNq0FH4LcAfMEXhXMbHOR+0lN+B9wgvAspsfr
>> gzxRqhV1iXAz5mhiDF+75cBDJNQjIJ/bP5RrJ6bNj2/47XO6q6ZIYC+6ciWOEVPS
>> WtauCXjH5qId9FiDLyn9
>> =XY4t
>> -----END PGP SIGNATURE-----
>>
>
>
>
> --
> [ ]'s
>
> Filipe Cifali Stangler
>



-- 
[ ]'s

Filipe Cifali Stangler
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nlnetlabs.nl/pipermail/unbound-users/attachments/20140606/5cd1f029/attachment.htm>


More information about the Unbound-users mailing list