Hi,
My name is Tri from Vietnam.
I got a problem when I config RPZ in unbound.
/etc/unbound/unbound.conf:36: error: unknown keyword ‘rpz’
/etc/unbound/unbound.conf:36: error: stray ‘:’
/etc/unbound/unbound.conf:37: error: syntax error
read /etc/unbound/unbound.conf failed: 3 errors in configuration file
Could you please help me to check it.
Thank you
Nguyễn Văn Trí via Unbound-users writes:
WHich version of unbound are you using?
The rpz got intrudoced "recently" (unbound 1.10.0).
Check with unbound -V
jaap
Hi,
Thanks for you quick response.
Version 1.9.4
Configure line: --build=x86_64-linux-gnu --prefix=/usr --includedir=${prefix}/include --mandir=${prefix}/share/man --infodir=${prefix}/share/info --sysconfdir=/etc --localstatedir=/var --disable-silent-rules --libdir=${prefix}/lib/x86_64-linux-gnu --libexecdir=${prefix}/lib/x86_64-linux-gnu --disable-maintainer-mode --disable-dependency-tracking --disable-rpath --with-pidfile=/run/unbound.pid --with-rootkey-file=/var/lib/unbound/root.key --with-libevent --with-pythonmodule --enable-subnet --enable-dnstap --enable-systemd --with-chroot-dir= --with-dnstap-socket-path=/run/dnstap.sock --libdir=/usr/lib
Linked libs: libevent 2.1.11-stable (it uses epoll), OpenSSL 1.1.1f 31 Mar 2020
Linked modules: dns64 python subnetcache respip validator iterator
BSD licensed, see LICENSE in source package for details.
Report bugs to unbound-bugs@nlnetlabs.nl or https://github.com/NLnetLabs/unbound/issues
How can i upgrade to the new version ?
Thanks
Nguyễn Văn Trí writes:
> Hi,
> Thanks for you quick response.
No problem, the time zone difference helps here :-).
>
> How can i upgrade to the new version ?
Given the output of unbound -V you provided, you seem to be using a
Linux based system. You might get an update from your provider. If
that fails, you can compile your own version.
See also the documentation at
https://unbound.docs.nlnetlabs.nl/en/latest/index.html and/or
https://www.nlnetlabs.nl/documentation/unbound/.
jaap
Hi,
I’ve been upgrade with the latest version: 1.13.1
But RPZ not working
Have the same error
How can i fix it?
Thanks
Nguyễn Văn Trí writes:
> Hi,
> I've been upgrade with the latest version: 1.13.1
> But RPZ not working
> Have the same error
> How can i fix it?
> Thanks
There might actually be an error in the config file, so you might
want to share that so we can have a look.
jaap
Hi,
here is my config file:
unbound.conf
Intersting, the file below doesn't has the syntax error. Are you sure the using an upgraded unbound-check.
By The Way, I can force the error you complained about by placicin a space between rpz and the colon as in:
rpz :
On then gets:
$ unbound-checkconf /tmp/trie.conf
/tmp/trie.conf:32: error: unknown keyword 'rpz'
/tmp/trie.conf:32: error: stray ':'
/tmp/trie.conf:33: error: syntax error
read /tmp/trie.conf failed: 3 errors in configuration file
Note, the line numbers differ from the original message you sent.
jaap
Nguyễn Văn Trí writes:
Hi,
Cuz I’ve been removing some blank lines. But it’s not the root cause.
Version 1.13.2
Configure line:
Linked libs: mini-event internal (it uses select), OpenSSL 1.1.1f 31 Mar 2020
Linked modules: dns64 respip validator iterator
BSD licensed, see LICENSE in source package for details.
Report bugs to unbound-bugs@nlnetlabs.nl or https://github.com/NLnetLabs/unbound/issues
2. Unbound-checkconf
/usr/local/etc/unbound/var/log/unbound: No such file or directory
[1634376986] unbound-checkconf[50224:0] fatal error: logfile directory does not exist
But still can not start unbound with RPZ.
Thanks
Nguyễn Văn Trí writes:
> 2. Unbound-checkconf
> # unbound-checkconf /etc/unbound/unbound.conf
> /usr/local/etc/unbound/var/log/unbound: No such file or directory
> [1634376986] unbound-checkconf[50224:0] fatal error: logfile directory does
> not exist
>
> But still can not start unbound with RPZ.
You aparently changed stuff you don't tell about. I cann not help you this way.
jaap
Hi,
Here are the unbound.conf file & log error:
access-control: ::0/0 allow
access-control: 0.0.0.0/0 allow
interface: 127.0.0.1
interface: ::1
interface: 0.0.0.0
port: 53
do-ip4: yes
do-ip6: yes
do-tcp: yes
do-udp: yes
verbosity: 1
log-queries: yes
hide-identity: yes
hide-version: yes
module-config: “validator python iterator”
module-config: “respip validator iterator”
statistics-interval: 0
extended-statistics: yes
statistics-cumulative: no
python:
python-script: “/etc/unbound/nxredirect.py”
rpz:
name: trinv.com
master: 192.0.0.2
Plz help me to fix it.
Thanks & Best Regards,
Nguyễn Văn Trí writes:
> Hi,
> Here are the unbound.conf file & log error:
The inboundcheck-conf doesn;t find an error. Given the errors, I
wouldn't be suprised if systemd starts something else than you
think.
Yes,
The syntax is correct but can not run with rpz.
I have no idea.
I have the feeling that you may have installed your updated unbound in /usr/local, but you still have your distribution's (old) version installed in /usr/, and perhaps your systemd unbound.service references the older version.
How did you install the updated unbound exactly?
Could you run "systemctl cat unbound" (as root), and post the output here?
Cheers.