Ubuntu 18.04: unbound seems to stop working after a period of time

Jakob_Habedank · August 21, 2019, 8:00pm

Hi all,

I set up pi-hole with unbound on my ubuntu 18.04 machine. I followed the
instructions by pi-hole[1].

Clients can reach websites with this method but after some time I get
timeouts. Pihole is still forwarding requests to 127.0.0.1 but it seems
that unbound doesn't answer anymore. Even on the host machine I get
timeouts.

dig pi\-hole\.net @127\.0\.0\.1 \-p 5353

; &lt;&lt;&gt;&gt; DiG 9\.11\.3\-1ubuntu1\.8\-Ubuntu &lt;&lt;&gt;&gt; pi\-hole\.net @127\.0\.0\.1 \-p 5353
;; global options: \+cmd
;; connection timed out; no servers could be reached

Only `systemctl restart unbound` solves this problem. Unbound is still
running and doesn't show any obvious errors though.
I posted on the pi-hole forums and added quite some information there so
you might want to check the thread [2].

I'm quite new to Unix so please tell me what information you need to
help. Thanks!

[1] https://docs.pi-hole.net/guides/unbound/

[2]
https://discourse.pi-hole.net/t/pihole-on-ubuntu-18-04-with-unbound-fails-after-some-time/22585

Jakob_Habedank · August 23, 2019, 6:25am

It is weird to me. dig is getting timeouts on the host machine but logs
don't show anything after specific time:

journalctl \-f \-u unbound
\-\- Logs begin at Sat 2019\-08\-17 16:52:42 CEST\. \-\-
Aug 23 06:28:26 homeserver unbound\[21476\]: \[21476:0\] info: prime

trust anchor
Aug 23 06:28:26 homeserver unbound[21476]: [21476:0] info: resolving
. DNSKEY IN
Aug 23 06:28:26 homeserver unbound[21476]: [21476:0] info: validate
keys with anchor(DS): sec_status_secure
Aug 23 06:28:26 homeserver unbound[21476]: [21476:0] info:
Successfully primed trust anchor . DNSKEY IN
Aug 23 06:28:26 homeserver unbound[21476]: [21476:0] info: resolving
_ta-4a5c-4f66. NULL IN
Aug 23 06:28:26 homeserver unbound[21476]: [21476:0] info:
validate(positive): sec_status_secure
Aug 23 06:28:26 homeserver unbound[21476]: [21476:0] info:
validation success . DNSKEY IN
Aug 23 06:28:26 homeserver unbound[21476]: [21476:0] info: response
for _ta-4a5c-4f66. NULL IN
Aug 23 06:28:26 homeserver unbound[21476]: [21476:0] info: reply
from <.> 192.33.4.12#53
Aug 23 06:28:26 homeserver unbound[21476]: [21476:0] info: query
response was NXDOMAIN ANSWER

Moreover systemctl is reporting that unbound is still running. Is there
something else I could try?