Maintained by: NLnet Labs

[Unbound-users] New member, maybe old question?

W.C.A. Wijngaards
Thu Jun 5 09:38:21 CEST 2014


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi Filipe,

For me such a trace would end like this (with interface-automatic: yes):
socket(PF_INET, SOCK_DGRAM, IPPROTO_IP) = 5
setsockopt(5, SOL_SOCKET, SO_REUSEADDR, [1], 4) = 0
setsockopt(5, SOL_IP, IP_MTU_DISCOVER, [0], 4) = 0
bind(5, {sa_family=AF_INET, sin_port=htons(53),
sin_addr=inet_addr("0.0.0.0")}, 16) = 0

Notice the SO_REUSEADDR option. The trace you post is missing that.
That must be a #ifdef SO_REUSEADDR that fails at compile time
(services/listen_dnsport.c) ?

In latest code there is a so-reuseport option for linux (very recent
3.9) kernels.  This option is really there to distribute queries over
threads more easily, but it may also act like reuseaddr in some ways
that you need.

Also, something else is using port 53 somehow?  Or does your system
have secure-linux or something like that that prevents binding to this
port by any old program?

Best regards,
   Wouter

On 06/04/2014 11:32 PM, Filipe Cifali wrote:
> Just installed -> http://pastebin.com/R8wLXrX7
> 
> Just tried w/ only interface-automatic: yes (no interface: ips)
> and still same error.
> 
> Thanks for the help everyone btw.
> 
> 
> 
> On Wed, Jun 4, 2014 at 6:15 PM, W.C.A. Wijngaards
> <wouter at nlnetlabs.nl <mailto:wouter at nlnetlabs.nl>> wrote:
> 
> Hi Filipe,
> 
> On 06/04/2014 07:33 PM, Filipe Cifali wrote:
>> On Wed, Jun 4, 2014 at 7:17 AM, Jarno Huuskonen 
>> <jarno.huuskonen at uef.fi <mailto:jarno.huuskonen at uef.fi>
> 
>> Have you tested with interface-automatic: yes ?
> 
>> interface-automatic: yes works for me with keepalived managed
>> vips (and interface: 0.0.0.0).
> 
>> -Jarno
> 
> 
> 
>> Yes, I have tested, which returned the message that I sent
>> before:
> 
>> $ /usr/sbin/unbound -d -c /etc/unbound/unbound.conf [1401816527] 
>> unbound[19141:0] error: bind: address already in use
>> [1401816527] unbound[19141:0] fatal error: could not open ports
> 
>> Which makes no sense (interface: 0.0.0.0) since there's nothing 
>> already runinng on 53
> 
> If you enable interface-automatic, the interface: statements are 
> ignored, the code uses 0.0.0.0 (and ::0 if ipv6 is enabled), and
> the options should make it work.  So if there is nothing running,
> why does it fail?  Use strace? (that shows trace of system calls).
> Could it be that ipv4 works but the bind to ::0 for ipv6 somehow
> fails?  This is controlled with do-ip6.
> 
> Best regards, Wouter
> 
> _______________________________________________ Unbound-users
> mailing list Unbound-users at unbound.net
> <mailto:Unbound-users at unbound.net> 
> http://unbound.nlnetlabs.nl/mailman/listinfo/unbound-users
> 
> 
> 
> 
> -- [ ]'s
> 
> Filipe Cifali Stangler

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQIcBAEBAgAGBQJTkB5pAAoJEJ9vHC1+BF+NuwcP/ikSxBbBdeLMmvD3hGW1iztN
yBf6xsSxlwtQdIcdxaweYBBWQEUKlLzGEzQoRr/Pz+695zYzAHjoy4i27H39jkI8
MgDYeEKqFE+g9xB7ZZHyePLbNEP4TU/M1foG/laRfWhgQblL208ViXrz9zjeAXFR
wvFKsDYdXuTzfQv9zDG7tj4uJo5Rb6XUQLHC/8fe0t/hW7v+senbenbxRk2x+tbf
KUZtF6RG7F7A2Tt8Bv0W4i8Tmw8/2mBSeyBRa6n0LiH5hz+nvodvWLksFPez6qZu
iSvUwyxQrk/H9TZSPqIyaq7k1+Bn1ACw/r2lWPYaex3hHfpEEqhUER2aMFAzkAM/
iE+j8YfsOUl0p8x4i32p3V76u/UBKtHg0CeX5u2Bx/3b6PKcIoU9OrXdTlKaQvQ6
j1s3frU/scp84grZFNKCkuw4rxRf+bOrv2jksD1gCnUXb5vv9hhw9WGuQXRn2AEP
qZn8cR/bfiFfp6qdZSUSDfHab0DjuUyBhZPVy+3zw9XlntN0KJtfmtyGSR1Gh2Lk
aIjfbbS5cZM7FP6xlG+mM1CTi78TNq0FH4LcAfMEXhXMbHOR+0lN+B9wgvAspsfr
gzxRqhV1iXAz5mhiDF+75cBDJNQjIJ/bP5RrJ6bNj2/47XO6q6ZIYC+6ciWOEVPS
WtauCXjH5qId9FiDLyn9
=XY4t
-----END PGP SIGNATURE-----