Unbound http stopped, connection lost to www.internic.net

[Deleted member 62525]

I had to reinstall Unbound recently on 386.2 version. During the install I had seen the error libunbound[] error: udp connect failed: Cannot assign requested address for 2001:500:1::53 port 53 but it completed. Once it was running I noticed in the log

Apr 10 08:02:31 unbound[18052:0] debug: SSL connection to www.internic.net authenticated ip4 192.0.47.9 port 443 (len 16)
Apr 10 08:02:31 unbound[18052:0] debug: comm point listen_for_rw 14 1
Apr 10 08:02:31 unbound[18052:0] debug: comm point stop listening 14
Apr 10 08:02:31 unbound[18052:0] debug: comm point start listening 14 (-1 msec)
Apr 10 08:02:32 unbound[18052:0] debug: http header: HTTP/1.1 200 OK
Apr 10 08:02:32 unbound[18052:0] debug: http header: Date: Sat, 10 Apr 2021 14:02:32 GMT
Apr 10 08:02:32 unbound[18052:0] debug: http header: Server: Apache
Apr 10 08:02:32 unbound[18052:0] debug: http header: Last-Modified: Sat, 10 Apr 2021 05:26:00 GMT
Apr 10 08:02:32 unbound[18052:0] debug: http header: Content-Length: 2148037
Apr 10 08:02:32 unbound[18052:0] debug: http header: Vary: Accept-Encoding
Apr 10 08:02:32 unbound[18052:0] debug: http header: ETag: "20c6c5-5bf97840d8a00"
Apr 10 08:02:32 unbound[18052:0] debug: http header: Accept-Ranges: bytes
Apr 10 08:02:32 unbound[18052:0] debug: http header: Cache-Control: max-age=420
Apr 10 08:02:32 unbound[18052:0] debug: http header: Expires: Sat, 10 Apr 2021 14:08:48 GMT
Apr 10 08:02:32 unbound[18052:0] debug: http header: X-Frame-Options: SAMEORIGIN
Apr 10 08:02:32 unbound[18052:0] debug: http header: Referrer-Policy: origin-when-cross-origin
Apr 10 08:02:32 unbound[18052:0] debug: http header: Content-Security-Policy: upgrade-insecure-requests
Apr 10 08:02:32 unbound[18052:0] debug: http header: Age: 43
Apr 10 08:02:32 unbound[18052:0] debug: http header: Content-Type: text/plain; charset=UTF-8
Apr 10 08:02:32 unbound[18052:0] debug: http header: Content-Language: en
Apr 10 08:02:32 unbound[18052:0] debug: http header: Strict-Transport-Security: max-age=48211200; preload
Apr 10 08:02:32 unbound[18052:0] debug: http header:
Apr 10 08:02:35 unbound[18052:0] debug: close fd 14
Apr 10 08:02:35 unbound[18052:0] debug: auth zone transfer http callback
Apr 10 08:02:35 unbound[18052:0] debug: http stopped, connection lost to www.internic.net
Apr 10 08:02:35 unbound[18052:0] debug: auth zone . transfer failed, wait
Apr 10 08:02:35 unbound[18052:0] debug: auth zone . timeout in 96 seconds
Apr 10 08:02:38 unbound[18052:0] debug: new control connection from ip4 127.0.0.1 port 39563 (len 16)
Apr 10 08:02:38 unbound[18052:0] debug: comm point stop listening 14
Apr 10 08:02:38 unbound[18052:0] debug: comm point start listening 14 (120000 msec)
Apr 10 08:02:38 unbound[18052:0] debug: unauthenticated remote control connection
Apr 10 08:02:38 unbound[18052:0] info: control cmd:  dump_cache
Apr 10 08:02:38 unbound[18052:0] debug: remote control operation completed
Apr 10 08:02:38 unbound[18052:0] debug: close fd 14

Also, if I try to enable control-use-cert: yes it gives an error

Apr 10 08:14:45 unbound[22640:0] error: remote control failed ssl crypto error:1408F10B:SSL routines:ssl3_get_record:wrong version number
Apr 10 08:14:45 unbound[22640:0] error: remote control failed ssl crypto error:1408F10B:SSL routines:ssl3_get_record:wrong version number
Apr 10 08:14:45 unbound[22640:0] error: remote control failed ssl crypto error:1408F10B:SSL routines:ssl3_get_record:wrong version number

Has anyone seen this issue? How do I fix it?

 

[Deleted member 62525]

@Martineau,

During install - I have IP6 disabled - unbound-anchor uses default ip6 to try generating root.key.
I have forced it to use ip4 with -4 flag as in "/opt/sbin/unbound-anchor -4 -v -c /opt/var/lib/unbound/root.key" that run fine without errors.

I am still getting ssl errors when trying to enable cert for remote-control. Do you need to regenerate certs?