Unbound [Release] v3.22

  • ATTENTION! You'll notice a Prefix dropdown when you create a thread. If your post applies to one of the topics listed, please use that Prefix for your post. When browsing the thread list you can use the Prefix to filter the view.
  • ATTENTION! As of November 1, 2020, you are not able to reply to threads 6 months after the thread is opened if there are more than 500 posts in the thread.
    Threads will not be locked, so posts may still be edited by their authors.
    Just start a new thread on the topic to post if you get an error message when trying to reply to a thread.

Martineau

Part of the Furniture
unbound_manager v3.22 and unbound.conf v1.12

Version: v3.22
Github md5=6b4a500c071bcbb3f4a6e9596a178d43


Use option 7 when v3.22 is shown as available in either amtm
Code:
 7  open     unbound Mgr    v3.22   <- v3.21

Use unbound_manager command option u when shown (or uf to FORCE the upgrade if it isn't)
Code:
u = Update (Major) unbound_manager v3.21 -> v3.22 (Change Log: https://github.com/MartineauUK/Unbound-Asuswrt-Merlin/commits/master/unbound_manager.sh)

Optional Install but recommended unbound.conf v1.12 to improve cache hits.

Use vb and 1 (or Advanced menu i config) commands to upgrade.
 
Last edited:

heysoundude

Very Senior Member
Is vb before 1 critical? I just opened unbound in amtm, saw that there was a 'major' update, and pressed one.

Yes, it has to be a major update from the length of time updating is taking...mine has been going for 10 mins and I'm still not back to a command prompt...
 
Last edited:

Martineau

Part of the Furniture
Is vb before 1 critical? I just opened unbound in amtm, saw that there was a 'major' update, and pressed one.
For the Easy menu mode users, then the need to execute vb to take a backup of 'unbound.conf' is probably moot, as they may have never customised unbound.

However, for Advanced menu mode users, it is prudent to ensure a backup is created so they can manually merge the new v1.12 'unbound.conf' or simply restore it if necessary.

the script has been reporting Updating S61unbound for quite a few minutes now...
EDIT: it has to be a major update from the length of time updating is taking...mine has been going for 10 mins and I'm still not back to a command prompt...
No idea.

You should ABORT the current upgrade process, and retry.

If it still stalls, then you will need to use debug mode to show precisely where the script is stalling.
 
Last edited:

bluzfanmr1

Senior Member
I have updated via both the Easy and Advanced menus but it still says there is an update available.
 

bluzfanmr1

Senior Member
Never mind, its good now!
 

heysoundude

Very Senior Member
I'm having an issue - unbound is reporting itself as running 3.22 with 1.12 conf, but amtm is still reporting 3.21 update available.

UPDATE- Hard reboot router and gateway and everything is back to normal. my bad for forgetting the ISP gateway - I usually don't need to.
 
Last edited:

mister

Regular Contributor
Dear all,
just a simple question: After update to the new version my configuration of unbound was set to default. I manually switched to DOT, made a backup with vb and after the update, everything was lost, my backup as well.

First question: Can I have another name for the backup e.g.
Code:
First question: Can I have another name for the backup e.g. vb DOT.conf `?
`?

That entry didn´t work.
How to restore the backup :
Code:
rl  DOT.conf
?

Is it normal, that my configuration was overwritten by updating to 3.22 ?

Thanks a lot for your support

Hugo
 

Martineau

Part of the Furniture
Dear all,
just a simple question: After update to the new version my configuration of unbound was set to default. I manually switched to DOT, made a backup with vb and after the update, everything was lost, my backup as well.

First question: Can I have another name for the backup e.g.
Code:
First question: Can I have another name for the backup e.g. vb DOT.conf `?
`?

That entry didn´t work.
How to restore the backup :
Code:
rl  DOT.conf
?

Is it normal, that my configuration was overwritten by updating to 3.22 ?

Thanks a lot for your support

Hugo

As per the upgrade instructions, the vb command will always make a backup in both Easy and Advanced menu mode

Code:
e  = Exit Script [?]

E:Option ==> vb

 Active 'unbound.conf' backed up to '/opt/share/unbound/configs/20210202-170523_unbound.conf'

NOTE: The vb command does not let you specify the name, but you may rename the backup..or can reload it as-is
Code:
e  = Exit Script [?]

A:Option ==> rl  /opt/share/unbound/configs/20210202-170523_unbound

unbound-checkconf: no errors in /opt/share/unbound/configs/20210202-170523_unbound.conf

Reloading 'unbound.conf' status=17:18:34 Saving unbound cache to '/opt/share/unbound/configs/cache.txt' msg.cache=467/461 rrset.cache=2560/2553
ok

However, in Advanced Menu mode, if you use command i to do a FULL unbound installation upgrade/refresh, then when all files/modules have been retrieved, you are given the option to retain your current custom 'unbound.conf' config.
Code:
Auto install unbound Customisation complete 0 minutes and 16 seconds elapsed - Please wait for up to 10 seconds for status.....


    Installation of unbound completed

<snip>

Do you want to KEEP your current unbound configuration? ('20210202-171145_unbound.conf')

    Reply 'y' to KEEP or press [Enter] to use new downloaded 'unbound.conf'

FYI, unbound_manager also supports the use of the 'postconf' / 'unbound.conf.add' methods, to apply custom settings, which will always be applied after 'unbound.conf' is overwritten.

NOTE: If you decide to uninstall unbound then you are given the option to retain '/opt/share/unbound/configs*' or to erase it completely i.e. deleting all your backups.
 

Martineau

Part of the Furniture
Can I have another name for the backup e.g. vb DOT.conf ?
I have created Beta unbound_manager v3.23b to accommodate your suggestion.
Code:
e  = Exit Script [?]

A:Option ==> vb DoT

Active 'unbound.conf' backed up to '/opt/share/unbound/configs/DoT.conf'
Code:
e  = Exit Script [?]

A:Option ==> vb ?

    'unbound.conf' Configuration backups

        9.9K Tue Feb  2 12:12:48 2021 /opt/share/unbound/configs/20210202-121248_unbound.conf
       10.0K Tue Feb  2 17:12:07 2021 /opt/share/unbound/configs/reset.conf
       10.1K Tue Feb  2 17:12:20 2021 /opt/share/unbound/configs/user.conf
       10.2K Wed Feb  3 09:54:55 2021 /opt/share/unbound/configs/20210203-095455_unbound.conf
       10.2K Wed Feb  3 09:59:08 2021 /opt/share/unbound/configs/DoT.conf
Code:
A:Option ==> rl DoT

unbound-checkconf: no errors in /opt/share/unbound/configs/DoT.conf

Reloading 'unbound.conf' status=11:20:54 Saving unbound cache to '/opt/share/unbound/configs/cache.txt' msg.cache=805/374 rrset.cache=2552/1801
ok

Use command uf dev to test the Beta and uf to revert to v3.22
 
Last edited:

mister

Regular Contributor
Thanks Martineau,
I will test it. Thanks a lot
Hi Marineau,
it seems to work. I am now on b2.
updating to next betas or higher versions will be possible via amtm or do I have to switch back to V3.22?

Exactly clear is the postconf method not for me.
Do I have to create a new unbound.conf.add file in /opt/share/unbound/unbound.conf.add and fill it with the sections of the unbound.conf file I had changed ?

e.g. for DOT use every line beginning with

"forward-zone: #DOT"

till the
#@@@@@@@@@@@@@@

?
Thanks a lot
Hugo
 
Last edited:

Martineau

Part of the Furniture
Hi Marineau,
it seems to work. I am now on b2.
updating to next betas or higher versions will be possible via amtm or do I have to switch back to V3.22?
When v3.23 is available on Github, then you should be prompted to upgrade i.e. enter command u
If it doesn't then command uf will force the upgrade
Exactly clear is the postconf method not for me.
Using the .postconf method gives you the ability to alter the current 'unbound.conf' in situ, but does require scripting knowledge.
Do I have to create a new unbound.conf.add file in /opt/share/unbound/unbound.conf.add and fill it with the sections of the unbound.conf file I had changed ?
Yes.

Any directives defined in '/opt/share/unbound/unbound.conf.add' will override existing directives in 'unbound.conf'.
 

Luizlp10

Occasional Visitor
I am using Unbound v3.22 in FW 386.1. It is working flawlessly with cache hit percentage above 70% at all times but my log is getting spammed with this:


Feb 8 15:57:00 RT-AC86U-7A60 (unbound_log.sh): 1705 Processed 0 reply_domains...
Feb 8 15:57:00 RT-AC86U-7A60 (unbound_log.sh): 1705 Processed 0 nx_domains...
Feb 8 15:57:01 RT-AC86U-7A60 (unbound_log.sh): 1705 Processed 0 RPZ events...

Is there a way to remove this from the log while maintaining the Unbound Stats in the addons page?
 

heysoundude

Very Senior Member
I am using Unbound v3.22 in FW 386.1. It is working flawlessly with cache hit percentage above 70% at all times but my log is getting spammed with this:


Feb 8 15:57:00 RT-AC86U-7A60 (unbound_log.sh): 1705 Processed 0 reply_domains...
Feb 8 15:57:00 RT-AC86U-7A60 (unbound_log.sh): 1705 Processed 0 nx_domains...
Feb 8 15:57:01 RT-AC86U-7A60 (unbound_log.sh): 1705 Processed 0 RPZ events...

Is there a way to remove this from the log while maintaining the Unbound Stats in the addons page?
The log and the graphs are 2 different things...set the log to display warnings and above? you don't need to see every action, every proc in the log. the log is just so you can see problems and issues and errors. YMMV
 

Make WiFi Great Again

Regular Contributor
tried making my own thread but got no attention for my issue so i am reposting it here in hopes someone will see it and have an idea.


I am running an ac68u on johns fork 47D7. i try to install and run unbound. everything installs ok but as soon as it tries to startup it goes awol after 1 second. i have tried rebooting uninstalling reinstalling formatting my usb drive formatting the jffs and even reinstalling johns fork via the cfe loader at 192.168.1.1 nothing has helped. ive fought off urges to smash things a few times already. i hope someone can help me.


here is the errors


Starting unbound... failed.
00:52:53 Checking 'unbound.conf' for valid Syntax.....
00:52:54 Requesting unbound (S61unbound) restart.....
Starting unbound... failed.
00:52:56 Checking status, please wait.....


***ERROR unbound went AWOL after 1 seconds.....

Try option 'debug' and check for unbound.conf or runtime errors!

Manual install unbound Customisation complete 5 minutes and 3 seconds elapsed - Please wait for up to 10 seconds for status.....



***ERROR unbound went AWOL after 1 seconds.....


***ERROR Unsuccessful installation of unbound detected

Feb 7 00:52:54 (none) user.warn (unbound_manager): 2383 Requesting unbound (/opt/etc/init.d/S61unbound$) restart.....
Feb 7 00:52:54 (none) user.warn S61unbound: restart Unbound DNS server /opt/etc/init.d/S61unbound
Feb 7 00:52:56 (none) user.warn (dnsmasq.postconf): Updating /etc/dnsmasq.conf for unbound.....
Feb 7 00:52:56 (none) user.warn GXXxxXXX: Failed to start unbound from .
Feb 7 00:52:57 (none) user.warn (unbound_manager): 2383 ***ERROR unbound went AWOL after 1 seconds.... Try 'unbound -dv' and check for unbound.conf or runtime errors!
[1612677178] unbound[30751:0] notice: Start of unbound 1.12.0.
Feb 07 00:52:58 unbound[30751:0] debug: increased limit(open files) from 1024 to 2286
Feb 07 00:52:58 unbound[30751:0] debug: creating udp4 socket 127.0.0.1 53535
Feb 07 00:52:58 unbound[30751:0] debug: creating tcp4 socket 127.0.0.1 53535
Feb 07 00:52:58 unbound[30751:0] error: Setting TCP Fast Open as server failed: Protocol not available
Feb 07 00:52:58 unbound[30751:0] debug: creating udp6 socket :: 53535
Feb 07 00:52:58 unbound[30751:0] debug: creating tcp6 socket :: 53535
Feb 07 00:52:58 unbound[30751:0] error: Setting TCP Fast Open as server failed: Protocol not available
Feb 07 00:52:58 unbound[30751:0] debug: creating tcp4 socket 127.0.0.1 953
Feb 07 00:52:58 unbound[30751:0] error: Setting TCP Fast Open as server failed: Protocol not available
Feb 07 00:52:58 unbound[30751:0] error: error in SSL_CTX verify crypto error:25066067:DSO support routines:dlfcn_load:could not load the shared library
Feb 07 00:52:58 unbound[30751:0] error: and additionally crypto error:25070067:DSO support routines:DSO_load:could not load the shared library
Feb 07 00:52:58 unbound[30751:0] error: and additionally crypto error:0E07506E:configuration file routines:module_load_dso:error loading dso
Feb 07 00:52:58 unbound[30751:0] error: and additionally crypto error:0E076071:configuration file routines:module_run:unknown module name
Feb 07 00:52:58 unbound[30751:0] error: and additionally crypto error:02001002:system library:fopen:No such file or directory
Feb 07 00:52:58 unbound[30751:0] error: and additionally crypto error:2006D080:BIO routines:BIO_new_file:no such file
Feb 07 00:52:58 unbound[30751:0] error: and additionally crypto error:0B084002:x509 certificate routines:X509_load_cert_crl_file:system lib
Feb 07 00:52:58 unbound[30751:0] fatal error: could not set up connect SSL_CTX



Rerun unbound_manager nochk and select the Remove option to backout changes


[email protected]:/tmp/home/root# unbound -dv
[1612677236] unbound[31475:0] notice: Start of unbound 1.12.0.
Feb 07 00:53:56 unbound[31475:0] error: error in SSL_CTX verify crypto error:25066067:DSO support routines:dlfcn_load:could not load the shared library
Feb 07 00:53:56 unbound[31475:0] error: and additionally crypto error:25070067:DSO support routines:DSO_load:could not load the shared library
Feb 07 00:53:56 unbound[31475:0] error: and additionally crypto error:0E07506E:configuration file routines:module_load_dso:error loading dso
Feb 07 00:53:56 unbound[31475:0] error: and additionally crypto error:0E076071:configuration file routines:module_run:unknown module name
Feb 07 00:53:56 unbound[31475:0] error: and additionally crypto error:02001002:system library:fopen:No such file or directory
Feb 07 00:53:56 unbound[31475:0] error: and additionally crypto error:2006D080:BIO routines:BIO_new_file:no such file
Feb 07 00:53:56 unbound[31475:0] error: and additionally crypto error:0B084002:x509 certificate routines:X509_load_cert_crl_file:system lib
Feb 07 00:53:56 unbound[31475:0] fatal error: could not set up connect SSL_CTX
[email protected]:/tmp/home/root#
 

dave14305

Part of the Furniture
[email protected]:/tmp/home/root# unbound -dv
[1612677236] unbound[31475:0] notice: Start of unbound 1.12.0.
Feb 07 00:53:56 unbound[31475:0] error: error in SSL_CTX verify crypto error:25066067:DSO support routines:dlfcn_load:could not load the shared library
Feb 07 00:53:56 unbound[31475:0] error: and additionally crypto error:25070067:DSO support routines:DSO_load:could not load the shared library
Feb 07 00:53:56 unbound[31475:0] error: and additionally crypto error:0E07506E:configuration file routines:module_load_dso:error loading dso
Feb 07 00:53:56 unbound[31475:0] error: and additionally crypto error:0E076071:configuration file routines:module_run:unknown module name
Feb 07 00:53:56 unbound[31475:0] error: and additionally crypto error:02001002:system library:fopen:No such file or directory
Feb 07 00:53:56 unbound[31475:0] error: and additionally crypto error:2006D080:BIO routines:BIO_new_file:no such file
Feb 07 00:53:56 unbound[31475:0] error: and additionally crypto error:0B084002:x509 certificate routines:X509_load_cert_crl_file:system lib
Feb 07 00:53:56 unbound[31475:0] fatal error: could not set up connect SSL_CTX
[email protected]:/tmp/home/root#
On John's fork, I can't remember the location of the ca-cert bundle, but it might not be where Unbound_manager assumes it is (tls-cert-bundle: "/etc/ssl/certs/ca-certificates.crt"). Update the path in unbound.conf or comment out the line and try again.

EDIT: look in /rom/ca-bundle.crt or /rom/etc/ssl/cert.pem

A while back I used the Entware CA bundle instead (see item #3 in the linked post).
 
Last edited:

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top