Unbound [SOLVED] Unbound not running after reboot

Meshkoff

Occasional Visitor
Hi all

Successfully installed unbound via amtm and everything is working good, but after every reboot i got "WAN Disconnected" and "Unbound not running" issues. Strange to notice every time i hit refresh on the WAN page it shows my WAN ip and connected status for milliseconds but then switch to disconnected again. WAN stays disconnected until i fill any DNS server in WAN settings page, once i give it a record and hit apply - WAN immediately connected to the internet and working. Since that all DNS queries being resolved through Cloudflare (in my case), not Unbound:

Bash:
[email protected]:/# nslookup www.snbforums.com
Server:    1.0.0.1
Address 1: 1.0.0.1 one.one.one.one

Name:      www.snbforums.com
Address 1: 188.114.99.144
Address 2: 2a06:98c1:3123:9000::

So the purpose of using Unbound is vanishing.

Removing DNS server from WAN settings page immediately leads to "WAN Disconnected", but after a several second it successfully connected and internet is working with DNS queries being resolved through Unbound:

Bash:
[email protected]:/# nslookup www.snbforums.com
Server:    127.0.0.1
Address 1: 127.0.0.1 localhost.localdomain

Name:      www.snbforums.com
Address 1: 188.114.99.144

Unbound config overview:

Screenshot 2022-05-09 11-26-48 ssh_asus_panda_homedmitry.png



Checked syslog and didn't found any errors related to Unbound except it is not running :D

WAN related section below:

Bash:
May  5 08:05:05 lldpd[1872]: cannot get ethtool link information with GLINKSETTINGS (requires 4.9+): Operation not permitted
May  5 08:05:06 kernel: eth2: sysport_tm port shaper set to 99900 kbps (phy speed 100000 kbps)
May  5 08:05:06 kernel: eth2 (Ext switch port: 1) (Logical Port: 9) (phyId: 1) Link Up at 100 mbps full duplex
May  5 08:05:06 WAN_Connection: WAN(0) link down.
May  5 08:05:07 custom_script: Running /jffs/scripts/services-start
May  5 08:05:07 custom_script: Running /jffs/scripts/wan-event (args: 0 init)
May  5 08:05:07 custom_script: Running /jffs/scripts/wan-event (args: 0 connecting)
May  5 08:05:07 custom_script: Running /jffs/scripts/wan-event (args: 0 disconnected)
May  5 08:05:07 custom_script: Running /jffs/scripts/wan-event (args: 0 stopped)
May  5 08:05:07 kernel: SCSI subsystem initialized
May  5 08:05:07 scMerlin: Waiting for NTP to sync...
May  5 08:05:07 kernel: tfat: loading out-of-tree module taints kernel.
May  5 08:05:08 init: fwver: 386.5_2 (sn:M9IG32703231SEX /ha:F0:2F:74:B7:5A:68 )
May  5 08:05:09 kernel: scsi 0:0:0:0: Direct-Access     JetFlash Transcend 32GB   1100 PQ: 0 ANSI: 6
May  5 08:05:09 kernel: sd 0:0:0:0: [sda] 59725824 512-byte logical blocks: (30.6 GB/28.5 GiB)
May  5 08:05:09 kernel: sd 0:0:0:0: Attached scsi generic sg0 type 0
May  5 08:05:09 kernel: sd 0:0:0:0: [sda] Write Protect is off
May  5 08:05:09 kernel: sd 0:0:0:0: [sda] Write cache: enabled, read cache: enabled, doesn't support DPO or FUA
May  5 08:05:09 kernel: sd 0:0:0:0: [sda] Attached SCSI removable disk
May  5 08:05:10 kernel: eth0: sysport_tm port shaper set to 999000 kbps (phy speed 1000000 kbps)
May  5 08:05:10 kernel: eth0 (Int switch port: 0) (Logical Port: 0) (phyId: 8) Link Up at 1000 mbps full duplex
May  5 08:05:11 cfg_server:  event: wl_chanspec_changed_action
May  5 08:05:11 cfg_server: skip event due no re
May  5 08:05:12 custom_script: Running /jffs/scripts/wan-event (args: 0 connected)
May  5 08:05:12 custom_script: Running /jffs/scripts/nat-start
May  5 08:05:13 ntpMerlin: Sleeping for 5s to allow firewall/nat startup to be completed...
May  5 08:05:13 custom_script: Running /jffs/scripts/firewall-start (args: eth0)
May  5 08:05:13 wan: finish adding multi routes
May  5 08:05:13 rc_service: udhcpc 2678:notify_rc stop_ntpd
May  5 08:05:13 rc_service: udhcpc 2678:notify_rc start_ntpd
May  5 08:05:13 rc_service: waitting "stop_ntpd" via udhcpc ...
May  5 08:05:13 dm1try: loaded custom firewall rules from firewall-start script
May  5 08:05:13 custom_script: Running /jffs/scripts/service-event (args: stop ntpd)
May  5 08:05:13 (wg_firewall): 2781 Checking if WireGuard VPN Peer KILL-Switch is required.....
May  5 08:05:14 custom_script: Running /jffs/scripts/service-event (args: start ntpd)
May  5 08:05:14 ntpd: Started ntpd
May  5 08:05:15 roamast: ROAMING Start...
May  5 08:05:15 kernel: Archer TCP Pure ACK Enabled
May  5 08:05:15 dhcp_client: bound 178.140.137.25/255.255.240.0 via 178.140.125.6 for 3600 seconds.
May  5 08:05:16 custom_script: Running /jffs/scripts/pre-mount (args: /dev/sda1 ext4)
May  5 08:05:16 WAN_Connection: WAN was restored.
May  5 08:05:33 reboot_scheduler: [timecheck] NTP sync error
May  5 08:05:37 scMerlin: Waiting for NTP to sync...
May  5 08:06:03 reboot_scheduler: [timecheck] NTP sync error
May  5 08:06:07 scMerlin: Waiting for NTP to sync...
May  5 08:06:33 reboot_scheduler: [timecheck] NTP sync error
May  5 08:06:38 scMerlin: Waiting for NTP to sync...
May  5 08:06:57 amtm disk-check: NTP timeout (100s) reached, date is router default
May  5 08:06:57 amtm disk-check: Probing 'ext4' on device /dev/sda1
May  5 08:06:57 amtm disk-check: Running disk check v3.0, with command 'e2fsck -p' on /dev/sda1
May  5 08:06:57 amtm disk-check: Disk check done on /dev/sda1
May  5 08:06:57 usb: USB ext4 fs at /dev/sda1 mounted on /tmp/mnt/ENTWARE.
May  5 08:06:57 custom_script: Running /jffs/scripts/post-mount (args: /tmp/mnt/ENTWARE)
May  5 08:06:57 Entware: Starting Entware services on /tmp/mnt/ENTWARE
May  5 08:06:58 kernel: klogd: exiting
May  5 08:07:03 RT-AX56U reboot_scheduler: [timecheck] NTP sync error
May  5 08:07:08 RT-AX56U scMerlin: Waiting for NTP to sync...
May  5 08:07:33 RT-AX56U reboot_scheduler: [timecheck] NTP sync error
May  5 08:07:38 RT-AX56U scMerlin: Waiting for NTP to sync...

Might be missing something important so full reboot process log attached as file.

Also noticed that my Entware usb thumbdrive gets mounted faster with DNS server filled in WAN Settings page. If i remove DNS record and let Unbound do it things usb can stays unmounted for couple of minutes or even more... What's a devilry things going with my router :D

I really love the idea of Unbound and many thanks to Martineau for that, but i just can't figure out what causing this issues.

Also wondering how any problems with DNS can lead to not being able to obtain WAN ip address? Isn't it DHCP only thing?
Any thoughts on that? Where to dig?
 

Attachments

  • scheduled_reboot_syslog.txt
    42.3 KB · Views: 53

Martineau

Part of the Furniture
Hi all

Successfully installed unbound via amtm and everything is working good, but after every reboot i got "WAN Disconnected" and "Unbound not running" issues. Strange to notice every time i hit refresh on the WAN page it shows my WAN ip and connected status for milliseconds but then switch to disconnected again. WAN stays disconnected until i fill any DNS server in WAN settings page, once i give it a record and hit apply - WAN immediately connected to the internet and working. Since that all DNS queries being resolved through Cloudflare (in my case), not Unbound:

Bash:
[email protected]:/# nslookup www.snbforums.com
Server:    1.0.0.1
Address 1: 1.0.0.1 one.one.one.one

Name:      www.snbforums.com
Address 1: 188.114.99.144
Address 2: 2a06:98c1:3123:9000::

So the purpose of using Unbound is vanishing.

Removing DNS server from WAN settings page immediately leads to "WAN Disconnected", but after a several second it successfully connected and internet is working with DNS queries being resolved through Unbound:

Bash:
[email protected]:/# nslookup www.snbforums.com
Server:    127.0.0.1
Address 1: 127.0.0.1 localhost.localdomain

Name:      www.snbforums.com
Address 1: 188.114.99.144

Unbound config overview:

View attachment 41178


Checked syslog and didn't found any errors related to Unbound except it is not running :D

WAN related section below:

Bash:
May  5 08:05:05 lldpd[1872]: cannot get ethtool link information with GLINKSETTINGS (requires 4.9+): Operation not permitted
May  5 08:05:06 kernel: eth2: sysport_tm port shaper set to 99900 kbps (phy speed 100000 kbps)
May  5 08:05:06 kernel: eth2 (Ext switch port: 1) (Logical Port: 9) (phyId: 1) Link Up at 100 mbps full duplex
May  5 08:05:06 WAN_Connection: WAN(0) link down.
May  5 08:05:07 custom_script: Running /jffs/scripts/services-start
May  5 08:05:07 custom_script: Running /jffs/scripts/wan-event (args: 0 init)
May  5 08:05:07 custom_script: Running /jffs/scripts/wan-event (args: 0 connecting)
May  5 08:05:07 custom_script: Running /jffs/scripts/wan-event (args: 0 disconnected)
May  5 08:05:07 custom_script: Running /jffs/scripts/wan-event (args: 0 stopped)
May  5 08:05:07 kernel: SCSI subsystem initialized
May  5 08:05:07 scMerlin: Waiting for NTP to sync...
May  5 08:05:07 kernel: tfat: loading out-of-tree module taints kernel.
May  5 08:05:08 init: fwver: 386.5_2 (sn:M9IG32703231SEX /ha:F0:2F:74:B7:5A:68 )
May  5 08:05:09 kernel: scsi 0:0:0:0: Direct-Access     JetFlash Transcend 32GB   1100 PQ: 0 ANSI: 6
May  5 08:05:09 kernel: sd 0:0:0:0: [sda] 59725824 512-byte logical blocks: (30.6 GB/28.5 GiB)
May  5 08:05:09 kernel: sd 0:0:0:0: Attached scsi generic sg0 type 0
May  5 08:05:09 kernel: sd 0:0:0:0: [sda] Write Protect is off
May  5 08:05:09 kernel: sd 0:0:0:0: [sda] Write cache: enabled, read cache: enabled, doesn't support DPO or FUA
May  5 08:05:09 kernel: sd 0:0:0:0: [sda] Attached SCSI removable disk
May  5 08:05:10 kernel: eth0: sysport_tm port shaper set to 999000 kbps (phy speed 1000000 kbps)
May  5 08:05:10 kernel: eth0 (Int switch port: 0) (Logical Port: 0) (phyId: 8) Link Up at 1000 mbps full duplex
May  5 08:05:11 cfg_server:  event: wl_chanspec_changed_action
May  5 08:05:11 cfg_server: skip event due no re
May  5 08:05:12 custom_script: Running /jffs/scripts/wan-event (args: 0 connected)
May  5 08:05:12 custom_script: Running /jffs/scripts/nat-start
May  5 08:05:13 ntpMerlin: Sleeping for 5s to allow firewall/nat startup to be completed...
May  5 08:05:13 custom_script: Running /jffs/scripts/firewall-start (args: eth0)
May  5 08:05:13 wan: finish adding multi routes
May  5 08:05:13 rc_service: udhcpc 2678:notify_rc stop_ntpd
May  5 08:05:13 rc_service: udhcpc 2678:notify_rc start_ntpd
May  5 08:05:13 rc_service: waitting "stop_ntpd" via udhcpc ...
May  5 08:05:13 dm1try: loaded custom firewall rules from firewall-start script
May  5 08:05:13 custom_script: Running /jffs/scripts/service-event (args: stop ntpd)
May  5 08:05:13 (wg_firewall): 2781 Checking if WireGuard VPN Peer KILL-Switch is required.....
May  5 08:05:14 custom_script: Running /jffs/scripts/service-event (args: start ntpd)
May  5 08:05:14 ntpd: Started ntpd
May  5 08:05:15 roamast: ROAMING Start...
May  5 08:05:15 kernel: Archer TCP Pure ACK Enabled
May  5 08:05:15 dhcp_client: bound 178.140.137.25/255.255.240.0 via 178.140.125.6 for 3600 seconds.
May  5 08:05:16 custom_script: Running /jffs/scripts/pre-mount (args: /dev/sda1 ext4)
May  5 08:05:16 WAN_Connection: WAN was restored.
May  5 08:05:33 reboot_scheduler: [timecheck] NTP sync error
May  5 08:05:37 scMerlin: Waiting for NTP to sync...
May  5 08:06:03 reboot_scheduler: [timecheck] NTP sync error
May  5 08:06:07 scMerlin: Waiting for NTP to sync...
May  5 08:06:33 reboot_scheduler: [timecheck] NTP sync error
May  5 08:06:38 scMerlin: Waiting for NTP to sync...
May  5 08:06:57 amtm disk-check: NTP timeout (100s) reached, date is router default
May  5 08:06:57 amtm disk-check: Probing 'ext4' on device /dev/sda1
May  5 08:06:57 amtm disk-check: Running disk check v3.0, with command 'e2fsck -p' on /dev/sda1
May  5 08:06:57 amtm disk-check: Disk check done on /dev/sda1
May  5 08:06:57 usb: USB ext4 fs at /dev/sda1 mounted on /tmp/mnt/ENTWARE.
May  5 08:06:57 custom_script: Running /jffs/scripts/post-mount (args: /tmp/mnt/ENTWARE)
May  5 08:06:57 Entware: Starting Entware services on /tmp/mnt/ENTWARE
May  5 08:06:58 kernel: klogd: exiting
May  5 08:07:03 RT-AX56U reboot_scheduler: [timecheck] NTP sync error
May  5 08:07:08 RT-AX56U scMerlin: Waiting for NTP to sync...
May  5 08:07:33 RT-AX56U reboot_scheduler: [timecheck] NTP sync error
May  5 08:07:38 RT-AX56U scMerlin: Waiting for NTP to sync...

Might be missing something important so full reboot process log attached as file.

Also noticed that my Entware usb thumbdrive gets mounted faster with DNS server filled in WAN Settings page. If i remove DNS record and let Unbound do it things usb can stays unmounted for couple of minutes or even more... What's a devilry things going with my router :D

I really love the idea of Unbound and many thanks to Martineau for that, but i just can't figure out what causing this issues.

Also wondering how any problems with DNS can lead to not being able to obtain WAN ip address? Isn't it DHCP only thing?
Any thoughts on that? Where to dig?
Unbound initialisation seemingly failed because the time wasn't set....so you need a valid WAN DNS defined to be able to set the time...

Code:
May  5 08:05:03 (dnsmasq.postconf): Updating /etc/dnsmasq.conf for unbound.....
May  5 08:10:00 RT-AX56U (gen_ytadblock.sh): 5340 Warning unbound NOT running!
May  5 08:12:03 RT-AX56U S61unbound: NTP failed to sync after 5 minutes - please check immediately!

May  5 08:12:03 RT-AX56U dm1try: Started timeserverd from /jffs/scripts/post-mount.

May  5 08:15:00 RT-AX56U (gen_ytadblock.sh): 6837 Warning unbound NOT running!
May  5 08:15:08 RT-AX56U scMerlin: NTP failed to sync after 10 minutes. Please resolve!
May  5 08:15:33 RT-AX56U timeserverd: Waiting for NTP to sync...
May  5 08:15:33 RT-AX56U reboot_scheduler: [timecheck] NTP sync error

May  5 08:20:00 RT-AX56U (gen_ytadblock.sh): 7685 Warning unbound NOT running!

May  5 08:22:04 RT-AX56U timeserverd: NTP failed to sync after 10 minutes - please check immediately!

May  5 08:25:00 RT-AX56U (gen_ytadblock.sh): 8482 Warning unbound NOT running!

Usually, once the time is/has been (manually) synched (if NTP synch is failing for another reason, there are threads that contain a method to force the NTP sync), a manual service restart_dnsmasq should enable unbound functionality.

Also could you please tag this thread with the 'Unbound' filter category to assist others in find this thread - Thanks.
 
Last edited:

SomeWhereOverTheRainBow

Part of the Furniture
Hi all

Successfully installed unbound via amtm and everything is working good, but after every reboot i got "WAN Disconnected" and "Unbound not running" issues. Strange to notice every time i hit refresh on the WAN page it shows my WAN ip and connected status for milliseconds but then switch to disconnected again. WAN stays disconnected until i fill any DNS server in WAN settings page, once i give it a record and hit apply - WAN immediately connected to the internet and working. Since that all DNS queries being resolved through Cloudflare (in my case), not Unbound:

Bash:
[email protected]:/# nslookup www.snbforums.com
Server:    1.0.0.1
Address 1: 1.0.0.1 one.one.one.one

Name:      www.snbforums.com
Address 1: 188.114.99.144
Address 2: 2a06:98c1:3123:9000::

So the purpose of using Unbound is vanishing.

Removing DNS server from WAN settings page immediately leads to "WAN Disconnected", but after a several second it successfully connected and internet is working with DNS queries being resolved through Unbound:

Bash:
[email protected]:/# nslookup www.snbforums.com
Server:    127.0.0.1
Address 1: 127.0.0.1 localhost.localdomain

Name:      www.snbforums.com
Address 1: 188.114.99.144

Unbound config overview:

View attachment 41178


Checked syslog and didn't found any errors related to Unbound except it is not running :D

WAN related section below:

Bash:
May  5 08:05:05 lldpd[1872]: cannot get ethtool link information with GLINKSETTINGS (requires 4.9+): Operation not permitted
May  5 08:05:06 kernel: eth2: sysport_tm port shaper set to 99900 kbps (phy speed 100000 kbps)
May  5 08:05:06 kernel: eth2 (Ext switch port: 1) (Logical Port: 9) (phyId: 1) Link Up at 100 mbps full duplex
May  5 08:05:06 WAN_Connection: WAN(0) link down.
May  5 08:05:07 custom_script: Running /jffs/scripts/services-start
May  5 08:05:07 custom_script: Running /jffs/scripts/wan-event (args: 0 init)
May  5 08:05:07 custom_script: Running /jffs/scripts/wan-event (args: 0 connecting)
May  5 08:05:07 custom_script: Running /jffs/scripts/wan-event (args: 0 disconnected)
May  5 08:05:07 custom_script: Running /jffs/scripts/wan-event (args: 0 stopped)
May  5 08:05:07 kernel: SCSI subsystem initialized
May  5 08:05:07 scMerlin: Waiting for NTP to sync...
May  5 08:05:07 kernel: tfat: loading out-of-tree module taints kernel.
May  5 08:05:08 init: fwver: 386.5_2 (sn:M9IG32703231SEX /ha:F0:2F:74:B7:5A:68 )
May  5 08:05:09 kernel: scsi 0:0:0:0: Direct-Access     JetFlash Transcend 32GB   1100 PQ: 0 ANSI: 6
May  5 08:05:09 kernel: sd 0:0:0:0: [sda] 59725824 512-byte logical blocks: (30.6 GB/28.5 GiB)
May  5 08:05:09 kernel: sd 0:0:0:0: Attached scsi generic sg0 type 0
May  5 08:05:09 kernel: sd 0:0:0:0: [sda] Write Protect is off
May  5 08:05:09 kernel: sd 0:0:0:0: [sda] Write cache: enabled, read cache: enabled, doesn't support DPO or FUA
May  5 08:05:09 kernel: sd 0:0:0:0: [sda] Attached SCSI removable disk
May  5 08:05:10 kernel: eth0: sysport_tm port shaper set to 999000 kbps (phy speed 1000000 kbps)
May  5 08:05:10 kernel: eth0 (Int switch port: 0) (Logical Port: 0) (phyId: 8) Link Up at 1000 mbps full duplex
May  5 08:05:11 cfg_server:  event: wl_chanspec_changed_action
May  5 08:05:11 cfg_server: skip event due no re
May  5 08:05:12 custom_script: Running /jffs/scripts/wan-event (args: 0 connected)
May  5 08:05:12 custom_script: Running /jffs/scripts/nat-start
May  5 08:05:13 ntpMerlin: Sleeping for 5s to allow firewall/nat startup to be completed...
May  5 08:05:13 custom_script: Running /jffs/scripts/firewall-start (args: eth0)
May  5 08:05:13 wan: finish adding multi routes
May  5 08:05:13 rc_service: udhcpc 2678:notify_rc stop_ntpd
May  5 08:05:13 rc_service: udhcpc 2678:notify_rc start_ntpd
May  5 08:05:13 rc_service: waitting "stop_ntpd" via udhcpc ...
May  5 08:05:13 dm1try: loaded custom firewall rules from firewall-start script
May  5 08:05:13 custom_script: Running /jffs/scripts/service-event (args: stop ntpd)
May  5 08:05:13 (wg_firewall): 2781 Checking if WireGuard VPN Peer KILL-Switch is required.....
May  5 08:05:14 custom_script: Running /jffs/scripts/service-event (args: start ntpd)
May  5 08:05:14 ntpd: Started ntpd
May  5 08:05:15 roamast: ROAMING Start...
May  5 08:05:15 kernel: Archer TCP Pure ACK Enabled
May  5 08:05:15 dhcp_client: bound 178.140.137.25/255.255.240.0 via 178.140.125.6 for 3600 seconds.
May  5 08:05:16 custom_script: Running /jffs/scripts/pre-mount (args: /dev/sda1 ext4)
May  5 08:05:16 WAN_Connection: WAN was restored.
May  5 08:05:33 reboot_scheduler: [timecheck] NTP sync error
May  5 08:05:37 scMerlin: Waiting for NTP to sync...
May  5 08:06:03 reboot_scheduler: [timecheck] NTP sync error
May  5 08:06:07 scMerlin: Waiting for NTP to sync...
May  5 08:06:33 reboot_scheduler: [timecheck] NTP sync error
May  5 08:06:38 scMerlin: Waiting for NTP to sync...
May  5 08:06:57 amtm disk-check: NTP timeout (100s) reached, date is router default
May  5 08:06:57 amtm disk-check: Probing 'ext4' on device /dev/sda1
May  5 08:06:57 amtm disk-check: Running disk check v3.0, with command 'e2fsck -p' on /dev/sda1
May  5 08:06:57 amtm disk-check: Disk check done on /dev/sda1
May  5 08:06:57 usb: USB ext4 fs at /dev/sda1 mounted on /tmp/mnt/ENTWARE.
May  5 08:06:57 custom_script: Running /jffs/scripts/post-mount (args: /tmp/mnt/ENTWARE)
May  5 08:06:57 Entware: Starting Entware services on /tmp/mnt/ENTWARE
May  5 08:06:58 kernel: klogd: exiting
May  5 08:07:03 RT-AX56U reboot_scheduler: [timecheck] NTP sync error
May  5 08:07:08 RT-AX56U scMerlin: Waiting for NTP to sync...
May  5 08:07:33 RT-AX56U reboot_scheduler: [timecheck] NTP sync error
May  5 08:07:38 RT-AX56U scMerlin: Waiting for NTP to sync...

Might be missing something important so full reboot process log attached as file.

Also noticed that my Entware usb thumbdrive gets mounted faster with DNS server filled in WAN Settings page. If i remove DNS record and let Unbound do it things usb can stays unmounted for couple of minutes or even more... What's a devilry things going with my router :D

I really love the idea of Unbound and many thanks to Martineau for that, but i just can't figure out what causing this issues.

Also wondering how any problems with DNS can lead to not being able to obtain WAN ip address? Isn't it DHCP only thing?
Any thoughts on that? Where to dig?
Many other package handlers such as openwrt recommend listing your ntp servers as insecure inside unbound.conf. I honestly don't suspect this will help since Martineau makes unbound wait until ntp is set before unbound can start.
 

SomeWhereOverTheRainBow

Part of the Furniture
Hi all

Successfully installed unbound via amtm and everything is working good, but after every reboot i got "WAN Disconnected" and "Unbound not running" issues. Strange to notice every time i hit refresh on the WAN page it shows my WAN ip and connected status for milliseconds but then switch to disconnected again. WAN stays disconnected until i fill any DNS server in WAN settings page, once i give it a record and hit apply - WAN immediately connected to the internet and working. Since that all DNS queries being resolved through Cloudflare (in my case), not Unbound:

Bash:
[email protected]:/# nslookup www.snbforums.com
Server:    1.0.0.1
Address 1: 1.0.0.1 one.one.one.one

Name:      www.snbforums.com
Address 1: 188.114.99.144
Address 2: 2a06:98c1:3123:9000::

So the purpose of using Unbound is vanishing.

Removing DNS server from WAN settings page immediately leads to "WAN Disconnected", but after a several second it successfully connected and internet is working with DNS queries being resolved through Unbound:

Bash:
[email protected]:/# nslookup www.snbforums.com
Server:    127.0.0.1
Address 1: 127.0.0.1 localhost.localdomain

Name:      www.snbforums.com
Address 1: 188.114.99.144

Unbound config overview:

View attachment 41178


Checked syslog and didn't found any errors related to Unbound except it is not running :D

WAN related section below:

Bash:
May  5 08:05:05 lldpd[1872]: cannot get ethtool link information with GLINKSETTINGS (requires 4.9+): Operation not permitted
May  5 08:05:06 kernel: eth2: sysport_tm port shaper set to 99900 kbps (phy speed 100000 kbps)
May  5 08:05:06 kernel: eth2 (Ext switch port: 1) (Logical Port: 9) (phyId: 1) Link Up at 100 mbps full duplex
May  5 08:05:06 WAN_Connection: WAN(0) link down.
May  5 08:05:07 custom_script: Running /jffs/scripts/services-start
May  5 08:05:07 custom_script: Running /jffs/scripts/wan-event (args: 0 init)
May  5 08:05:07 custom_script: Running /jffs/scripts/wan-event (args: 0 connecting)
May  5 08:05:07 custom_script: Running /jffs/scripts/wan-event (args: 0 disconnected)
May  5 08:05:07 custom_script: Running /jffs/scripts/wan-event (args: 0 stopped)
May  5 08:05:07 kernel: SCSI subsystem initialized
May  5 08:05:07 scMerlin: Waiting for NTP to sync...
May  5 08:05:07 kernel: tfat: loading out-of-tree module taints kernel.
May  5 08:05:08 init: fwver: 386.5_2 (sn:M9IG32703231SEX /ha:F0:2F:74:B7:5A:68 )
May  5 08:05:09 kernel: scsi 0:0:0:0: Direct-Access     JetFlash Transcend 32GB   1100 PQ: 0 ANSI: 6
May  5 08:05:09 kernel: sd 0:0:0:0: [sda] 59725824 512-byte logical blocks: (30.6 GB/28.5 GiB)
May  5 08:05:09 kernel: sd 0:0:0:0: Attached scsi generic sg0 type 0
May  5 08:05:09 kernel: sd 0:0:0:0: [sda] Write Protect is off
May  5 08:05:09 kernel: sd 0:0:0:0: [sda] Write cache: enabled, read cache: enabled, doesn't support DPO or FUA
May  5 08:05:09 kernel: sd 0:0:0:0: [sda] Attached SCSI removable disk
May  5 08:05:10 kernel: eth0: sysport_tm port shaper set to 999000 kbps (phy speed 1000000 kbps)
May  5 08:05:10 kernel: eth0 (Int switch port: 0) (Logical Port: 0) (phyId: 8) Link Up at 1000 mbps full duplex
May  5 08:05:11 cfg_server:  event: wl_chanspec_changed_action
May  5 08:05:11 cfg_server: skip event due no re
May  5 08:05:12 custom_script: Running /jffs/scripts/wan-event (args: 0 connected)
May  5 08:05:12 custom_script: Running /jffs/scripts/nat-start
May  5 08:05:13 ntpMerlin: Sleeping for 5s to allow firewall/nat startup to be completed...
May  5 08:05:13 custom_script: Running /jffs/scripts/firewall-start (args: eth0)
May  5 08:05:13 wan: finish adding multi routes
May  5 08:05:13 rc_service: udhcpc 2678:notify_rc stop_ntpd
May  5 08:05:13 rc_service: udhcpc 2678:notify_rc start_ntpd
May  5 08:05:13 rc_service: waitting "stop_ntpd" via udhcpc ...
May  5 08:05:13 dm1try: loaded custom firewall rules from firewall-start script
May  5 08:05:13 custom_script: Running /jffs/scripts/service-event (args: stop ntpd)
May  5 08:05:13 (wg_firewall): 2781 Checking if WireGuard VPN Peer KILL-Switch is required.....
May  5 08:05:14 custom_script: Running /jffs/scripts/service-event (args: start ntpd)
May  5 08:05:14 ntpd: Started ntpd
May  5 08:05:15 roamast: ROAMING Start...
May  5 08:05:15 kernel: Archer TCP Pure ACK Enabled
May  5 08:05:15 dhcp_client: bound 178.140.137.25/255.255.240.0 via 178.140.125.6 for 3600 seconds.
May  5 08:05:16 custom_script: Running /jffs/scripts/pre-mount (args: /dev/sda1 ext4)
May  5 08:05:16 WAN_Connection: WAN was restored.
May  5 08:05:33 reboot_scheduler: [timecheck] NTP sync error
May  5 08:05:37 scMerlin: Waiting for NTP to sync...
May  5 08:06:03 reboot_scheduler: [timecheck] NTP sync error
May  5 08:06:07 scMerlin: Waiting for NTP to sync...
May  5 08:06:33 reboot_scheduler: [timecheck] NTP sync error
May  5 08:06:38 scMerlin: Waiting for NTP to sync...
May  5 08:06:57 amtm disk-check: NTP timeout (100s) reached, date is router default
May  5 08:06:57 amtm disk-check: Probing 'ext4' on device /dev/sda1
May  5 08:06:57 amtm disk-check: Running disk check v3.0, with command 'e2fsck -p' on /dev/sda1
May  5 08:06:57 amtm disk-check: Disk check done on /dev/sda1
May  5 08:06:57 usb: USB ext4 fs at /dev/sda1 mounted on /tmp/mnt/ENTWARE.
May  5 08:06:57 custom_script: Running /jffs/scripts/post-mount (args: /tmp/mnt/ENTWARE)
May  5 08:06:57 Entware: Starting Entware services on /tmp/mnt/ENTWARE
May  5 08:06:58 kernel: klogd: exiting
May  5 08:07:03 RT-AX56U reboot_scheduler: [timecheck] NTP sync error
May  5 08:07:08 RT-AX56U scMerlin: Waiting for NTP to sync...
May  5 08:07:33 RT-AX56U reboot_scheduler: [timecheck] NTP sync error
May  5 08:07:38 RT-AX56U scMerlin: Waiting for NTP to sync...

Might be missing something important so full reboot process log attached as file.

Also noticed that my Entware usb thumbdrive gets mounted faster with DNS server filled in WAN Settings page. If i remove DNS record and let Unbound do it things usb can stays unmounted for couple of minutes or even more... What's a devilry things going with my router :D

I really love the idea of Unbound and many thanks to Martineau for that, but i just can't figure out what causing this issues.

Also wondering how any problems with DNS can lead to not being able to obtain WAN ip address? Isn't it DHCP only thing?
Any thoughts on that? Where to dig?
Here is a script you can use at boot, it gets added by scmerlin:

 

SomeWhereOverTheRainBow

Part of the Furniture
Hi all

Successfully installed unbound via amtm and everything is working good, but after every reboot i got "WAN Disconnected" and "Unbound not running" issues. Strange to notice every time i hit refresh on the WAN page it shows my WAN ip and connected status for milliseconds but then switch to disconnected again. WAN stays disconnected until i fill any DNS server in WAN settings page, once i give it a record and hit apply - WAN immediately connected to the internet and working. Since that all DNS queries being resolved through Cloudflare (in my case), not Unbound:

Bash:
[email protected]:/# nslookup www.snbforums.com
Server:    1.0.0.1
Address 1: 1.0.0.1 one.one.one.one

Name:      www.snbforums.com
Address 1: 188.114.99.144
Address 2: 2a06:98c1:3123:9000::

So the purpose of using Unbound is vanishing.

Removing DNS server from WAN settings page immediately leads to "WAN Disconnected", but after a several second it successfully connected and internet is working with DNS queries being resolved through Unbound:

Bash:
[email protected]:/# nslookup www.snbforums.com
Server:    127.0.0.1
Address 1: 127.0.0.1 localhost.localdomain

Name:      www.snbforums.com
Address 1: 188.114.99.144

Unbound config overview:

View attachment 41178


Checked syslog and didn't found any errors related to Unbound except it is not running :D

WAN related section below:

Bash:
May  5 08:05:05 lldpd[1872]: cannot get ethtool link information with GLINKSETTINGS (requires 4.9+): Operation not permitted
May  5 08:05:06 kernel: eth2: sysport_tm port shaper set to 99900 kbps (phy speed 100000 kbps)
May  5 08:05:06 kernel: eth2 (Ext switch port: 1) (Logical Port: 9) (phyId: 1) Link Up at 100 mbps full duplex
May  5 08:05:06 WAN_Connection: WAN(0) link down.
May  5 08:05:07 custom_script: Running /jffs/scripts/services-start
May  5 08:05:07 custom_script: Running /jffs/scripts/wan-event (args: 0 init)
May  5 08:05:07 custom_script: Running /jffs/scripts/wan-event (args: 0 connecting)
May  5 08:05:07 custom_script: Running /jffs/scripts/wan-event (args: 0 disconnected)
May  5 08:05:07 custom_script: Running /jffs/scripts/wan-event (args: 0 stopped)
May  5 08:05:07 kernel: SCSI subsystem initialized
May  5 08:05:07 scMerlin: Waiting for NTP to sync...
May  5 08:05:07 kernel: tfat: loading out-of-tree module taints kernel.
May  5 08:05:08 init: fwver: 386.5_2 (sn:M9IG32703231SEX /ha:F0:2F:74:B7:5A:68 )
May  5 08:05:09 kernel: scsi 0:0:0:0: Direct-Access     JetFlash Transcend 32GB   1100 PQ: 0 ANSI: 6
May  5 08:05:09 kernel: sd 0:0:0:0: [sda] 59725824 512-byte logical blocks: (30.6 GB/28.5 GiB)
May  5 08:05:09 kernel: sd 0:0:0:0: Attached scsi generic sg0 type 0
May  5 08:05:09 kernel: sd 0:0:0:0: [sda] Write Protect is off
May  5 08:05:09 kernel: sd 0:0:0:0: [sda] Write cache: enabled, read cache: enabled, doesn't support DPO or FUA
May  5 08:05:09 kernel: sd 0:0:0:0: [sda] Attached SCSI removable disk
May  5 08:05:10 kernel: eth0: sysport_tm port shaper set to 999000 kbps (phy speed 1000000 kbps)
May  5 08:05:10 kernel: eth0 (Int switch port: 0) (Logical Port: 0) (phyId: 8) Link Up at 1000 mbps full duplex
May  5 08:05:11 cfg_server:  event: wl_chanspec_changed_action
May  5 08:05:11 cfg_server: skip event due no re
May  5 08:05:12 custom_script: Running /jffs/scripts/wan-event (args: 0 connected)
May  5 08:05:12 custom_script: Running /jffs/scripts/nat-start
May  5 08:05:13 ntpMerlin: Sleeping for 5s to allow firewall/nat startup to be completed...
May  5 08:05:13 custom_script: Running /jffs/scripts/firewall-start (args: eth0)
May  5 08:05:13 wan: finish adding multi routes
May  5 08:05:13 rc_service: udhcpc 2678:notify_rc stop_ntpd
May  5 08:05:13 rc_service: udhcpc 2678:notify_rc start_ntpd
May  5 08:05:13 rc_service: waitting "stop_ntpd" via udhcpc ...
May  5 08:05:13 dm1try: loaded custom firewall rules from firewall-start script
May  5 08:05:13 custom_script: Running /jffs/scripts/service-event (args: stop ntpd)
May  5 08:05:13 (wg_firewall): 2781 Checking if WireGuard VPN Peer KILL-Switch is required.....
May  5 08:05:14 custom_script: Running /jffs/scripts/service-event (args: start ntpd)
May  5 08:05:14 ntpd: Started ntpd
May  5 08:05:15 roamast: ROAMING Start...
May  5 08:05:15 kernel: Archer TCP Pure ACK Enabled
May  5 08:05:15 dhcp_client: bound 178.140.137.25/255.255.240.0 via 178.140.125.6 for 3600 seconds.
May  5 08:05:16 custom_script: Running /jffs/scripts/pre-mount (args: /dev/sda1 ext4)
May  5 08:05:16 WAN_Connection: WAN was restored.
May  5 08:05:33 reboot_scheduler: [timecheck] NTP sync error
May  5 08:05:37 scMerlin: Waiting for NTP to sync...
May  5 08:06:03 reboot_scheduler: [timecheck] NTP sync error
May  5 08:06:07 scMerlin: Waiting for NTP to sync...
May  5 08:06:33 reboot_scheduler: [timecheck] NTP sync error
May  5 08:06:38 scMerlin: Waiting for NTP to sync...
May  5 08:06:57 amtm disk-check: NTP timeout (100s) reached, date is router default
May  5 08:06:57 amtm disk-check: Probing 'ext4' on device /dev/sda1
May  5 08:06:57 amtm disk-check: Running disk check v3.0, with command 'e2fsck -p' on /dev/sda1
May  5 08:06:57 amtm disk-check: Disk check done on /dev/sda1
May  5 08:06:57 usb: USB ext4 fs at /dev/sda1 mounted on /tmp/mnt/ENTWARE.
May  5 08:06:57 custom_script: Running /jffs/scripts/post-mount (args: /tmp/mnt/ENTWARE)
May  5 08:06:57 Entware: Starting Entware services on /tmp/mnt/ENTWARE
May  5 08:06:58 kernel: klogd: exiting
May  5 08:07:03 RT-AX56U reboot_scheduler: [timecheck] NTP sync error
May  5 08:07:08 RT-AX56U scMerlin: Waiting for NTP to sync...
May  5 08:07:33 RT-AX56U reboot_scheduler: [timecheck] NTP sync error
May  5 08:07:38 RT-AX56U scMerlin: Waiting for NTP to sync...

Might be missing something important so full reboot process log attached as file.

Also noticed that my Entware usb thumbdrive gets mounted faster with DNS server filled in WAN Settings page. If i remove DNS record and let Unbound do it things usb can stays unmounted for couple of minutes or even more... What's a devilry things going with my router :D

I really love the idea of Unbound and many thanks to Martineau for that, but i just can't figure out what causing this issues.

Also wondering how any problems with DNS can lead to not being able to obtain WAN ip address? Isn't it DHCP only thing?
Any thoughts on that? Where to dig?


As @Martineau has said , make sure you have a dns address assignment for wandns1 and wandns 2 such as 1.1.1.1 and 1.0.0.1, or any other real world dns assignment of your choosing. The routers services rely on there being addresses here in order to function. Such as ntp to be set correctly, however once Unbound starts up, clients will use unbound. You have two things that must happen before unbound will start for clients , one of them is your USB which houses Entware must mount, and the second is your router's ntp must set. Both features rely on your router's clock being set. In order to do such, your router relies on the entries of WAN DNS 1 and WAN DNS 2, so these fields must not be blank. By the way, other services rely on ntp to be set such as skynet firewall addition , VPN services, and disk check mounting scripts of amtm.

Other wise just use IP addresses for your ntp server addresses and chalk this up as a dns missconfiguration since you want both fields blank.
 
Last edited:

Meshkoff

Occasional Visitor
Thank you guys, figured out that problem was with NTP right after wrote this post.

What I've done is just fill the NTP servers in Administration > Basic Config Page with IPs, not domains and that do the trick: WAN connected right after reboot.


restart_dnsmasq should enable unbound functionality

Unfortunately it wasn't:

Fill the DNS servers with Cloudflare IPs, reboot, wait till WAN get connected
Checking domain resolution > Cloudflare

Restarting dnsmasq service, done
Checking domain resolution > still Cloudflare
Unbound is running, but not doing its job all the time since.

Situation is the same as in first post, if DNS servers filled up in WAN settings page all DNS traffic goes through these servers, even with Unbound. Just wondering is it something wrong with my config or every newbie like me installing Unbound and not using it actually, even if its running fine, until decide to check nslookup output :D


Here is a script you can use at boot, it gets added by scmerlin:

Yea, got tick that mark.

since you want both fields blank

I don't, i think these fields can help if Unbound occasionally, for some reason stop working, like extra layer of DNS stability. But for now i need to leave this blank for Unbound to work after reboot.
 

SomeWhereOverTheRainBow

Part of the Furniture
Thank you guys, figured out that problem was with NTP right after wrote this post.

What I've done is just fill the NTP servers in Administration > Basic Config Page with IPs, not domains and that do the trick: WAN connected right after reboot.




Unfortunately it wasn't:

Fill the DNS servers with Cloudflare IPs, reboot, wait till WAN get connected
Checking domain resolution > Cloudflare

Restarting dnsmasq service, done
Checking domain resolution > still Cloudflare
Unbound is running, but not doing its job all the time since.

Situation is the same as in first post, if DNS servers filled up in WAN settings page all DNS traffic goes through these servers, even with Unbound. Just wondering is it something wrong with my config or every newbie like me installing Unbound and not using it actually, even if its running fine, until decide to check nslookup output :D




Yea, got tick that mark.



I don't, i think these fields can help if Unbound occasionally, for some reason stop working, like extra layer of DNS stability. But for now i need to leave this blank for Unbound to work after reboot.
Okay having them not blank doesn't mean that the router will use unbound, however clients should be using unbound. What is the concern if the "router" uses unbound though? You can confirm your clients are using unbound by going to dnsleaktest.com. So basically you breaking your routers chain of dns resolution is not a concern of unbound, but a matter of you setting your wan dns 1 and 2 blank. Think of it this way, before unbound starts. Who does your router talk to for dns, itself? Assuming your storage drive failed to mount because of corruption, you would essentially have no internet.
 
Last edited:

Meshkoff

Occasional Visitor
however clients should be using unbound

Wait... I was thinking that if router using public DNS so all my clients using the same.
But i've checked it here and realize that you're right.

https://www.dnsleaktest.com/

It still shows my WAN IP, even with Public DNS filled up on router.

Let me explain my config:
Router had Unbound up and running, also LAN > DNSFilter is turned on (Global Filter Mode > Router), so all DNS queries inside home network goes through Unbound.

After reboot Unbound can't establish a connection without time being synced (well know problem). Time can't being synced without DNS resolution.
So it is a classic recursive problem here.

I honestly don't suspect this will help since Martineau makes unbound wait until ntp is set before unbound can start.

I should test this, but if it correct statement, then if i wanna to be my router completely using Unbound (not only for clients, but for itself too) i must ended up with using NTP IPs instead of domains. No need working DNS to sync time on boot, ntpmerlin with ntp servers domains will handle all other ntp requests later. Don't know it is a good practice or not.
 
Last edited:

SomeWhereOverTheRainBow

Part of the Furniture
Wait... I was thinking that if router using public DNS so all my clients using the same.
But i've checked it here and realize that you're right.

https://www.dnsleaktest.com/

It still shows my WAN IP, even with Public DNS filled up on router.

Let me explain my config:
Router had Unbound up and running, also LAN > DNSFilter is turned on (Global Filter Mode > Router), so all DNS queries inside home network goes through Unbound.

After reboot Unbound can't establish a connection without time being synced (well know problem). Time can't being synced without DNS resolution.
So it is a classic recursive problem here.



I should test this, but if it correct statement, then if i wanna to be my router completely using Unbound (not only for clients, but for itself too) i must ended up with using NTP IPs instead of domains. No need working DNS to sync time on boot, ntpmerlin with ntp servers domains will handle all other ntp requests later. Don't know it is a good practice or not.
In the instance @chongnt describes, you would have a working dns in wan dns 1 and wan dns 2, the router uses itself for dns which means before unbound start it uses wandns1 and wan dns 2 for initial clock sync, then afterwards it switches to using unbound because in this instance you are forcing the router to always point back to its own loop back for dns. Once Unbound takes over, it does so as the only dns running on the loopback.
 

Meshkoff

Occasional Visitor
You may still have to go to GUI, under tools -> other settings -> Wan: Use local caching DNS server as system resolver (default: No) and change this to yes for router to use unbound.

Ahh, forgot about that, well hidden setting. Thanks for remind, now everything works as it should, no need for any workarounds.

Once Unbound takes over, it does so as the only dns running on the loopback

Yes, it working. Thanks you for you patience and clear explanation.


P.S. Thread marked as solved
 

raion969

Senior Member
i have the same problem

[✔] Swapfile=2097148 kB
[✔] DNS Filter=ON
[✔] DNS Filter=ROUTER
[✔] WAN: Use local caching DNS server as system resolver=NO
[✖] Warning Entware NTP Server 'S77ntpd' installed but not running?
[✔] Enable DNS Rebind protection=NO
[✔] Enable DNSSEC support=NO
Its always Etware NTP not running
 

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top