Package: unbound Version: 1.6.0-2~bpo8+1 Severity: normal
Dear Maintainer, When using unbound 1.6.0-2~bpo8+1 (with matching libraries etc.), unbound seems to (at least partially) ignore the "interface:" setting in unbound.conf and unconditionally binds to 0.0.0.0:53 and :::53 . This prevents running another DNS server (such as nsd3 or knot) on a different logical interface (IP address). Using the interface option in unbound.conf works correctly in version 1.4.22-3+deb8u3, but of cause this requires staying on jessie. Here is the console output from starting 1.6.0-2~bpo8+1: root@xxxxx:~# /etc/init.d/unbound start [....] Starting DNS server: unbound[1511300849] unbound[13444:0] notice: Start of unbound 1.6.0. Nov 21 21:47:29 unbound[13444:0] debug: increased limit(open files) from 1024 to 4152 Nov 21 21:47:29 unbound[13444:0] debug: creating udp6 socket :: 53 Nov 21 21:47:29 unbound[13444:0] debug: creating tcp6 socket :: 53 Nov 21 21:47:29 unbound[13444:0] debug: creating udp4 socket 0.0.0.0 53 Nov 21 21:47:29 unbound[13444:0] debug: creating tcp4 socket 0.0.0.0 53 Nov 21 21:47:29 unbound[13444:0] debug: creating tcp6 socket ::1 8953 Nov 21 21:47:29 unbound[13444:0] debug: creating tcp4 socket 127.0.0.1 8953 Nov 21 21:47:29 unbound[13444:0] debug: switching log to syslog . ok And knot then refuses to start on specific IP addresses not listed in unbound.conf due to port 53 in use. And here is the similar output from 1.4.22-3+deb8u3: root@xxxxx:/etc/init.d# /etc/init.d/unbound start [....] Starting recursive DNS server: unbound[1511307121] unbound[15227:0] notice: Start of unbound 1.4.22. Nov 21 23:32:01 unbound[15227:0] debug: creating udp4 socket 10.xxx.xxx.xxx 53 Nov 21 23:32:01 unbound[15227:0] debug: creating tcp4 socket 10.xxx.xxx.xxx 53 Nov 21 23:32:01 unbound[15227:0] debug: creating udp6 socket 2xxx:xxxx:xxxx:xxxx::xxxx:xxxx 53 Nov 21 23:32:01 unbound[15227:0] debug: creating tcp6 socket 2xxx:xxxx:xxxx:xxxx::xxxx:xxxx 53 Nov 21 23:32:01 unbound[15227:0] debug: creating tcp6 socket ::1 8953 Nov 21 23:32:01 unbound[15227:0] debug: creating tcp4 socket 127.0.0.1 8953 Nov 21 23:32:01 unbound[15227:0] debug: switching log to syslog . ok And knot then starts fine and answers queries on its configured IP addresses while unbound answers queries on its IP addresses. -- System Information: Debian Release: 8.9 APT prefers oldstable-updates APT policy: (500, 'oldstable-updates'), (500, 'oldstable') Architecture: amd64 (x86_64) Kernel: Linux 3.16.0-4-amd64 (SMP w/1 CPU core) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: sysvinit (via /sbin/init) Versions of packages unbound depends on: ii adduser 3.113+nmu3 ii libc6 2.19-18+deb8u10 ii libevent-2.0-5 2.0.21-stable-2+deb8u1 ii libpython2.7 2.7.9-2+deb8u1 ii libssl1.0.0 1.0.2l-1~bpo8+1 ii openssl 1.0.2l-1~bpo8+1 ii unbound-anchor 1.6.0-2~bpo8+1 unbound recommends no packages. unbound suggests no packages. -- Configuration Files: /etc/default/unbound changed: DAEMON_OPTS="-v -v -v" /etc/init.d/unbound changed [summarized]: - Added this to the block at the top: # X-Start-Before: ntp exim4 clamav-freshclam spamassassin local-spfd - Added a command that copies unbound.conf from a shared location. - (1.4.22 only): Make the stop action not conditional on UNBOUND_ENABLE /etc/unbound/unbound.conf changed [extract below]: server: verbosity: 1 interface: 10.xxx.xxx.xxx interface: 2xxx:xxxx:xxxx:xxxx::xxxx:xxxx interface-automatic: no outgoing-interface: yyy.yyy.yyy.yyy outgoing-interface: 2yyy:yyyy:yyyy:yyyy::yyyy:yyyy -- no debconf information Enjoy Jakob -- Jakob Bohm, CIO, Partner, WiseMo A/S. https://www.wisemo.com Transformervej 29, 2860 Søborg, Denmark. Direct +45 31 13 16 10 This public discussion message is non-binding and may contain errors. WiseMo - Remote Service Management for PCs, Phones and Embedded