Hi Predrag, Thanks for taking a look, im running OpenBSD fns1.ogmaconnect.com 6.4 GENERIC.MP#364 amd64 It would appear that the killed message was due to insufficient memory on the machine, However the issue with rcctl start unbound still remains despite the increase of the ram on the vm
ok so it looks like you are getting the (timeout) when trying rcctl start unbound (I was getting this too) but if you try nohup unbound it will take about 30 seconds to load.... but it should run fine... the rcctl start when I look at the process list when I run rcctl start unbound it looks like the unbound-checkconf is called and then disappears from the process list after about 30 seconds, (and unbound its self doesnt start and we get a timeout message Im going to look at increasing the daemon timeout setting To see if that fixes the issue... On Thu, 25 Oct 2018 at 04:30, Predrag Punosevac <punoseva...@gmail.com> wrote: > > Tom Smyth wrote: > > > Hello all, > > unbound-checkconf "Killed" when cheking a large local zone config file > > rcctl start unbound fails because of the above command failing > > > > background > > > > we were migrating our dns filtering from one platform to openbsd > > so we have a basic unbound configuration file that loads another > > configuration file that contains zones for an educational institution > > to filter inappropiate sites for kids. > > the zone file is located below (89M) > > http://5.134.89.24/unboundlocalzone.conf > > the above file was loaded into /var/unbound/etc/ > > and then was included in the unbound.conf file using the include > > directive > > include: /var/unbound/etc/unboundlocalzone.conf > > > > when I run unbound-checkconf it runs for about 30 seconds and then > > i see a "Killed" message on the commandline > > > > I just run unbound-checkconf with your local zone file and I can't > reproduce your report > > oko# uname -a > OpenBSD oko.bagdala2.net 6.4 GENERIC.MP#364 amd64 > > oko# ls -l > total 183368 > -rw-r--r-- 1 root wheel 2366 Oct 24 23:03 unbound.conf > -rw-r--r-- 1 _unbound _unbound 93821046 Oct 24 23:00 unboundlocalzone.conf > > oko# head -10 unboundlocalzone.conf > > server: > local-zone: "000000000gratisporno.ontheweb.nl" redirect > local-data: "000000000gratisporno.ontheweb.nl A 5.134.89.24" > local-zone: "000000000sexe.free.fr" redirect > local-data: "000000000sexe.free.fr A 5.134.89.24" > local-zone: "00000nwebcamnow.com" redirect > local-data: "00000nwebcamnow.com A 5.134.89.24" > local-zone: "0000.1.free.fr" redirect > local-data: "0000.1.free.fr A 5.134.89.24" > local-zone: "000069.com" redirect > > > > oko# grep "include" unbound.conf > > include: "/var/unbound/etc/unboundlocalzone.conf" > > oko# unbound-checkconf > unbound-checkconf: no errors in /var/unbound/etc/unbound.conf > > > It did take good 30-45 seconds for my machine to parse the file. However > I was NOT able to start the unbound with your zone file due to the time > out error. > > oko# rcctl start unbound > unbound(timeout) > > > I have four cores and 16 GB of RAM on this machine. I can try > tomorrow at work on much more powerful machine with 64 GB of RAM. > > Cheers, > Predrag > > > > > > rcctl start unbound fails after about the same time and it woudl appear > > that the rcctl script calls unbound-checkconf before starting the > > unbound > > > > however running unbound or nohup unbound works fine.. > > to load that local zone into memory it takes about 4G of Ram, > > > > /var/log/messages is clear > > /var/log/daemon is clear > > > > > > > > > > > > -- > > Kindest regards, > > Tom Smyth > -- Kindest regards, Tom Smyth Mobile: +353 87 6193172 The information contained in this E-mail is intended only for the confidential use of the named recipient. If the reader of this message is not the intended recipient or the person responsible for delivering it to the recipient, you are hereby notified that you have received this communication in error and that any review, dissemination or copying of this communication is strictly prohibited. If you have received this in error, please notify the sender immediately by telephone at the number above and erase the message You are requested to carry out your own virus check before opening any attachment.