Unbound gibt falsche port an 8953

Help Deutschsprachige Hilfe
1

Servus :slight_smile: ich freue mich auf eure Hilfe :slight_smile:

Das bekomme ich bei der Ausführung von

sudo unbound -v
[1693208571] unbound[3341:0] notice: Start of unbound 1.13.1.
[1693208571] unbound[3341:0] error: can't bind socket: Address already in use for 127.0.0.1 port 8953
[1693208571] unbound[3341:0] error: cannot open control interface 127.0.0.1 8953
[1693208571] unbound[3341:0] fatal error: could not open ports

Ich habe Unbound nach diesen vorgaben installiert.

habe diesen Part in dem Link ausgeführt da bei mir aktive stand.!
( ich denke ich musste nur diese befehle ausführen. richtig oder musste ich Dateien öffnen und bearbeiten ? )

Disable resolvconf.conf entry for unbound (Required for Debian Bullseye+ releases)

Debian Bullseye+ releases auto-install a package called openresolv with a certain configuration that will cause unexpected behaviour for pihole and unbound. The effect is that the unbound-resolvconf.service instructs resolvconf to write unbound's own DNS service at nameserver 127.0.0.1 , but without the 5335 port, into the file /etc/resolv.conf. That /etc/resolv.conf file is used by local services/processes to determine DNS servers configured. You need to edit the configuration file and disable the service to work-around the misconfiguration.

Step 1 - Disable the Service

To check if this service is enabled for your distribution, run below one. It will show either active or inactive or it might not even be installed resulting in a could not be found message:

systemctl is-active unbound-resolvconf.service

To disable the service, run the statement below:

sudo systemctl disable --now unbound-resolvconf.service

Step 2 - Disable the file resolvconf_resolvers.conf

Disable the file resolvconf_resolvers.conf from being generated when resolvconf is invoked elsewhere.

sudo sed -Ei 's/^unbound_conf=/#unbound_conf=/' /etc/resolvconf.conf
sudo rm /etc/unbound/unbound.conf.d/resolvconf_resolvers.conf

Restart unbound.

sudo service unbound restart

sudo grep -v '#\|^$' -R /etc/unbound/unbound.conf*
/etc/unbound/unbound.conf:include-toplevel: "/etc/unbound/unbound.conf.d/*.conf"
/etc/unbound/unbound.conf.d/root-auto-trust-anchor-file.conf:server:
/etc/unbound/unbound.conf.d/root-auto-trust-anchor-file.conf:    auto-trust-anchor-file: "/var/lib/unbound/root.key"
/etc/unbound/unbound.conf.d/pi-hole.conf:server:
/etc/unbound/unbound.conf.d/pi-hole.conf:    verbosity: 0
/etc/unbound/unbound.conf.d/pi-hole.conf:    interface: 127.0.0.1
/etc/unbound/unbound.conf.d/pi-hole.conf:    port: 5335
/etc/unbound/unbound.conf.d/pi-hole.conf:    do-ip4: yes
/etc/unbound/unbound.conf.d/pi-hole.conf:    do-udp: yes
/etc/unbound/unbound.conf.d/pi-hole.conf:    do-tcp: yes
/etc/unbound/unbound.conf.d/pi-hole.conf:    do-ip6: no
/etc/unbound/unbound.conf.d/pi-hole.conf:    prefer-ip6: no
/etc/unbound/unbound.conf.d/pi-hole.conf:    harden-glue: yes
/etc/unbound/unbound.conf.d/pi-hole.conf:    harden-dnssec-stripped: yes
/etc/unbound/unbound.conf.d/pi-hole.conf:    use-caps-for-id: no
/etc/unbound/unbound.conf.d/pi-hole.conf:    edns-buffer-size: 1232
/etc/unbound/unbound.conf.d/pi-hole.conf:    prefetch: yes
/etc/unbound/unbound.conf.d/pi-hole.conf:    num-threads: 1
/etc/unbound/unbound.conf.d/pi-hole.conf:    so-rcvbuf: 1m
/etc/unbound/unbound.conf.d/pi-hole.conf:    private-address: 192.168.0.0/16
/etc/unbound/unbound.conf.d/pi-hole.conf:    private-address: 169.254.0.0/16
/etc/unbound/unbound.conf.d/pi-hole.conf:    private-address: 172.16.0.0/12
/etc/unbound/unbound.conf.d/pi-hole.conf:    private-address: 10.0.0.0/8
/etc/unbound/unbound.conf.d/pi-hole.conf:    private-address: fd00::/8
/etc/unbound/unbound.conf.d/pi-hole.conf:    private-address: fe80::/10


pi@raspberrypi:~ $ unbound-checkconf
unbound-checkconf: no errors in /etc/unbound/unbound.conf
pi@raspberrypi:~ $ sudo service unbound status
● unbound.service - Unbound DNS server
     Loaded: loaded (/lib/systemd/system/unbound.service; enabled; vendor preset: enabled)
     Active: active (running) since Mon 2023-08-28 09:52:40 CEST; 2min 33s ago
       Docs: man:unbound(8)
    Process: 4258 ExecStartPre=/usr/lib/unbound/package-helper chroot_setup (code=exited, status=0/SUCCESS)
    Process: 4261 ExecStartPre=/usr/lib/unbound/package-helper root_trust_anchor_update (code=exited, status=0/SUCCESS)
   Main PID: 4264 (unbound)
      Tasks: 1 (limit: 1595)
        CPU: 447ms
     CGroup: /system.slice/unbound.service
             └─4264 /usr/sbin/unbound -d -p

Aug 28 09:52:39 raspberrypi systemd[1]: Starting Unbound DNS server...
Aug 28 09:52:40 raspberrypi unbound[4264]: [4264:0] info: start of serv

infos

sudo pihole -v
  Pi-hole version is v5.17.1 (Latest: v5.17.1)
  AdminLTE version is v5.20.1 (Latest: v5.20.1)
  FTL version is v5.23 (Latest: v5.23)


pi@raspberrypi:~ $ cat /etc/os-release
PRETTY_NAME="Raspbian GNU/Linux 11 (bullseye)"
NAME="Raspbian GNU/Linux"
VERSION_ID="11"
VERSION="11 (bullseye)"
VERSION_CODENAME=bullseye
ID=raspbian
ID_LIKE=debian
HOME_URL="http://www.raspbian.org/"
SUPPORT_URL="http://www.raspbian.org/RaspbianForums"
BUG_REPORT_URL="http://www.raspbian.org/RaspbianBugs"
2

pihole -d

Token: https://tricorder.pi-hole.net/LfxiPGKj/

3

Du könntest mal in

/etc/unbound/unbound.conf.d/pi-hole.conf die auf 1 oder 2 setzen (verbosity: 1 oder verbosity: 2) und Dir den log file "/var/log/unbound/unbound.log" anschauen.

4 
sudo ss -tulpn '( sport = 8953 || sport = 5335 )'
Netid           State            Recv-Q            Send-Q                       Local Address:Port                       Peer Address:Port           Process                                      
udp             UNCONN           0                 0                                127.0.0.1:5335                            0.0.0.0:*               users:(("unbound",pid=8822,fd=3))           
tcp             LISTEN           0                 256                              127.0.0.1:5335                            0.0.0.0:*               users:(("unbound",pid=8822,fd=4))           
tcp             LISTEN           0                 256                              127.0.0.1:8953                            0.0.0.0:*               users:(("unbound",pid=8822,fd=5))  

journalctl -u unbound.service
-- Journal begins at Wed 2023-05-03 02:25:51 CEST, ends at Mon 2023-08-28 10:39:15 CEST. --
Aug 28 09:25:19 raspberrypi systemd[1]: Starting Unbound DNS server...
Aug 28 09:25:19 raspberrypi package-helper[12660]: /var/lib/unbound/root.key does not exist, copying from /usr/share/dns/root.key
Aug 28 09:25:19 raspberrypi unbound[12664]: [1693207519] unbound[12664:0] error: can't bind socket: Address already in use for ::1 port 53
Aug 28 09:25:19 raspberrypi unbound[12664]: [1693207519] unbound[12664:0] fatal error: could not open ports
Aug 28 09:25:19 raspberrypi systemd[1]: unbound.service: Main process exited, code=exited, status=1/FAILURE
Aug 28 09:25:19 raspberrypi systemd[1]: unbound.service: Failed with result 'exit-code'.
Aug 28 09:25:19 raspberrypi systemd[1]: Failed to start Unbound DNS server.
Aug 28 09:25:20 raspberrypi systemd[1]: unbound.service: Scheduled restart job, restart counter is at 1.
Aug 28 09:25:20 raspberrypi systemd[1]: Stopped Unbound DNS server.
Aug 28 09:25:20 raspberrypi systemd[1]: Starting Unbound DNS server...
Aug 28 09:25:20 raspberrypi unbound[12817]: [1693207520] unbound[12817:0] error: can't bind socket: Address already in use for ::1 port 53
Aug 28 09:25:20 raspberrypi unbound[12817]: [1693207520] unbound[12817:0] fatal error: could not open ports
Aug 28 09:25:20 raspberrypi systemd[1]: unbound.service: Main process exited, code=exited, status=1/FAILURE
Aug 28 09:25:20 raspberrypi systemd[1]: unbound.service: Failed with result 'exit-code'.
Aug 28 09:25:20 raspberrypi systemd[1]: Failed to start Unbound DNS server.
Aug 28 09:25:20 raspberrypi systemd[1]: unbound.service: Scheduled restart job, restart counter is at 2.
Aug 28 09:25:21 raspberrypi systemd[1]: Stopped Unbound DNS server.
Aug 28 09:25:21 raspberrypi systemd[1]: Starting Unbound DNS server...
Aug 28 09:25:21 raspberrypi unbound[12966]: [1693207521] unbound[12966:0] error: can't bind socket: Address already in use for ::1 port 53
Aug 28 09:25:21 raspberrypi unbound[12966]: [1693207521] unbound[12966:0] fatal error: could not open ports
Aug 28 09:25:21 raspberrypi systemd[1]: unbound.service: Main process exited, code=exited, status=1/FAILURE
Aug 28 09:25:21 raspberrypi systemd[1]: unbound.service: Failed with result 'exit-code'.
Aug 28 09:25:21 raspberrypi systemd[1]: Failed to start Unbound DNS server.
Aug 28 09:25:21 raspberrypi systemd[1]: unbound.service: Scheduled restart job, restart counter is at 3.
Aug 28 09:25:21 raspberrypi systemd[1]: Stopped Unbound DNS server.
Aug 28 09:25:21 raspberrypi systemd[1]: Starting Unbound DNS server...
Aug 28 09:25:21 raspberrypi unbound[13095]: [1693207521] unbound[13095:0] error: can't bind socket: Address already in use for ::1 port 53
Aug 28 09:25:21 raspberrypi unbound[13095]: [1693207521] unbound[13095:0] fatal error: could not open ports
Aug 28 09:25:21 raspberrypi systemd[1]: unbound.service: Main process exited, code=exited, status=1/FAILURE
Aug 28 09:25:21 raspberrypi systemd[1]: unbound.service: Failed with result 'exit-code'.
Aug 28 09:25:21 raspberrypi systemd[1]: Failed to start Unbound DNS server.
Aug 28 09:25:21 raspberrypi systemd[1]: unbound.service: Scheduled restart job, restart counter is at 4.
Aug 28 09:25:22 raspberrypi systemd[1]: Stopped Unbound DNS server.
Aug 28 09:25:22 raspberrypi systemd[1]: Starting Unbound DNS server...
Aug 28 09:25:22 raspberrypi unbound[13223]: [1693207522] unbound[13223:0] error: can't bind socket: Address already in use for ::1 port 53
Aug 28 09:25:22 raspberrypi unbound[13223]: [1693207522] unbound[13223:0] fatal error: could not open ports
Aug 28 09:25:22 raspberrypi systemd[1]: unbound.service: Main process exited, code=exited, status=1/FAILURE
Aug 28 09:25:22 raspberrypi systemd[1]: unbound.service: Failed with result 'exit-code'.
Aug 28 09:25:22 raspberrypi systemd[1]: Failed to start Unbound DNS server.
Aug 28 09:25:22 raspberrypi systemd[1]: unbound.service: Scheduled restart job, restart counter is at 5.
Aug 28 09:25:22 raspberrypi systemd[1]: Stopped Unbound DNS server.
Aug 28 09:25:22 raspberrypi systemd[1]: Starting Unbound DNS server...
Aug 28 09:25:22 raspberrypi unbound[13348]: [1693207522] unbound[13348:0] error: can't bind socket: Address already in use for ::1 port 53
Aug 28 09:25:22 raspberrypi unbound[13348]: [1693207522] unbound[13348:0] fatal error: could not open ports
Aug 28 09:25:22 raspberrypi systemd[1]: unbound.service: Main process exited, code=exited, status=1/FAILURE
Aug 28 09:25:22 raspberrypi systemd[1]: unbound.service: Failed with result 'exit-code'.
5

was hat es damit zu tun ?

wen es nach der Original Vorgabe von unbound - Pi-hole documentation auf 0 stehen soll

6

habe nun ein zweiten Raspberry eingerichtet gleiches problem es wird automatisch der port 8953 mit erstellt.

ich habe die Raspberry mit diesem installer erstellt https://www.raspberrypi.com/software/

Ich habe pihole mit diesem link erstellt curl -sSL https://install.pi-hole.net | bash

ich hab unbound mit diesem link erstellt unbound - Pi-hole documentation

welscher dieser links erstellt diesen port im background. ?

7

steht auf 1
wen ich es versuche zu öffnen mit nano /etc/unbound/unbound.log ist es leer.

8

Dieses Verhalten wird vermutlich durch Dein Betriebssystem verursacht:
In bestimmten debian-basierten Distros wurde bei der Installation von unbound zeitweilig der remote-control-Port 8953 durch die Paketverwaltung aktiviert (vgl. #991017 - unbound: remote-control port 127.0.0.1:8953 was opened to listen unexpectedly - Debian Bug report logs).

Abhilfe schafft hier erst die Installation einer anderen unbound-Version (ggf. als Backport).

Alternativ könntest Du versuchen, remote-control in Deiner /etc/unbound/unbound.conf.d/pi-hole.conf abzuschalten.

Dazu müsstest Du dieser Datei folgende Definition hinzufügen:

    # Disable remote-control
    remote-control:
        control-enable: no

Danach sollte unbound neu gestartet werden:

sudo systemctl restart unbound.service
1 Like
9

Servus Bucking danke Disable Remote control hat geholfen.

sudo ss -tulpn '( sport = 8953 || sport = 5335 )'
Netid      State       Recv-Q       Send-Q             Local Address:Port             Peer Address:Port      Process                                  
udp        UNCONN      0            0                      127.0.0.1:5335                  0.0.0.0:*          users:(("unbound",pid=10211,fd=3))      
tcp        LISTEN      0            256                    127.0.0.1:5335                  0.0.0.0:*          users:(("unbound",pid=10211,fd=4))

Es liegt es am (bullseye) 11 was ich ich von der offizielle Seite lade.
und erstelle die SD mit dem offiziellen installer von dieser seite https://www.raspberrypi.com/software/

wie ich oben bereits geschrieben habe ich habe ein zweiten raspberry installiert gleiches problem !

10

A post was merged into an existing topic: Richtiger Inhalt von resolv.conf?

11

6 posts were merged into an existing topic: Richtiger Inhalt von resolv.conf?

12

A post was split to a new topic: Richtiger Inhalt von resolv.conf?

13

A post was merged into an existing topic: Richtiger Inhalt von resolv.conf?

14

This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.