This is a problem that I have been trying to solve for months now. I have a FreeBSD router at home that is also running unbound(8) as a recursive DNS server for my local network. I have it set up with DNSSEC enabled and it is working flawlessly.
It is also set up to be the DNS server for the server itself so that all queries go through unbound.
This all works fine when unbound(8) is manually started after the server booted. I failed to configure unbound in a way that it would automatically start on boot, though. I have it enabled through the following line in my rc.conf as the install instructions described. Not really sure what the 'local' prefix is supposed to mean as no other service seems to have that but I did it anyway.
I thought that an issue might be the dependence to ntpd(8) where ntpd(8) would need unbound(8) to resolve the time server and unbound(8) would need ntpd(8) to set the time so server responses can be verified. I then changed the NTP server entries to their IP addresses and that didn't help either.
I also can't see any log entries after boot of unbound(8) failing to start but I might be looking in the wrong places...
Does anyone have an idea of what might be going on here?
I'm running 10.2-RELEASE-p12 and unbound 1.5.3.
Below is my unbound.conf:
It is also set up to be the DNS server for the server itself so that all queries go through unbound.
This all works fine when unbound(8) is manually started after the server booted. I failed to configure unbound in a way that it would automatically start on boot, though. I have it enabled through the following line in my rc.conf as the install instructions described. Not really sure what the 'local' prefix is supposed to mean as no other service seems to have that but I did it anyway.
Code:
local_unbound_enable="YES"
I also can't see any log entries after boot of unbound(8) failing to start but I might be looking in the wrong places...
Does anyone have an idea of what might be going on here?
I'm running 10.2-RELEASE-p12 and unbound 1.5.3.
Below is my unbound.conf:
Code:
server:
verbosity: 1
num-threads: 4
interface: 192.168.0.1
interface: 127.0.0.1
interface: 192.168.1.1
interface: 192.168.2.1
port: 53
msg-cache-size: 64m
rrset-cache-size: 128m
do-ip4: yes
do-ip6: yes
do-udp: yes
do-tcp: yes
do-daemonize: yes
access-control: 192.168.0.0/8 allow
access-control: 192.168.1.0/8 allow
access-control: 127.0.0.1 allow
chroot: "/var/unbound"
directory: "/var/unbound"
pidfile: "/var/run/local_unbound.pid"
prefetch: yes
python:
remote-control: