that’s fine and should not have any effect
Yeah, understandable, but I’m not sure how to solve the issue where the system lags on curl and wget. Both are a bit over 5s.
1 Like
I will add into this that I have now had this on both a RPi3B+ and a VM install of Dietpi.
I followed some of the guidance and changed the DNS settings on the network settings in dietpi-config and removed the DNS entry for Pihole and this resolved the issue.
Restoring Pihole restored the issue.
I’m also using Pihole with Unbound. In Pihole, I changed the DNS from Unbound to Cloudlfare and it resolved the issue. Could the issue reside in Unbound?
Current version of Unbound from NLnetLabs is 1.17.1.
Current version in Dietpi is:
Package: unbound
Version: 1.13.1-1
Fair point. However, the fact that removing unboud from pihole seems to suggest that the issue with this is unbound related.
You can check DNS resolution directly with Unbound by using dig tool. Personally I had some case in past where Unbound was working fine, but for whatever reason some domain failed to be resolved.
@holocron
If you find time to test, could you try again with Unbound but changing a particular setting as discussed here?
1 Like
I changed that parameter as noted and restarted the system. When Pi-hole is set to use unbound only, I get the curl error.
If I add another DNS, such as Cloudflare in addition to the custom one for Unbound, or remove Unbound and just use Cloudflare, the cURL issue does not present.
UPDATE: Just for fun, I tried only adding Cloudflare for ipV6 and this did not correct the issue. It still timed out on cURL in the header.
hmm does it relate to IPv6?? Sorry for all the request but you are the only user who has this issue actually as we are not able to replicate the behaviour. If you don’t mind, can you try following to disable IPv6 on Unbound configuration. Adjust /etc/unbound/unbound.conf.d/dietpi.conf and change do-ip6: no Restart Unbound afterwards.
I realized after posting that that I already have ipv6 disabled.
also, i didn’t think I was the only one seeing this.
Let’s put it another way, you are the only one who is able to replicate the behavior on Unbound actually.
Can you check how DNS resolution looks like if you check Unbound directly from CLI
dig @127.0.0.1 -p 5335 dietpi.com
; <<>> DiG 9.16.37-Debian <<>> @127.0.0.1 -p 5335 dietpi.com
; (1 server found)
;; global options: +cmd
;; connection timed out; no servers could be reached
That’s what I get.
Ironically, if I add Cloudflare servers back, I get the same output from that check, but the cURL error doesn’t show up.
The check has nothing to do with PiHole. It’s going to target Unbound directly. Therefore, it doesn’t matter what has been set in PiHole. Even PiHole could be offline without any impact to Unbound.
Are you sure Unbound is working correctly? Looks like Unbound is not working at all. Can you check following
ss -tulpn | grep LISTEN
journalctl -u unbound.service
systemctl status unbound.service
Well, this isn’t ideal.
-- Journal begins at Mon 2023-03-20 12:14:46 EDT, ends at Mon 2023-03-20 19:18:13 EDT. --
Mar 20 12:14:51 DietPi-VM systemd[1]: Starting Unbound DNS server...
Mar 20 12:14:51 DietPi-VM unbound[414]: [414:0] error: failed to read /var/lib/unbound/root.key
Mar 20 12:14:51 DietPi-VM unbound[414]: [414:0] error: error reading auto-trust-anchor-file: /var/lib/unbound/root.key
Mar 20 12:14:51 DietPi-VM unbound[414]: [414:0] error: validator: error in trustanchors config
Mar 20 12:14:51 DietPi-VM unbound[414]: [414:0] error: validator: could not apply configuration settings.
Mar 20 12:14:51 DietPi-VM unbound[414]: [414:0] error: module init for module validator failed
Mar 20 12:14:51 DietPi-VM unbound[414]: [414:0] fatal error: failed to setup modules
Mar 20 12:14:51 DietPi-VM systemd[1]: unbound.service: Main process exited, code=exited, status=1/FAILURE
Mar 20 12:14:52 DietPi-VM systemd[1]: unbound.service: Failed with result 'exit-code'.
Mar 20 12:14:52 DietPi-VM systemd[1]: Failed to start Unbound DNS server.
Mar 20 12:14:52 DietPi-VM systemd[1]: unbound.service: Scheduled restart job, restart counter is at 1.
Mar 20 12:14:52 DietPi-VM systemd[1]: Stopped Unbound DNS server.
Mar 20 12:14:52 DietPi-VM systemd[1]: Starting Unbound DNS server...
Mar 20 12:14:52 DietPi-VM unbound[456]: [456:0] error: failed to read /var/lib/unbound/root.key
Mar 20 12:14:53 DietPi-VM unbound[456]: [456:0] error: error reading auto-trust-anchor-file: /var/lib/unbound/root.key
Mar 20 12:14:53 DietPi-VM unbound[456]: [456:0] error: validator: error in trustanchors config
Mar 20 12:14:53 DietPi-VM unbound[456]: [456:0] error: validator: could not apply configuration settings.
Mar 20 12:14:53 DietPi-VM unbound[456]: [456:0] error: module init for module validator failed
Mar 20 12:14:53 DietPi-VM unbound[456]: [456:0] fatal error: failed to setup modules
Mar 20 12:14:53 DietPi-VM systemd[1]: unbound.service: Main process exited, code=exited, status=1/FAILURE
Mar 20 12:14:53 DietPi-VM systemd[1]: unbound.service: Failed with result 'exit-code'.
Mar 20 12:14:53 DietPi-VM systemd[1]: Failed to start Unbound DNS server.
Mar 20 12:14:53 DietPi-VM systemd[1]: unbound.service: Scheduled restart job, restart counter is at 2.
Mar 20 12:14:53 DietPi-VM systemd[1]: Stopped Unbound DNS server.
Mar 20 12:14:53 DietPi-VM systemd[1]: Starting Unbound DNS server...
Mar 20 12:14:53 DietPi-VM unbound[534]: [534:0] error: failed to read /var/lib/unbound/root.key
Mar 20 12:14:53 DietPi-VM unbound[534]: [534:0] error: error reading auto-trust-anchor-file: /var/lib/unbound/root.key
Mar 20 12:14:53 DietPi-VM unbound[534]: [534:0] error: validator: error in trustanchors config
Mar 20 12:14:53 DietPi-VM unbound[534]: [534:0] error: validator: could not apply configuration settings.
Mar 20 12:14:53 DietPi-VM unbound[534]: [534:0] error: module init for module validator failed
Mar 20 12:14:53 DietPi-VM unbound[534]: [534:0] fatal error: failed to setup modules
Mar 20 12:14:53 DietPi-VM systemd[1]: unbound.service: Main process exited, code=exited, status=1/FAILURE
Mar 20 12:14:53 DietPi-VM systemd[1]: unbound.service: Failed with result 'exit-code'.
Mar 20 12:14:53 DietPi-VM systemd[1]: Failed to start Unbound DNS server.
Mar 20 12:14:54 DietPi-VM systemd[1]: unbound.service: Scheduled restart job, restart counter is at 3.
Mar 20 12:14:54 DietPi-VM systemd[1]: Stopped Unbound DNS server.
Mar 20 12:14:54 DietPi-VM systemd[1]: Starting Unbound DNS server...
Mar 20 12:14:54 DietPi-VM unbound[570]: [570:0] error: failed to read /var/lib/unbound/root.key
Mar 20 12:14:54 DietPi-VM unbound[570]: [570:0] error: error reading auto-trust-anchor-file: /var/lib/unbound/root.key
Mar 20 12:14:54 DietPi-VM unbound[570]: [570:0] error: validator: error in trustanchors config
Mar 20 12:14:54 DietPi-VM unbound[570]: [570:0] error: validator: could not apply configuration settings.
Mar 20 12:14:54 DietPi-VM unbound[570]: [570:0] error: module init for module validator failed
Mar 20 12:14:54 DietPi-VM unbound[570]: [570:0] fatal error: failed to setup modules
Mar 20 12:14:54 DietPi-VM systemd[1]: unbound.service: Main process exited, code=exited, status=1/FAILURE
Mar 20 12:14:54 DietPi-VM systemd[1]: unbound.service: Failed with result 'exit-code'.
Mar 20 12:14:54 DietPi-VM systemd[1]: Failed to start Unbound DNS server.
Mar 20 12:14:54 DietPi-VM systemd[1]: unbound.service: Scheduled restart job, restart counter is at 4.
Mar 20 12:14:54 DietPi-VM systemd[1]: Stopped Unbound DNS server.
Mar 20 12:14:54 DietPi-VM systemd[1]: Starting Unbound DNS server...
...skipping 1 line
Mar 20 12:14:54 DietPi-VM unbound[605]: [605:0] error: error reading auto-trust-anchor-file: /var/lib/unbound/root.key
Mar 20 12:14:54 DietPi-VM unbound[605]: [605:0] error: validator: error in trustanchors config
Mar 20 12:14:54 DietPi-VM unbound[605]: [605:0] error: validator: could not apply configuration settings.
Mar 20 12:14:54 DietPi-VM unbound[605]: [605:0] error: module init for module validator failed
Mar 20 12:14:54 DietPi-VM unbound[605]: [605:0] fatal error: failed to setup modules
Mar 20 12:14:54 DietPi-VM systemd[1]: unbound.service: Main process exited, code=exited, status=1/FAILURE
Mar 20 12:14:54 DietPi-VM systemd[1]: unbound.service: Failed with result 'exit-code'.
Mar 20 12:14:54 DietPi-VM systemd[1]: Failed to start Unbound DNS server.
Mar 20 12:14:54 DietPi-VM systemd[1]: unbound.service: Scheduled restart job, restart counter is at 5.
Mar 20 12:14:54 DietPi-VM systemd[1]: Stopped Unbound DNS server.
Mar 20 12:14:54 DietPi-VM systemd[1]: unbound.service: Start request repeated too quickly.
Mar 20 12:14:54 DietPi-VM systemd[1]: unbound.service: Failed with result 'exit-code'.
Mar 20 12:14:54 DietPi-VM systemd[1]: Failed to start Unbound DNS server.
● unbound.service - Unbound DNS server
Loaded: loaded (/lib/systemd/system/unbound.service; enabled; vendor preset: enabled)
Drop-In: /etc/systemd/system/unbound.service.d
└─dietpi.conf
Active: failed (Result: exit-code) since Mon 2023-03-20 12:14:54 EDT; 7h ago
Docs: man:unbound(8)
Process: 587 ExecStartPre=/usr/lib/unbound/package-helper chroot_setup (code=exited, status=0/SUCCESS)
Process: 598 ExecStartPre=/usr/lib/unbound/package-helper root_trust_anchor_update (code=exited, status=0/SUCCESS)
Process: 605 ExecStart=/usr/sbin/unbound -d -p $DAEMON_OPTS (code=exited, status=1/FAILURE)
Process: 611 ExecStopPost=/usr/lib/unbound/package-helper chroot_teardown (code=exited, status=0/SUCCESS)
Main PID: 605 (code=exited, status=1/FAILURE)
CPU: 69ms
Mar 20 12:14:54 DietPi-VM systemd[1]: unbound.service: Scheduled restart job, restart counter is at 5.
Mar 20 12:14:54 DietPi-VM systemd[1]: Stopped Unbound DNS server.
Mar 20 12:14:54 DietPi-VM systemd[1]: unbound.service: Start request repeated too quickly.
Mar 20 12:14:54 DietPi-VM systemd[1]: unbound.service: Failed with result 'exit-code'.
Mar 20 12:14:54 DietPi-VM systemd[1]: Failed to start Unbound DNS server.
I tried to reinstall and it failed.
#### Details:
- Date | Mon Mar 20 19:22:49 EDT 2023
- Bug report | 6cd8ccdf-f155-47c0-9332-8a40545c6b53
- DietPi version | v8.15.2 (MichaIng/master)
- Image creator | DietPi Core Team
- Pre-image | from scratch
- Hardware | Virtual Machine (x86_64) (ID=20)
- Kernel version | `Linux FuzzPi-VM 5.10.0-21-amd64 #1 SMP Debian 5.10.162-1 (2023-01-21) x86_64 GNU/Linux`
- Distro | bullseye (ID=6)
- Command | `systemctl restart unbound`
- Exit code | 1
- Software title | DietPi-Software
#### Steps to reproduce:
<!-- Explain how to reproduce the issue -->
1. ...
2. ...
#### Expected behaviour:
<!-- What SHOULD happen? -->
- ...
#### Actual behaviour:
<!-- What IS happening? -->
- ...
#### Extra details:
<!-- Please post any extra details that might help solve the issue -->
- ...
#### Additional logs:
I uninstalled and resinstalled with no issue. Then got the same errors as above.
can you check if the file is present
ls -la /var/lib/unbound/
1 Like
total 16
drwxr-xr-x 2 unbound unbound 4096 Mar 20 19:28 .
drwxr-xr-x 26 root root 4096 Mar 20 19:28 ..
-rw-r--r-- 1 root root 3314 Mar 20 19:28 root.hints
-rw-r--r-- 1 unbound unbound 758 Mar 20 19:28 root.key
ok the file is there, maybe corrupted. As it is part of Debian apt package, you could try to reinstall?
rm /var/lib/unbound/root.key
apt install --reinstall unbound
are you able to read the file??
cat /var/lib/unbound/root.key
3 Likes