Unbound Gagal restart

Diskusi tentang Ubuntu Server baik webserver, database server, samba server dan service lainnya serta jaringan menggunakan Sistem Operasi Ubuntu.
Locked
User avatar
Ansanwan

Unbound Gagal restart

Post 17 Oct 2011, 13:10

mohon petunjuknya, saya baru pake ubuntu kmaren sih coba instal bind9 gak bisa2
skarang coba2 pake unbound terinstall, bind9 udah di remove n stop, npa msih juga unbound gagal direstart
dengan perngatan kayak gini

Image


User avatar
yudiarbi
Contact:
Contact yudiarbi

Post 17 Oct 2011, 16:39

bind9 nya masih nyangkut tuh, coba cek lagi service bind9-nya


User avatar
bulugading

Post 17 Oct 2011, 17:12

@ansanwan: isue gak bisanya pakai bind apa broe,


User avatar
Ansanwan

Post 18 Oct 2011, 08:28

@yudiarbi & bulugading, tulung gan bantu resolv unbound tersebut... mungkin bagaimana cara stop service bind9 sebelumnya atau mungkin diremove saja bind tersebut..

waktu itu sudah saya stop service bind bahkan sudah saya remove,, tapi portnya koq masih dipake ya? mohon bantuannya gan


User avatar
rafdinal

Post 16 Nov 2011, 19:54

@yudiarbi,,gimana command cek bind nya gann,,kebetulan unbound aku jg begitu...bind9 udah di remove
# sudo apt-get remove bind
# sudo apt-get purge bind
# sudo apt-get clean


User avatar
thrvers
Contact:
Contact thrvers

Post 16 Nov 2011, 22:19

'
q dulu pakai tutornya kak rh354, sampai sekarang masih baik2 :D [upgred sampai 11.10]

catatan penting dari sana: "... servis dns lainnya (bind/dnsmasq dll) harus di stop agar tidak bentrok)"


User avatar
rafdinal

Post 17 Nov 2011, 19:59

@thrvers,,gimana comand nya gann stop bind9/dnsmasq


User avatar
yudiarbi
Contact:
Contact yudiarbi

Post 18 Nov 2011, 14:41

kl 9.04 ke atas : service bind9 stop
jaga2 jika server restart, masukkan di /etc/rc.local
kalo mau sih diuninstal ajj, tp kl msh trial unbound cukup digitukan aj
kl 9.04 ke bawah : /etc/init.d/bind9 stop


User avatar
cbp
Contact:
Contact cbp

Post 24 Nov 2011, 10:17

di autoclean aja bind nya. Cek juga di command ps aux, masih ada bind ga disana.


User avatar
rafdinal

Post 24 Nov 2011, 12:32

@cbp,,command lengkap nya gimana untuk autoclean bind9???


User avatar
rangga_mone
Contact:
Contact rangga_mone

Post 04 Jul 2013, 08:14

root@putra:~# ps aux | grep bind
root 1625 0.0 0.0 3904 816 pts/0 S+ 09:05 0:00 grep --color=auto bind
root@putra:~# ps aux | grep bind
root 1627 0.0 0.0 3904 812 pts/0 S+ 09:05 0:00 grep --color=auto bind
root@putra:~#

udah di clean pake
rafdinal wrote: # sudo apt-get remove bind
# sudo apt-get purge bind
# sudo apt-get clean
plus sudo apt-get autoremove bind
sudo apt-get autoclean bind

tapi masih aja
Ansanwan wrote:
Image


trus gmn dunk ya?
mohon pencerahan


User avatar
rangga_mone
Contact:
Contact rangga_mone

Post 04 Jul 2013, 08:57

Code: Select all

root@     :~# /etc/init.d/unbound restart
 * Restarting recursive DNS server unbound
[1372902709] unbound[1646:0] error: bind: address already in use
[1372902709] unbound[1646:0] fatal error: could not open ports [fail]
uda dilakukan

Code: Select all

 
sudo apt-get autoremove bind9
sudo apt-get remove bind9
sudo apt-get purge bind9
sudo apt-get autoclean bind9
sudo apt-get clean bind9
ga ada yg ngaruh

Code: Select all

 
root@    :~# ps aux | grep bind
root      1652  0.0  0.0   3904   816 pts/0    S+   09:53   0:00 grep --color=auto bind
root@    :~# ps aux | grep bind
root      1654  0.0  0.0   3904   816 pts/0    S+   09:53   0:00 grep --color=auto bind
kira2 gimana ya ?
di resolv.conf sudah diganti

Code: Select all

# Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
#     DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
nameserver 127.0.0.1
di interfaces sudah diginiin

Code: Select all

 The primary network interface
auto eth0
iface eth0 inet static
        address 192.168.2.27
        netmask 255.255.255.0
        network 192.168.2.0
        broadcast 192.168.2.255
        gateway 192.168.2.1
        # dns-* options are implemented by the resolvconf package, if installed
#       dns-search xxxxxxxxx.net
#       dns-nameservers 8.8.8.8
        dns-nameservers 127.0.0.1
trus gmn supaya bind ga nyantol lagi ya??? mohon petunjuk


User avatar
q_p
Contact:
Contact q_p

Post 04 Jul 2013, 09:10

Boleh lihat isi file ?
  • /etc/unbound/unbound.conf
  • /etc/default/unbound
  • /etc/init.d/unbound

BTW, ini menggunakan ubuntu server 12.04 ?


User avatar
rangga_mone
Contact:
Contact rangga_mone

Post 04 Jul 2013, 10:38

you are the best Mas Pragola_Pati

/etc/unbound/unbound.conf
[spoiler]

Code: Select all

# Unbound configuration file for Debian.
#
# See the unbound.conf(5) man page.
#
# See /usr/share/doc/unbound/examples/unbound.conf for a commented
# reference config file.

#server:
    # The following line will configure unbound to perform cryptographic
    # DNSSEC validation using the root trust anchor.
 #   auto-trust-anchor-file: "/var/lib/unbound/root.key"
# Start DNS Conf
server:
verbosity: 1
statistics-interval: 120
statistics-cumulative: yes
num-threads: 1
interface: 0.0.0.0
outgoing-range: 512
num-queries-per-thread: 1024
msg-cache-size: 64m
rrset-cache-size: 32m
msg-cache-slabs: 4
rrset-cache-slabs: 4
cache-max-ttl: 86400
infra-host-ttl: 60
infra-lame-ttl: 120
infra-cache-numhosts: 10000
infra-cache-lame-size: 10k
do-ip4: yes
do-ip6: no
do-udp: yes
do-tcp: yes
do-daemonize: yes

access-control: 0.0.0.0/0 allow

chroot: "/etc/unbound"
username: "unbound"
directory: "/etc/unbound"
logfile: ""
use-syslog: no
pidfile: "/etc/unbound/unbound.pid"
root-hints: "/etc/unbound/named.cache"
identity: "DNS"
version: "1.4"
hide-identity: yes
hide-version: yes
harden-glue: yes

do-not-query-address: 127.0.0.1/8
do-not-query-localhost: yes
module-config: "iterator"

#zone localhost
local-zone: "localhost." static
local-data: "localhost. 10800 IN NS localhost."
local-data: "localhost. 10800 IN SOA localhost. nobody.invalid. 1 3600 1200 604800 10800"
local-data: "localhost. 10800 IN A 127.0.0.1"
local-zone: "127.in-addr.arpa." static
local-data: "127.in-addr.arpa. 10800 IN NS localhost."
local-data: "127.in-addr.arpa. 10800 IN SOA localhost. nobody.invalid. 2 3600 1200 604800 10800"
local-data: "1.0.0.127.in-addr.arpa. 10800 IN PTR localhost."

#zone iwinduarta.net
local-zone: "iwinduarta.net." static
local-data: "iwinduarta.net. 86400 IN NS ns1.iwinduarta.net."
local-data: "iwinduarta.net. 86400 IN SOA iwinduarta.net. hostmaster.iwinduarta.net. 3 3600 1200 604800 86400"
local-data: "iwinduarta.net. 86400 IN A 192.168.2.27"
local-data: "www.iwinduarta.net. 86400 IN A 192.168.2.27"
local-data: "ns1.iwinduarta.net. 86400 IN A 192.168.2.27"
local-zone: "2.168.192.in-addr.arpa." static
local-data: "2.168.192.in-addr.arpa. 10800 IN NS iwinduarta.net."
local-data: "2.168.192.in-addr.arpa. 10800 IN SOA iwinduarta.net. hostmaster.iwinduarta.net. 4 3600 1200 604800 864000"
local-data: "27.2.168.192.in-addr.arpa. 10800 IN PTR iwinduarta.net."

forward-zone:
name: "."
#forward-addr: 30.30.30.30
forward-addr: 202.134.0.155
forward-addr: 202.134.0.61
forward-addr: 203.130.193.74
forward-addr: 203.130.196.155
forward-addr: 202.134.1.5
forward-addr: 203.130.208.18
forward-addr: 8.8.8.8
forward-addr: 8.8.4.4

remote-control:
control-enable: yes
control-interface: 127.0.0.1
control-port: 953
server-key-file: "/etc/unbound/unbound_server.key"
server-cert-file: "/etc/unbound/unbound_server.pem"
control-key-file: "/etc/unbound/unbound_control.key"
control-cert-file: "/etc/unbound/unbound_control.pem"
# End DNS Conf
[/spoiler]

/etc/default/unbound
[spoiler]

Code: Select all

# If set, the unbound daemon will be started and stopped by the init script.
UNBOUND_ENABLE=true

# Whether to automatically update the root trust anchor file.
ROOT_TRUST_ANCHOR_UPDATE=true

# File in which to store the root trust anchor.
ROOT_TRUST_ANCHOR_FILE=/var/lib/unbound/root.key

# If set, the unbound init script will provide unbound's listening
# IP addresses as nameservers to resolvconf.
RESOLVCONF=true

# If set, resolvconf nameservers will be configured as forwarders
# to be used by unbound.
RESOLVCONF_FORWARDERS=true

#DAEMON_OPTS="-c /etc/unbound/unbound.conf"
[/spoiler]

/etc/init.d/unbound
[spoiler]

Code: Select all

#!/bin/sh

### BEGIN INIT INFO
# Provides:          unbound
# Required-Start:    $network $remote_fs $syslog
# Required-Stop:     $network $remote_fs $syslog
# Default-Start:     2 3 4 5
# Default-Stop:      0 1 6
### END INIT INFO

NAME=unbound
DESC="recursive DNS server"
DAEMON=/usr/sbin/unbound
PIDFILE="/var/run/unbound.pid"

test -x $DAEMON || exit 0
test -x ${DAEMON}-checkconf || exit 0

. /lib/lsb/init-functions

UNBOUND_ENABLE=true
ROOT_TRUST_ANCHOR_UPDATE=false
ROOT_TRUST_ANCHOR_FILE=/var/lib/unbound/root.key
RESOLVCONF=false
RESOLVCONF_FORWARDERS=false

if [ -f /etc/default/$NAME ]; then
    . /etc/default/$NAME
    case "x$UNBOUND_ENABLE" in
        xtrue|x1|xyes)
            UNBOUND_ENABLE=true
            ;;
        *)
            UNBOUND_ENABLE=false
            ;;
    esac
    case "x$ROOT_TRUST_ANCHOR_UPDATE" in
        xtrue|x1|xyes)
            ROOT_TRUST_ANCHOR_UPDATE=true
            ;;
        *)
            ROOT_TRUST_ANCHOR_UPDATE=false
            ;;
    esac
    case "x$RESOLVCONF" in
        xtrue|x1|xyes)
            RESOLVCONF=true
            ;;
        *)
            RESOLVCONF=false
    esac
    case "x$RESOLVCONF_FORWARDERS" in
        xtrue|x1|xyes)
            RESOLVCONF_FORWARDERS=true
            ;;
        *)
            RESOLVCONF_FORWARDERS=false
    esac
fi

do_resolvconf_start() {
    if $RESOLVCONF; then
        if [ -x /sbin/resolvconf ]; then
            unbound-checkconf -o interface | (
                default=yes
                while read interface; do
                    default=no
                    if [ "x$interface" = x0.0.0.0 -o "x$interface" = x127.0.0.1 ]; then
                        echo "nameserver 127.0.0.1"
                    elif [ "x$interface" = x::0 -o "x$interface" = x::1 ]; then
                        echo "nameserver ::1"
                    fi
                done
                if [ $default = yes ]; then
                    # unbound defaults to listening on localhost
                    echo "nameserver 127.0.0.1"
                fi
            ) | /sbin/resolvconf -a lo.unbound
        fi
    fi
}

do_resolvconf_stop() {
    if $RESOLVCONF; then
        if [ -x /sbin/resolvconf ]; then
            /sbin/resolvconf -d lo.unbound
        fi
    fi
}

case "$1" in
    start)
        if $UNBOUND_ENABLE; then
            if $ROOT_TRUST_ANCHOR_UPDATE; then
                unbound-anchor -a $ROOT_TRUST_ANCHOR_FILE -v 2>&1 | logger -p daemon.info -t unbound-anchor
                chown unbound:unbound $ROOT_TRUST_ANCHOR_FILE
            fi
            log_daemon_msg "Starting $DESC" "$NAME"
            if start-stop-daemon --start --quiet --oknodo --pidfile $PIDFILE --name $NAME --startas $DAEMON -- $DAEMON_OPTS; then
                do_resolvconf_start
                log_end_msg 0
            else
                log_end_msg 1
            fi
        else
            log_warning_msg "Not starting $DESC $NAME, disabled via /etc/default/$NAME"
        fi
        ;;

    stop)
        if $UNBOUND_ENABLE; then
            log_daemon_msg "Stopping $DESC" "$NAME"
            if start-stop-daemon --stop --quiet --oknodo --pidfile $PIDFILE --name $NAME; then
                do_resolvconf_stop
                log_end_msg 0
            else
                log_end_msg 1
            fi
        fi
        ;;

    restart|force-reload)
        if $UNBOUND_ENABLE; then
            log_daemon_msg "Restarting $DESC" "$NAME"
            start-stop-daemon --stop --quiet --pidfile $PIDFILE --name $NAME --retry 5
            do_resolvconf_stop
            if start-stop-daemon --start --quiet --oknodo --pidfile $PIDFILE --name $NAME --startas $DAEMON -- $DAEMON_OPTS; then
                do_resolvconf_start
                log_end_msg 0
            else
                log_end_msg 1
            fi
        fi
        ;;

    reload)
        if $UNBOUND_ENABLE; then
            log_daemon_msg "Reloading $DESC" "$NAME"
            if start-stop-daemon --stop --pidfile $PIDFILE --signal 1; then
                log_end_msg 0
            else
                log_end_msg 1
            fi
        fi
        ;;

    *)
        N=/etc/init.d/$NAME
        echo "Usage: $N {start|stop|restart|reload|force-reload}" >&2
        exit 1
        ;;
esac

exit 0;
[/spoiler]

ubuntu server 12.04

semoga terjadi pencerahan, masih merangkak dlm lebatnya hutan ubuntu

thx


User avatar
q_p
Contact:
Contact q_p

Post 04 Jul 2013, 11:24

Coba anda perhatikan link2 yang ada di file unbound.conf, hapus saja baris2 ini =

Code: Select all

chroot: "/etc/unbound"
directory: "/etc/unbound"
pidfile: "/etc/unbound/unbound.pid"
root-hints: "/etc/unbound/named.cache"
  • Hapus baris pidfile: "/etc/unbound/unbound.pid" karena tidak matching dengan file /etc/init.d/unbound

    Code: Select all

    PIDFILE="/var/run/unbound.pid"
  • Sebagai gantinya, tambahkan baris berikut di unbound.conf

    Code: Select all

    auto-trust-anchor-file: "/var/lib/unbound/root.key"
  • Sedangkan baris2 lainnya, secara default sudah seperti itu tanpa harus dideklarasikan
  • Check keberadaan file /etc/unbound/named.cache dengan perintah

    Code: Select all

    ls /etc/unbound | grep "named.cache"
    jika tidak ada anda harus men-download-nya
  • Hilangkan tanda pagar baris DAEMON_OPTS="-c /etc/unbound/unbound.conf" pada file /etc/default/unbound sehingga unbound berjalan dalam mode daemon
Pengaturan resolv.conf pada ubuntu 12.04 sudah tidak lagi pada file /etc/resolv.conf tetapi pada file /etc/resolvconf/resolv.conf.d/head. Edit file tsb, masukkan "search dan domain" anda di situ sehingga menjadi =

Code: Select all

# Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
#     DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
search 192.168.2.27
domain 192.168.2.27
Sedangkan pada file /etc/network/interfaces, edit menjadi seperti ini =

Code: Select all

# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).

# The loopback network interface
auto lo
iface lo inet loopback

auto eth0
iface eth0 inet static
        address 192.168.2.27
        netmask 255.255.255.0
        network 192.168.2.0
        broadcast 192.168.2.255
cmiiw


User avatar
rangga_mone
Contact:
Contact rangga_mone

Post 05 Jul 2013, 08:16

Pragola_Pati wrote: [*]Sebagai gantinya, tambahkan baris berikut di unbound.conf

Code: Select all

auto-trust-anchor-file: "/var/lib/unbound/root.key"
yang keluar ini Mas Pragola_Pati

Code: Select all

root@putra:/home/putra# /etc/init.d/unbound restart
 * Restarting recursive DNS server unbound   
/etc/unbound/var/lib/unbound/root.key: No such file or directory
[1372986568] unbound-checkconf[1773:0] fatal error: auto-trust-anchor-file: "/var/lib/unbound/root.key" does not exist in chrootdir /etc/unbound
[ OK ]
tanpa

Code: Select all

auto-trust-anchor-file: "/var/lib/unbound/root.key"
hasilnya

Code: Select all

root@putra:/home/putra# /etc/init.d/unbound restart
 * Restarting recursive DNS server unbound                               [ OK ]
hehehehehe....
uda beres mslh yang ini euyyyy, tenkyu

trus di squid.conf ga perlu dirubah kah DNS nya?


User avatar
q_p
Contact:
Contact q_p

Post 05 Jul 2013, 10:51

Tergantung dimana anda meletakkan root.key, konfigurasi-nya arahkan ke situ. Ada baiknya anda check lagi root.key yang di /var/lib/unbound/ ada atau tidak,

Code: Select all

# /var/lib/unbound | grep "root.key"
sesuaikan dengan konfigurasi /etc/default/unbound
Konfigurasi squid, bisa anda beri "ip-address local dns-server"

#
solved


Locked

Return to “Ubuntu Server”



Who is online

Users browsing this forum: No registered users and 98 guests