<div dir="ltr">I'll update the kernel to search for that option, running 3.10.10 atm.<div><br></div><div>Yes I have binds running on another 2 interfaces (that's one reason for not running 0.0.0.0, the other is: simple configure the only IPs for him to use that he needs only)</div>
</div><div class="gmail_extra"><br><br><div class="gmail_quote">On Thu, Jun 5, 2014 at 4:38 AM, W.C.A. Wijngaards <span dir="ltr"><<a href="mailto:wouter@nlnetlabs.nl" target="_blank">wouter@nlnetlabs.nl</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div class="">-----BEGIN PGP SIGNED MESSAGE-----<br>
Hash: SHA1<br>
<br>
Hi Filipe,<br>
<br>
</div>For me such a trace would end like this (with interface-automatic: yes):<br>
socket(PF_INET, SOCK_DGRAM, IPPROTO_IP) = 5<br>
setsockopt(5, SOL_SOCKET, SO_REUSEADDR, [1], 4) = 0<br>
setsockopt(5, SOL_IP, IP_MTU_DISCOVER, [0], 4) = 0<br>
bind(5, {sa_family=AF_INET, sin_port=htons(53),<br>
sin_addr=inet_addr("0.0.0.0")}, 16) = 0<br>
<br>
Notice the SO_REUSEADDR option. The trace you post is missing that.<br>
That must be a #ifdef SO_REUSEADDR that fails at compile time<br>
(services/listen_dnsport.c) ?<br>
<br>
In latest code there is a so-reuseport option for linux (very recent<br>
3.9) kernels. This option is really there to distribute queries over<br>
threads more easily, but it may also act like reuseaddr in some ways<br>
that you need.<br>
<br>
Also, something else is using port 53 somehow? Or does your system<br>
have secure-linux or something like that that prevents binding to this<br>
port by any old program?<br>
<br>
Best regards,<br>
Wouter<br>
<div class=""><br>
On 06/04/2014 11:32 PM, Filipe Cifali wrote:<br>
> Just installed -> <a href="http://pastebin.com/R8wLXrX7" target="_blank">http://pastebin.com/R8wLXrX7</a><br>
><br>
> Just tried w/ only interface-automatic: yes (no interface: ips)<br>
> and still same error.<br>
><br>
> Thanks for the help everyone btw.<br>
><br>
><br>
><br>
> On Wed, Jun 4, 2014 at 6:15 PM, W.C.A. Wijngaards<br>
</div><div class="">> <<a href="mailto:wouter@nlnetlabs.nl">wouter@nlnetlabs.nl</a> <mailto:<a href="mailto:wouter@nlnetlabs.nl">wouter@nlnetlabs.nl</a>>> wrote:<br>
><br>
> Hi Filipe,<br>
><br>
> On 06/04/2014 07:33 PM, Filipe Cifali wrote:<br>
>> On Wed, Jun 4, 2014 at 7:17 AM, Jarno Huuskonen<br>
</div>>> <<a href="mailto:jarno.huuskonen@uef.fi">jarno.huuskonen@uef.fi</a> <mailto:<a href="mailto:jarno.huuskonen@uef.fi">jarno.huuskonen@uef.fi</a>><br>
<div class="">><br>
>> Have you tested with interface-automatic: yes ?<br>
><br>
>> interface-automatic: yes works for me with keepalived managed<br>
>> vips (and interface: 0.0.0.0).<br>
><br>
>> -Jarno<br>
><br>
><br>
><br>
>> Yes, I have tested, which returned the message that I sent<br>
>> before:<br>
><br>
>> $ /usr/sbin/unbound -d -c /etc/unbound/unbound.conf [1401816527]<br>
>> unbound[19141:0] error: bind: address already in use<br>
>> [1401816527] unbound[19141:0] fatal error: could not open ports<br>
><br>
>> Which makes no sense (interface: 0.0.0.0) since there's nothing<br>
>> already runinng on 53<br>
><br>
> If you enable interface-automatic, the interface: statements are<br>
> ignored, the code uses 0.0.0.0 (and ::0 if ipv6 is enabled), and<br>
> the options should make it work. So if there is nothing running,<br>
> why does it fail? Use strace? (that shows trace of system calls).<br>
> Could it be that ipv4 works but the bind to ::0 for ipv6 somehow<br>
> fails? This is controlled with do-ip6.<br>
><br>
> Best regards, Wouter<br>
><br>
</div><div class="">> _______________________________________________ Unbound-users<br>
> mailing list <a href="mailto:Unbound-users@unbound.net">Unbound-users@unbound.net</a><br>
</div>> <mailto:<a href="mailto:Unbound-users@unbound.net">Unbound-users@unbound.net</a>><br>
<div class="">> <a href="http://unbound.nlnetlabs.nl/mailman/listinfo/unbound-users" target="_blank">http://unbound.nlnetlabs.nl/mailman/listinfo/unbound-users</a><br>
><br>
><br>
><br>
><br>
> -- [ ]'s<br>
><br>
> Filipe Cifali Stangler<br>
<br>
</div><div class="">-----BEGIN PGP SIGNATURE-----<br>
Version: GnuPG v1<br>
Comment: Using GnuPG with Thunderbird - <a href="http://www.enigmail.net/" target="_blank">http://www.enigmail.net/</a><br>
<br>
</div>iQIcBAEBAgAGBQJTkB5pAAoJEJ9vHC1+BF+NuwcP/ikSxBbBdeLMmvD3hGW1iztN<br>
yBf6xsSxlwtQdIcdxaweYBBWQEUKlLzGEzQoRr/Pz+695zYzAHjoy4i27H39jkI8<br>
MgDYeEKqFE+g9xB7ZZHyePLbNEP4TU/M1foG/laRfWhgQblL208ViXrz9zjeAXFR<br>
wvFKsDYdXuTzfQv9zDG7tj4uJo5Rb6XUQLHC/8fe0t/hW7v+senbenbxRk2x+tbf<br>
KUZtF6RG7F7A2Tt8Bv0W4i8Tmw8/2mBSeyBRa6n0LiH5hz+nvodvWLksFPez6qZu<br>
iSvUwyxQrk/H9TZSPqIyaq7k1+Bn1ACw/r2lWPYaex3hHfpEEqhUER2aMFAzkAM/<br>
iE+j8YfsOUl0p8x4i32p3V76u/UBKtHg0CeX5u2Bx/3b6PKcIoU9OrXdTlKaQvQ6<br>
j1s3frU/scp84grZFNKCkuw4rxRf+bOrv2jksD1gCnUXb5vv9hhw9WGuQXRn2AEP<br>
qZn8cR/bfiFfp6qdZSUSDfHab0DjuUyBhZPVy+3zw9XlntN0KJtfmtyGSR1Gh2Lk<br>
aIjfbbS5cZM7FP6xlG+mM1CTi78TNq0FH4LcAfMEXhXMbHOR+0lN+B9wgvAspsfr<br>
gzxRqhV1iXAz5mhiDF+75cBDJNQjIJ/bP5RrJ6bNj2/47XO6q6ZIYC+6ciWOEVPS<br>
WtauCXjH5qId9FiDLyn9<br>
=XY4t<br>
-----END PGP SIGNATURE-----<br>
</blockquote></div><br><br clear="all"><div><br></div>-- <br>[ ]'s<br><br>Filipe Cifali Stangler<br>
</div>