
<HTML><HEAD></HEAD>

<BODY dir=ltr>

<DIV dir=ltr>

<DIV style="FONT-SIZE: 12pt; FONT-FAMILY: 'Calibri'; COLOR: #000000">

<DIV>Hi, </DIV>

<DIV>I have an issue with Unbound after upgrading Ubuntu from 17.10 to 18.4. 

</DIV>

<DIV>Currently Unbound doesn’t work and I receive message:</DIV>

<DIV> </DIV>

<DIV>ela@akacja:~$ sudo systemctl status unbound</DIV>

<DIV>● unbound.service - Unbound DNS server</DIV>

<DIV>   Loaded: loaded (/lib/systemd/system/unbound.service; enabled; 

vendor preset: enabled)</DIV>

<DIV>   Active: failed (Result: exit-code) since Sun 2018-04-29 

20:33:50 CEST; 23s ago</DIV>

<DIV>     Docs: man:unbound(8)</DIV>

<DIV>  Process: 14880 ExecStart=/usr/sbin/unbound -d $DAEMON_OPTS 

(code=exited, status=1/FAILURE)</DIV>

<DIV>  Process: 14856 ExecStartPre=/usr/lib/unbound/package-helper 

root_trust_anchor_update (code=exited,</DIV>

<DIV>  Process: 14846 ExecStartPre=/usr/lib/unbound/package-helper 

chroot_setup (code=exited, status=0/SU</DIV>

<DIV>Main PID: 14880 (code=exited, status=1/FAILURE)</DIV>

<DIV> </DIV>

<DIV>Apr 29 20:33:50 akacja systemd[1]: unbound.service: Service hold-off time 

over, scheduling restart.</DIV>

<DIV>Apr 29 20:33:50 akacja systemd[1]: unbound.service: Scheduled restart job, 

restart counter is at 5.</DIV>

<DIV>Apr 29 20:33:50 akacja systemd[1]: Stopped Unbound DNS server.</DIV>

<DIV>Apr 29 20:33:50 akacja systemd[1]: unbound.service: Start request repeated 

too quickly.</DIV>

<DIV>Apr 29 20:33:50 akacja systemd[1]: unbound.service: Failed with result 

'exit-code'.</DIV>

<DIV>Apr 29 20:33:50 akacja systemd[1]: Failed to start Unbound DNS 

server.</DIV>

<DIV> </DIV>

<DIV>Please advice what to do. </DIV>

<DIV>TIA</DIV>

<DIV> </DIV>

<DIV><U>my unbound.conf:</U></DIV>

<DIV>server:</DIV>

<DIV>     # Common Server Options</DIV>

<DIV>     chroot: ""</DIV>

<DIV>     directory: "/etc/unbound"</DIV>

<DIV>    # username: "nobody"</DIV>

<DIV>     port: 53</DIV>

<DIV>     do-ip4: yes</DIV>

<DIV>     do-ip6: no</DIV>

<DIV>     do-udp: yes</DIV>

<DIV>     do-tcp: yes</DIV>

<DIV>     so-reuseport: yes</DIV>

<DIV>     do-not-query-localhost: yes</DIV>

<DIV> </DIV>

<DIV>     # System Tuning</DIV>

<DIV>     include: "/etc/unbound/tuning.conf"</DIV>

<DIV> </DIV>

<DIV>     # Logging Options</DIV>

<DIV>     verbosity: 1</DIV>

<DIV>     use-syslog: yes</DIV>

<DIV>     log-time-ascii: yes</DIV>

<DIV>     log-queries: no</DIV>

<DIV> </DIV>

<DIV>     # Unbound Statistics</DIV>

<DIV>     statistics-interval: 0</DIV>

<DIV>     statistics-cumulative: yes</DIV>

<DIV>     extended-statistics: yes</DIV>

<DIV> </DIV>

<DIV>     # Prefetching</DIV>

<DIV>     prefetch: yes</DIV>

<DIV>     prefetch-key: yes</DIV>

<DIV> </DIV>

<DIV>     # Randomise any cached responses</DIV>

<DIV>     rrset-roundrobin: yes</DIV>

<DIV> </DIV>

<DIV>     # Privacy Options</DIV>

<DIV>     hide-identity: yes</DIV>

<DIV>     hide-version: yes</DIV>

<DIV>     qname-minimisation: yes</DIV>

<DIV>     minimal-responses: yes</DIV>

<DIV> </DIV>

<DIV>     # DNSSEC</DIV>

<DIV>     auto-trust-anchor-file: 

"/var/lib/unbound/root.key"</DIV>

<DIV>     val-permissive-mode: no</DIV>

<DIV>     val-clean-additional: yes</DIV>

<DIV>     val-log-level: 1</DIV>

<DIV> </DIV>

<DIV>     # Hardening Options</DIV>

<DIV>     harden-glue: yes</DIV>

<DIV>     harden-short-bufsize: no</DIV>

<DIV>     harden-large-queries: yes</DIV>

<DIV>     harden-dnssec-stripped: yes</DIV>

<DIV>     harden-below-nxdomain: yes</DIV>

<DIV>     harden-referral-path: yes</DIV>

<DIV>     harden-algo-downgrade: no</DIV>

<DIV>     use-caps-for-id: no</DIV>

<DIV> </DIV>

<DIV>     # Listen on all interfaces</DIV>

<DIV>     interface-automatic: yes</DIV>

<DIV>     interface: 0.0.0.0</DIV>

<DIV> </DIV>

<DIV>     # Allow access from everywhere</DIV>

<DIV>     access-control: 0.0.0.0/0 allow</DIV>

<DIV> </DIV>

<DIV>     # Bootstrap root servers</DIV>

<DIV>     root-hints: "/usr/share/dns/root.hints"</DIV>

<DIV> </DIV>

<DIV>     # Include DHCP leases</DIV>

<DIV>     #include: "/etc/unbound/dhcp-leases.conf"</DIV>

<DIV> </DIV>

<DIV>     # Include any forward zones</DIV>

<DIV>     #include: "/etc/unbound/forward.conf"</DIV>

<DIV> </DIV>

<DIV>remote-control:</DIV>

<DIV>     control-enable: yes</DIV>

<DIV>     control-use-cert: yes</DIV>

<DIV>     control-interface: 127.0.0.1</DIV>

<DIV>     server-key-file: 

"/etc/unbound/unbound_server.key"</DIV>

<DIV>     server-cert-file: 

"/etc/unbound/unbound_server.pem"</DIV>

<DIV>     control-key-file: 

"/etc/unbound/unbound_control.key"</DIV>

<DIV>     control-cert-file: 

"/etc/unbound/unbound_control.pem"</DIV>

<DIV> </DIV>

<DIV># Import any local configurations</DIV>

<DIV>#include: "/etc/unbound/local.d/*.conf"</DIV>

<DIV> </DIV>

<DIV><U></U> </DIV>

<DIV><U></U> </DIV>

<DIV><U></U> </DIV>

<DIV><U>and /etc/unbound/tuning.conf:</U></DIV>

<DIV> </DIV>

<DIV>num-threads: 1</DIV>

<DIV>so-reuseport: yes</DIV>

<DIV>infra-cache-slabs: 1</DIV>

<DIV>key-cache-slabs: 1</DIV>

<DIV>msg-cache-slabs: 1</DIV>

<DIV>rrset-cache-slabs: 1</DIV>

<DIV>rrset-cache-size: 64m</DIV>

<DIV>msg-cache-size: 32m</DIV>

<DIV>key-cache-size: 32m</DIV>

<DIV>outgoing-range: 8192</DIV>

<DIV>num-queries-per-thread: 4096</DIV>

<DIV>so-sndbuf: 4m</DIV>

<DIV>so-rcvbuf: 4m</DIV>

<DIV> </DIV>

<DIV> </DIV></DIV></DIV></BODY></HTML>