unbound.conf issue

Alexandre Froissard vrealist at icloud.com
Thu Aug 1 08:29:37 UTC 2024 

Hello everyone, I tried to configure Unbound for my home network but at the end of the config when I checked it with "unbound-checkconf unbound.conf" I get the following answer : afroissard at raspberrypi:/etc/unbound$ unbound-checkconf unbound.conf [1722498296] unbound-checkconf[4199:0] error: trust anchor presented twice [1722498296] unbound-checkconf[4199:0] error: could not parse auto-trust-anchor-file /var/lib/unbound/root.key line 2 [1722498296] unbound-checkconf[4199:0] error: error reading auto-trust-anchor-file: /var/lib/unbound/root.key [1722498296] unbound-checkconf[4199:0] error: validator: error in trustanchors config [1722498296] unbound-checkconf[4199:0] error: validator: could not apply configuration settings. [1722498296] unbound-checkconf[4199:0] fatal error: bad config for validator module afroissard at raspberrypi:/etc/unbound$ Unbound was working just fine just before I configured the unbound.conf. Information about my host config : afroissard at raspberrypi:/etc/unbound$ hostnamectl Static hostname: raspberrypi Icon name: computer Operating System: Ubuntu 24.04 LTS Kernel: Linux 6.8.0-1008-raspi Architecture: arm64 afroissard at raspberrypi:/etc/unbound$ Here is how I setup resolved.conf : DNS=127.0.0.1 #FallbackDNS= #Domains= DNSSEC=yes #DNSOverTLS=no #MulticastDNS=no #LLMNR=no #Cache=no-negative #CacheFromLocalhost=no DNSStubListener=no #DNSStubListenerExtra= #ReadEtcHosts=yes #ResolveUnicastSingleLabel=no #StaleRetentionSec=0 Here is how I setup unbound.conf : afroissard at raspberrypi:/etc/unbound$ cat /etc/unbound/unbound.conf include-toplevel: "/etc/unbound/unbound.conf.d/*.conf" server: # location of the trust anchor file that enables DNSSEC auto-trust-anchor-file: "/var/lib/unbound/root.key" # send minimal amount of information to upstream servers to enhance privacy qname-minimisation: yes # the interface that is used to connect to the network (this will listen to all interfaces) interface: 0.0.0.0 # interface: ::0 # addresses from the IP range that are allowed to connect to the resolver access-control: 192.168.1.0/26 allow # access-control: 2001:DB8/64 allow remote-control: # allows controling unbound using "unbound-control" control-enable: yes afroissard at raspberrypi:/etc/unbound$ I'm not sure if you have enough information to help me, if that's not the case I'll provide what you need. Thank you in advance for your help guys ! Kind regards, Alexandre
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nlnetlabs.nl/pipermail/unbound-users/attachments/20240801/942ecad1/attachment.htm>

More information about the Unbound-users mailing list