New Unbound User - Need help opening Port 53.

ub40 at mag3.co ub40 at mag3.co
Tue Sep 9 23:54:39 UTC 2025 

Hello all. I am new to Unbound. I have it installed on Ubuntu Server 
22.04 LTS, and I'm attempting to run it, but am having problems getting 
it to run. The primary error I get now is that it attempts to open a 
udp4 circuit on Port 53, but craps out, saying it cannot open the port.  
This, even after I disabled systemd-resolverd, etc., and I ensured 
nothing else was attempting to open the port.   The following are my 
support and config files, as well as logs on what happens when i try to 
run it.

1) My standard Unbound Config file - Attachment #1.

2) Log file:  "Systemctl Status systemd-resolved" command and result  - 
Attachment#2

3) Result of "ufw status" command before starting Unbound - Attachment#3

4) Netstat -tulnp | grep :53 result - showing that port 53 is not open.  
Attachment#4 -

5) Actual command to execute unbound and the resultant log/error 
messages - Attachment#5

Some  Notes:

1) In my test terminal window, I am logged in as "root."  I use "sudo -u 
unbound" before running the command so it runs as "unbound" and not 
"root," since most of the files it needs to access are owned by unbound 
and not root. But I wonder if that might be a factor in the process not 
being able to open port 53.

2) I do not use localhost (127.0.0.1) in the "interface" command of the 
config file. I use the machine's assigned local IP (197.185.29.10).  But 
I do recall switching to the hard IP(127.0.0.1) and it made no 
difference. The port did not open. And I also "allow" it in my 
access-control statements.

3) All stub resolvers including systemd-resolved are disabled.

4) It is an older version of Unbound (1.13.1) I know 1.23.1 is current. 
Might the older version be an issue?  My packae manager didn't have the 
most recent version. Only this one.If this is a concern, where can I get 
the updated pkg? I currently do not have "make" etc. installed so I 
can't build it at present.

5) I set "chroot = "" " if that means anything.

Hopefully, this is enough to get the discussion going. I appreciate any 
assistance offered.  If you need further info, please let me know and 
I'll produce it.

Thanks very much.

Regards,

Arnold.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nlnetlabs.nl/pipermail/unbound-users/attachments/20250909/fe0e717b/attachment.htm>
-------------- next part --------------
server:
	interface: 197.185.29.10
#	port: 53 
	access-control: 197.185.29.0/24 allow
	access-control: 127.0.0.1 allow
#	access-control: 0.0.0.0/0 deny
	access-control: ::/0 deny
	access-control: ::1 deny
	use-syslog: no
	prefer-ip6: no

	root-hints: /usr/local/etc/unbound/db.roots
	chroot: ""
#	username: ""
	verbosity: 2
	prefetch: yes
	logfile: /etc/unbound/log-main.log
	directory: /etc/unbound
	qname-minimisation: yes	
	auto-trust-anchor-file: "/var/lib/unbound/root.key"

forward-zone:

	name: "."
	forward-addr: 8.8.8.8
	forward-addr: 1.1.1.1
	forward-first: yes

 
-------------- next part --------------
systemd-resolved.service - Network Name Resolution
     Loaded: loaded (/lib/systemd/system/systemd-resolved.service; disabled; vendor preset: enabled)
     Active: inactive (dead)
       Docs: man:systemd-resolved.service(8)
             man:org.freedesktop.resolve1(5)
             https://www.freedesktop.org/wiki/Software/systemd/writing-network-configuration-managers
             https://www.freedesktop.org/wiki/Software/systemd/writing-resolver-clients
-------------- next part --------------
Status: active

To                         Action      From
--                         ------      ----
53/tcp                     ALLOW       Anywhere                  
53/udp                     ALLOW       Anywhere                  
53                         ALLOW       197.185.29.0/24          
53/tcp (v6)                ALLOW       Anywhere (v6)             
53/udp (v6)                ALLOW       Anywhere (v6)             

-------------- next part --------------
udp        0      0 0.0.0.0:5353            0.0.0.0:*                           1115/avahi-daemon:  
udp6       0      0 :::5353                 :::*                                1115/avahi-daemon:  
-------------- next part --------------
sudo -u unbound unbound -vv -c myunbound.conf > /home/mag3/ub.out
[1757283243] unbound[18616:0] notice: Start of unbound 1.13.1.
[1757283243] unbound[18616:0] debug: increased limit(open files) from 1024 to 4140
[1757283243] unbound[18616:0] debug: creating udp4 socket 197.185.29.10 53
[1757283243] unbound[18616:0] error: can't bind socket: Permission denied for 197.185.29.10 port 53 (len 16)
[1757283243] unbound[18616:0] fatal error: could not open ports

More information about the Unbound-users mailing list