Solved Unbound fails after update to 20.04

mehdi

I just bit the bullet and updated my 16.04 ubuntu to 18.04, then after a quick check that everything seemed to work, to 20.04.

After the update to 20.04, I have a problem with the Unbound service (in the cloudron Services page).

Relevant bit of the logs :

Jun 05 01:29:25 my.domain.net unbound[9806]: [1622849365] unbound[9806:0] error: can't bind socket: Address already in use for 127.0.0.1 port 53

This seems to be because there is named.service (which is BIND Domain Name Server) running on my server.

However, most apps seem to work (some did not work at first, but work after an app restart). I did not try stuff like dns of OpenVPN clients or stuff like that.

Did I miss something during my update? Or did I just have a weird install or something?

How can I fix it ? Can I just disable named ? Or do I have to do more complex stuff ?

girish

@mehdi You have to disable systemd-resolved. See https://docs.cloudron.io/guides/upgrade-ubuntu-18/#upgrading

mehdi

@girish I did that step during the upgrade to 18.04. This is not systemd-resolved which is running. It's another DNS server, named.

➜  ~ sudo systemctl status systemd-resolved
● systemd-resolved.service - Network Name Resolution
     Loaded: loaded (/lib/systemd/system/systemd-resolved.service; disabled; vendor preset: enabled)
     Active: inactive (dead)
       Docs: man:systemd-resolved.service(8)
             https://www.freedesktop.org/wiki/Software/systemd/resolved
             https://www.freedesktop.org/wiki/Software/systemd/writing-network-configuration-managers
             https://www.freedesktop.org/wiki/Software/systemd/writing-resolver-clients
➜  ~ sudo systemctl status named
● named.service - BIND Domain Name Server
     Loaded: loaded (/lib/systemd/system/named.service; enabled; vendor preset: enabled)
     Active: active (running) since Fri 2021-06-04 23:40:11 UTC; 22h ago
       Docs: man:named(8)
   Main PID: 693 (named)
      Tasks: 26 (limit: 19125)
     Memory: 171.2M
     CGroup: /system.slice/named.service
             └─693 /usr/sbin/named -f -u bind

Jun 05 19:28:36 my.zde.land named[693]: managed-keys-zone: Unable to fetch DNSKEY set '.': timed out
Jun 05 19:41:19 my.zde.land named[693]: managed-keys-zone: Active key 19036 for zone . unexpectedly mi>
Jun 05 19:41:19 my.zde.land named[693]: managed-keys-zone: Key 20326 for zone . is now trusted (accept>
Jun 05 20:28:46 my.zde.land named[693]: managed-keys-zone: Unable to fetch DNSKEY set '.': timed out
Jun 05 20:41:20 my.zde.land named[693]: managed-keys-zone: Active key 19036 for zone . unexpectedly mi>
Jun 05 20:41:20 my.zde.land named[693]: managed-keys-zone: Key 20326 for zone . is now trusted (accept>
Jun 05 21:28:56 my.zde.land named[693]: managed-keys-zone: Unable to fetch DNSKEY set '.': timed out
Jun 05 21:41:23 my.zde.land named[693]: managed-keys-zone: Active key 19036 for zone . unexpectedly mi>
Jun 05 21:41:23 my.zde.land named[693]: managed-keys-zone: Key 20326 for zone . is now trusted (accept>
Jun 05 22:29:07 my.zde.land named[693]: managed-keys-zone: Unable to fetch DNSKEY set '.': timed out

girish

@mehdi Ah, i see. Yes, systemd stop named and then systemd disable named. Then systemctl restart unbound should work. Not sure how named got installed in your system.

robi

@girish can things like this be added to a UI upgrade prep script that helps one upgrade smoothly?

girish

@robi the upgrade is pretty easy since it's all automated by Ubuntu. I think the question here is how named got in in the first place. Maybe it was like that before upgrade.

mehdi

@girish I don't know if it was installed before the upgrade, but it wasn't enabled, because unbound managed to run without problem

I'm not sure how it got there. It was supposed to be a clean Ubuntu 16.04. The only things I installed manually besides cloudron are basically ZSH and screen.

In any case, I marked this as solved, thanks !