core icon indicating copy to clipboard operation
core copied to clipboard

Published 20 hours ago verified publisher icon opnsense

Unbound sometimes not updating IPV6 prefix for LAN interface

Open haarp opened this issue 1 year ago • 1 comments

Important notices

Before you add a new report, we ask you kindly to acknowledge the following:

  • [x] I have read the contributing guide lines at https://github.com/opnsense/core/blob/master/CONTRIBUTING.md
  • [x] I am convinced that my issue is new after having checked both open and closed issues at https://github.com/opnsense/core/issues?q=is%3Aissue

Describe the bug Hello.

I observe Unbound sometimes serving outdated records for the LAN interface of the firewall itself. This persists until Unbound is restarted manually, at which point it starts serving the correct record.

To Reproduce

Steps to reproduce the behavior:

  1. Have setup as described below
  2. Wait a few days, during which multiple WAN reconnects take place
  3. At one point, the firewall hostname doesn't resolve to correct IPv6 anymore

Expected behavior

Unbound records should be reliably kept up-to-date

Describe alternatives you considered

Screenshots

Relevant log files

The bug was triggered, igb0 (LAN) has IPv6: 2001:xxxx:b354:7300:xxxx:xxxx:xxxx:1440.

# dig @127.0.0.1 AAAA opnsense
;; ANSWER SECTION:
opnsense.	3600	IN	AAAA	fc00:bbbb:bbbb:bb01::1:6199
opnsense.	3600	IN	AAAA	fc00:bbbb:bbbb:bb01::3:38de
opnsense.	3600	IN	AAAA	fd0d:80ff:fc07:89::c8
opnsense.	3600	IN	AAAA	2001:xxxx:a022:5f43:xxxx:xxxx:xxxx:1440
opnsense.	3600	IN	AAAA	2001:xxxx:b37a:8400:xxxx:xxxx:xxxx:1440

-> Wrong (outdated) AAAA records being served. -> Manually restart Unbound ->

# dig @127.0.0.1 AAAA opnsense
;; ANSWER SECTION:
opnsense.	3600	IN	AAAA	fc00:bbbb:bbbb:bb01::1:6199
opnsense.	3600	IN	AAAA	fc00:bbbb:bbbb:bb01::3:38de
opnsense.	3600	IN	AAAA	fd0d:80ff:fc07:89::c8
opnsense.	3600	IN	AAAA	2001:xxxx:a022:5f43:xxxx:xxxx:xxxx:1440
opnsense.	3600	IN	AAAA	2001:xxxx:b354:7300:xxxx:xxxx:xxxx:1440

-> Note b37a:8400 now pointing to the new correct b354:7300. Also note the also-outdated a022:5f42 persisting.

Additional context

I occasionally see There were error(s) loading the rules: pfctl: DIOCADDRULENV: Device busy. Doubt it's related.

Environment

Software version used and hardware type if relevant, e.g.:

  • OPNsense 23.7.12 (amd64).
  • APU2D4
  • WAN is PPPoE on igb1 using DHCPv6 connected to a DSL modem, reconnects every 24h and gains a new IPv6 /56 each time
  • LAN is igb0 and using Track Interface on WAN.

Thanks!

haarp avatar Jan 25 '24 14:01 haarp

i faced some issue, fixed by changing extension from .mp3 -> .m4a. I dont know why but on ios mp3 doesnt work. On android it also NO issues with m4a.

Also make sure to grant permissions to write document directory on ios.

zhekaqq avatar Sep 17 '23 18:09 zhekaqq