安装 Unbound 后
apt-get -y install unbound dnsutils
su -c "unbound-anchor -a /var/lib/unbound/root.key" - unbound
systemctl reload unbound
apt-get -y install resolvconf
echo "nameserver 127.0.0.1" >> /etc/resolvconf/resolv.conf.d/head
我无法正确启动它:
root@xyz:~/asdf# service unbound status
● unbound.service - Unbound DNS server
Loaded: loaded (/lib/systemd/system/unbound.service; enabled; vendor preset: enabled)
Active: activating (auto-restart) (Result: exit-code) since Fri 2017-12-29 13:59:49 CET; 81ms ago
Docs: man:unbound(8)
Process: 1676 ExecStart=/usr/sbin/unbound -d $DAEMON_OPTS (code=exited, status=1/FAILURE)
Process: 1670 ExecStartPre=/usr/lib/unbound/package-helper root_trust_anchor_update (code=exited, status=0/SUCCESS)
Process: 1665 ExecStartPre=/usr/lib/unbound/package-helper chroot_setup (code=exited, status=0/SUCCESS)
Main PID: 1676 (code=exited, status=1/FAILURE)
Dec 29 13:59:49 mail systemd[1]: unbound.service: Main process exited, code=exited, status=1/FAILURE
Dec 29 13:59:49 mail systemd[1]: unbound.service: Unit entered failed state.
Dec 29 13:59:49 mail systemd[1]: unbound.service: Failed with result 'exit-code'.
Hosts文件内容:
127.0.0.1 localhost
127.0.1.1 mail.xyz.de mail
::1 localhost ip6-localhost ip6-loopback
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
我真的很困惑那个错误。
编辑:journalctl -xe 输出(缩短):
Dec 29 16:01:04 mail systemd[1]: unbound-resolvconf.service: Unit entered failed state.
Dec 29 16:01:04 mail systemd[1]: unbound-resolvconf.service: Failed with result 'start-limit-hit'.
Dec 29 16:01:04 mail unbound[59226]: [1514559664] unbound[59226:0] error: can't bind socket: Cannot assign requested address for ::1
Dec 29 16:01:04 mail unbound[59226]: [1514559664] unbound[59226:0] fatal error: could not open ports
Dec 29 16:01:04 mail systemd[1]: unbound.service: Main process exited, code=exited, status=1/FAILURE
Dec 29 16:01:04 mail systemd[1]: unbound.service: Unit entered failed state.
Dec 29 16:01:04 mail systemd[1]: unbound.service: Failed with result 'exit-code'.
Dec 29 16:01:04 mail systemd[1]: unbound-resolvconf.service: Start request repeated too quickly.
Dec 29 16:01:04 mail systemd[1]: Failed to start Unbound DNS server via resolvconf.
-- Subject: Unit unbound-resolvconf.service has failed
编辑 2:Arno Ip 表也安装在系统上!
编辑 3:如果这与错误相关,则禁用 Ipv6。
net.ipv6.conf.all.disable_ipv6 = 1 net.ipv6.conf.default.disable_ipv6 = 1 net.ipv6.conf.lo.disable_ipv6 = 1 net.ipv6.conf.ens3.disable_ipv6 = 1
编辑 4:这是我通过 apt-get 安装后的 /etc/unbound/unbound.conf
# Unbound configuration file for Debian.
#
# See the unbound.conf(5) man page.
#
# See /usr/share/doc/unbound/examples/unbound.conf for a commented
# reference config file.
#
# The following line includes additional configuration files from the
# /etc/unbound/unbound.conf.d directory.
include: "/etc/unbound/unbound.conf.d/*.conf"
我将其改为:
server:
interface: 127.0.0.1
include: "/etc/unbound/unbound.conf.d/*.conf"
但它也不起作用 :/
答案1
错误消息表明禁用 IPv6 导致了该问题。
Dec 29 16:01:04 mail unbound[59226]: [1514559664] unbound[59226:0] error: can't bind socket: Cannot assign requested address for ::1
Dec 29 16:01:04 mail unbound[59226]: [1514559664] unbound[59226:0] fatal error: could not open ports
IPv6 确实不再是可选的。已经有一段时间了。当然,最好的办法是不要在系统上禁用 IPv6。
如果你因为某种原因不能这样做,那么检查你的未绑定的配置文件forinterface和control-interface指令指定 IPv6 地址并删除它们。请注意,for 默认control-interface会监听 127.0.0.1 和 ::1,因此如果您不想要 ::1,则必须明确指定它。