search

DNSCrypt / dnscrypt-server-docker

A Docker image for a non-censoring, non-logging, DNSSEC-capable, DNSCrypt-enabled DNS resolver
https://dnscrypt.info
ISC License
660 stars 134 forks source link

Unbound is not successfully binding to :553, binds to :53 instead, throws errors #27

Closed hdm closed 8 years ago

hdm commented 8 years ago

I am seeing the following in docker logs dnscrypt-server with the latest image:

ok: down: unbound: 0s, normally up, want up
ok: run: dnscrypt-wrapper: (pid 23) 300s
[NOTICE] Starting dnscrypt-proxy 1.7.0
[INFO] Generating a new session key pair
[INFO] Done
[INFO] Server certificate with serial #1472498639 received
[INFO] This certificate is valid
[INFO] Chosen certificate #1472498639 is valid from [2016-08-29] to [2016-08-30]
[INFO] Server key fingerprint is 01C7:7F90:75CD:6D04:0EDF:8C1C:FE8D:C820:08C6:83A6:4F26:3A85:3B00:0D05:3261:E833
sed: -e expression #5, char 16: unknown option to `s'
[1472498940] unbound[3406:0] error: can't bind socket: Address already in use for ::1
[1472498940] unbound[3406:0] fatal error: could not open ports
sed: -e expression #5, char 16: unknown option to `s'
[1472498941] unbound[3420:0] error: can't bind socket: Address already in use for ::1
[1472498941] unbound[3420:0] fatal error: could not open ports
sed: -e expression #5, char 16: unknown option to `s'
[1472498943] unbound[3434:0] error: can't bind socket: Address already in use for ::1
[1472498943] unbound[3434:0] fatal error: could not open ports
sed: -e expression #5, char 16: unknown option to `s'
[1472498944] unbound[3448:0] error: can't bind socket: Address already in use for ::1
[1472498944] unbound[3448:0] fatal error: could not open ports
sed: -e expression #5, char 16: unknown option to `s'
[1472498945] unbound[3462:0] error: can't bind socket: Address already in use for ::1
[1472498945] unbound[3462:0] fatal error: could not open ports
sed: -e expression #5, char 16: unknown option to `s'
[1472498947] unbound[3476:0] error: can't bind socket: Address already in use for ::1
[1472498947] unbound[3476:0] fatal error: could not open ports
sed: -e expression #5, char 16: unknown option to `s'
[1472498948] unbound[3490:0] error: can't bind socket: Address already in use for ::1
[1472498948] unbound[3490:0] fatal error: could not open ports

The dnscrypt-wrapper service appears to be receiving queries fine. The unbound service appears to be handling DNS requests on port 53, but dnscrypt-wrapper is trying to forward these to port 553, which unbound is not listening on.

hdm commented 8 years ago

The unbound daemon ends up listening on 53 and not bound to 553. Manually changing the dnscrypt-wrapper run script to point to 53 gets the system working, but doesn't resolve the scroll of errors in the console log.