unbound.service fail to restart using minimal config file

[sunbearc22]

Describe the bug unbound.service runs w/o error when these 3 files are used:

root@DNS:/etc/unbound# cat unbound.conf
# Unbound configuration file for Debian.
#
# See the unbound.conf(5) man page.
#
# See /usr/share/doc/unbound/examples/unbound.conf for a commented
# reference config file.
#
# The following line includes additional configuration files from the
# /etc/unbound/unbound.conf.d directory.
include-toplevel: "/etc/unbound/unbound.conf.d/*.conf"
root@DNS:/etc/unbound# cat unbound.conf.d/remote-control.conf 
remote-control:
  control-enable: yes
  # by default the control interface is is 127.0.0.1 and ::1 and port 8953
  # it is possible to use a unix socket too
  control-interface: /run/unbound.ctl
root@DNS:/etc/unbound# cat unbound.conf.d/root-auto-trust-anchor-file.conf 
server:
    # The following line will configure unbound to perform cryptographic
    # DNSSEC validation using the root trust anchor.
    auto-trust-anchor-file: "/var/lib/unbound/root.key"

However, when these 3 files are removed and the content of /etc/unbound/unbound.conf contains

# unbound.conf(5) config file for unbound(8).
server:
    directory: "/etc/unbound"
    username: unbound
    # make sure unbound can access entropy from inside the chroot.
    # e.g. on linux the use these commands (on BSD, devfs(8) is used):
    #      mount --bind -n /dev/urandom /etc/unbound/dev/urandom
    # and  mount --bind -n /dev/log /etc/unbound/dev/log
    #chroot: "/etc/unbound"
    # logfile: "/etc/unbound/unbound.log"  #uncomment to use logfile.
    pidfile: "/etc/unbound/unbound.pid"
    # verbosity: 1      # uncomment and increase to get more logging.
    # listen on all interfaces, answer queries from the local subnet.
    interface: 0.0.0.0
    interface: ::0
    access-control: 10.0.0.0/8 allow
    #access-control: 2001:DB8::/64 allow

unbound.service fails to restart using service unbound restart. e.g.

root@DNS:/etc/unbound# service unbound restart
Job for unbound.service failed because the control process exited with error code.
See "systemctl status unbound.service" and "journalctl -xeu unbound.service" for details.
root@DNS:/etc/unbound# systemctl status unbound.service
× unbound.service - Unbound DNS server
     Loaded: loaded (/usr/lib/systemd/system/unbound.service; disabled; preset: enabled)
     Active: failed (Result: exit-code) since Mon 2024-10-28 16:01:59 UTC; 18s ago
   Duration: 50min 13.453s
       Docs: man:unbound(8)
    Process: 3385 ExecStartPre=/usr/libexec/unbound-helper chroot_setup (code=exited, status=0/SUCCESS)
    Process: 3388 ExecStartPre=/usr/libexec/unbound-helper root_trust_anchor_update (code=exited, status=0/SUCCESS)
    Process: 3391 ExecStart=/usr/sbin/unbound -d -p $DAEMON_OPTS (code=exited, status=1/FAILURE)
    Process: 3393 ExecStopPost=/usr/libexec/unbound-helper chroot_teardown (code=exited, status=0/SUCCESS)
   Main PID: 3391 (code=exited, status=1/FAILURE)
        CPU: 168ms

Oct 28 16:01:59 DNS systemd[1]: unbound.service: Scheduled restart job, restart counter is at 5.
Oct 28 16:01:59 DNS systemd[1]: unbound.service: Start request repeated too quickly.
Oct 28 16:01:59 DNS systemd[1]: unbound.service: Failed with result 'exit-code'.
Oct 28 16:01:59 DNS systemd[1]: Failed to start unbound.service - Unbound DNS server.

To reproduce Steps to reproduce the behavior: As described above.

Expected behavior No error should have occurred.

System:

• Unbound version: 1.19.2
• OS: Linux DNS 6.1.63 #218 SMP Thu Nov 30 20:48:04 CST 2023 aarch64 aarch64 aarch64 GNU/Linux in Ubuntu Server 24.04
• unbound -V output:

root@DNS::/etc/unbound# unbound -V
Version 1.19.2

Configure line: --build=aarch64-linux-gnu --prefix=/usr --includedir=${prefix}/include --mandir=${prefix}/share/man --infodir=${prefix}/share/info --sysconfdir=/etc --localstatedir=/var --disable-option-checking --disable-silent-rules --libdir=${prefix}/lib/aarch64-linux-gnu --runstatedir=/run --disable-maintainer-mode --disable-dependency-tracking --with-pythonmodule --with-pyunbound --enable-subnet --enable-dnstap --enable-systemd --enable-cachedb --with-libhiredis --with-libnghttp2 --with-chroot-dir= --with-dnstap-socket-path=/run/dnstap.sock --disable-rpath --with-pidfile=/run/unbound.pid --with-libevent --enable-tfo-client --with-rootkey-file=/usr/share/dns/root.key --disable-flto --enable-tfo-server
Linked libs: libevent 2.1.12-stable (it uses epoll), OpenSSL 3.0.13 30 Jan 2024
Linked modules: dns64 python cachedb subnetcache respip validator iterator
TCP Fastopen feature available

BSD licensed, see LICENSE in source package for details.
Report bugs to unbound-bugs@nlnetlabs.nl or https://github.com/NLnetLabs/unbound/issues

Additional information

[sunbearc22]

I commented out every line, followed by uncommenting each line until unbound.service failed to restart. I discovered that the line interface: 0.0.0.0 is the cause of the error. I can't figure out why 0.0.0.0 is causing the issue. Can someone guide me?

[sunbearc22]

Changes made to unbound.conf:

    chroot: ""
    username: "root"

Then I ran this command and discovered the issue:

root@DNS:/etc/unbound# unbound -d -vv -c /etc/unbound/unbound.conf
[1730176049] unbound[4263:0] notice: Start of unbound 1.19.2.
[1730176049] unbound[4263:0] error: can't bind socket: Address already in use for 0.0.0.0 port 53
[1730176049] unbound[4263:0] fatal error: could not open ports

Because Ubuntu Server 24.04.1 uses systemd, systemd-resolved.service is running by default which uses port 53 to listen for UDP packets on 127.0.0.53:53 to do DNS resolution. Consequently, setting unbound to use another port resolved the issue. E.g. I used : port: 5335.