# unbound does not display logs



## pavlar (Oct 9, 2019)

FreeBSD 12.0
My  unnbound's config

```
server:
chroot: ""
verbosity: 1
port: 53
interface: xxxxx
logfile: /var/log/unbound.log
log-queries: yes
outgoing-interface: xxxxxxx
access-control: xxxx/16 allow
access-control: xxxxxxx allow
do-ip4: yes
do-ip6: no
do-udp: yes
do-tcp: yes
username: unbound
#logfile: "unbound.log"
use-syslog: no
pidfile: "/var/run/local_unbound.pid"
hide-version: yes
interface: 0.0.0.0
interface: ::0
access-control: 2001:DB8::/64 allow

remote-control:
control-enable: yes
control-interface: 127.0.0.1
control-port: 953
server-key-file: "unbound_server.key"
server-cert-file: "unbound_server.pem"
control-key-file: "unbound_control.key"
control-cert-file: "unbound_control.pem"
```
unbound works correctly

```
drill freebsd.org
;; ->>HEADER<<- opcode: QUERY, rcode: NOERROR, id: 25362
;; flags: qr rd ra ; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;; freebsd.org.    IN    A

;; ANSWER SECTION:
freebsd.org.    3600    IN    A    96.47.72.84

;; AUTHORITY SECTION:

;; ADDITIONAL SECTION:

;; Query time: 147 msec
;; SERVER: 10.44.1.1
;; WHEN: Wed Oct  9 14:18:02 2019
;; MSG SIZE  rcvd: 45
```
but unbound.log is always free


----------



## SirDice (Oct 9, 2019)

pavlar said:


> but unbound.log is always free


You mean it always stays empty? What are the permissions on /var/log/unbound.log?


----------



## pavlar (Oct 9, 2019)

```
ls -l unbound.log 
-rw-r--r--  1 unbound  unbound  0 Oct  9 11:24 unbound.log
```


----------



## SirDice (Oct 9, 2019)

Did you restart the service after you made the changes to unbound.conf?


----------



## pavlar (Oct 9, 2019)

yes

```
service unbound restart
Stopping unbound.
Waiting for PIDS: 3885.
Obtaining a trust anchor...
Starting unbound.
```

/etc/unbound/unbound.log also constantly was empty


----------



## SirDice (Oct 9, 2019)

I should have asked earlier but are you using local-unbound(8) or dns/unbound? If you use the port/package version make sure you're modifying /usr/local/etc/unbound.conf, NOT /etc/unbound/unbound.conf.


----------



## SirDice (Oct 9, 2019)

Which begs the question, are you using local-unbound(8) or dns/unbound?


----------



## pavlar (Oct 9, 2019)

pkg info | grep unbound
unbound-1.9.3                  Validating, recursive, and caching DNS resolver


----------



## SirDice (Oct 9, 2019)

Ok,

```
service unbound stop
pkg delete unbound
sysrc -x unbound_enable
sysrc local_unbound_enable="YES"
service local_unbound start
```


----------



## pavlar (Oct 9, 2019)

```
root    2669    0.0  0.0 11016  2340  -  Is   10:22      0:00.00 /usr/sbin/moused -p /dev/ums0 -t auto -I /var/run/moused.ums0.pid
root    2682    0.0  0.0 10480  1440  -  Ss   10:22      0:00.01 /sbin/devd
unbound 3377    0.0  0.2 43292 29948  -  Ss   10:22      0:42.53 /usr/sbin/local-unbound -c /var/unbound/unbound.conf
```


```
ps aux
-------
root    3473    0.0  0.0 11372  2652  -  Is   10:22      0:00.04 /usr/sbin/syslogd -s
root    3543    0.0  0.0 11176  2456  -  Ss   10:22      0:01.18 /usr/local/sbin/rinetd
root    3608    0.0  0.1 19556  8504  -  Is   10:22      0:00.00 /usr/sbin/sshd
root    3616    0.0  0.0 11384  2620  -  Is   10:22      0:00.07 /usr/sbin/cron -s
root    3729    0.0  0.1 20204  9296  -  Is   11:15      0:00.02 sshd: pol [priv] (sshd)
pol     3732    0.0  0.1 20428  9364  -  S    11:15      0:01.21 sshd: pol@pts/0 (sshd)
unbound 3942    0.0  0.1 26660 12476  -  Is   12:06      0:00.01 /usr/local/sbin/unbound -c /usr/local/etc/unbound/unbound.conf
root    3666    0.0  0.0 10848  2264 v0  Is+  10:22      0:00.00 /usr/libexec/getty Pc ttyv0
root    3667    0.0  0.0 10848  2264 v1  Is+  10:22      0:00.00 /usr/libexec/getty Pc ttyv1
root    3668    0.0  0.0 10848  2264 v2  Is+  10:22      0:00.00 /usr/libexec/getty Pc ttyv2
root    3669    0.0  0.0 10848  2264 v3  Is+  10:22      0:00.00 /usr/libexec/getty Pc ttyv3
root    3670    0.0  0.0 10848  2264 v4  Is+  10:22      0:00.00 /usr/libexec/getty Pc ttyv4
root    3671    0.0  0.0 10848  2264 v5  Is+  10:22      0:00.00 /usr/libexec/getty Pc ttyv5
root    3672    0.0  0.0 10848  2264 v6  Is+  10:22      0:00.00 /usr/libexec/getty Pc ttyv6
root    3673    0.0  0.0 10848  2264 v7  Is+  10:22      0:00.00 /usr/libexec/getty Pc ttyv7
pol     3733    0.0  0.0 12004  3100  0  Is   11:15      0:00.00 -sh (sh)
root    3736    0.0  0.0 12068  3176  0  I    11:15      0:00.01 su
root    3737    0.0  0.0 13328  4096  0  S    11:15      0:00.03 _su (tcsh)
root    4463    0.0  0.0 11624  2856  0  R+   17:01      0:00.00 ps aux
```


----------



## SirDice (Oct 9, 2019)

Notice the differences?

```
unbound 3377 0.0 0.2 43292 29948 - Ss 10:22 0:42.53 /usr/sbin/local-unbound -c /var/unbound/unbound.conf
```
And

```
unbound 3942 0.0 0.1 26660 12476 - Is 12:06 0:00.01 /usr/local/sbin/unbound -c /usr/local/etc/unbound/unbound.conf
```

That's where you seem to have gone wrong. You were modifying local-unbound.conf(5) and starting the 'wrong' unbound(8) service.

There are two 'unbound' services, one comes with the OS itself, that's local-unbound(8). It's configuration file is /etc/unbound/unbound.conf. The other is dns/unbound. It's configuration file is /usr/local/etc/unbound.conf. The one that comes with the OS is started with `service local_unbound start`, the port version is started with `service unbound start`.


----------



## pavlar (Oct 9, 2019)

SirDice said:


> Ok,
> 
> ```
> service unbound stop
> ...


But my dns server is running with the settings /etс/unbound/unbound.conf.I can’t stop him. Better to disable /usr/local/etc/unbound.conf . he is not configured


----------



## SirDice (Oct 9, 2019)

pavlar said:


> But my dns server is running on the settings /etс/unbound/unbound.conf.


That's the configuration file for local-unbound(8).


----------



## pavlar (Oct 9, 2019)

SirDice said:


> That's the configuration file for local-unbound(8).


Then does it work?


----------



## SirDice (Oct 9, 2019)

Why wouldn't it? Just follow the instructions from post #9, kill any left over unbound processes. Then use `service local_unbound start`.


----------



## pavlar (Oct 9, 2019)

service unbound stop
pkg delete unbound
sysrc -x unbound_enable
sysrc local_unbound_enable="YES"
service local_unbound start
After that, settings /etc/unbound/unbound.conf  forwards etc will work? How can it be that I run "service unbound start"  *but starts "service local_unbound " ? *


----------



## SirDice (Oct 9, 2019)

pavlar said:


> After that, settings /etc/unbound/unbound.conf forwards etc will work?


Yes, just remember to use local-unbound(8) and local-unbound.conf(5).


----------



## pavlar (Oct 9, 2019)

Thank you very much. Everything is working 

```
ls -la unbound.log 
-rw-r--r--  1 unbound  unbound  139764 Oct  9 18:08 unbound.log
```


----------

