[blfs-support] Unbound slow to start with recent kernels on some machines

Ken Moffat zarniwhoop at ntlworld.com
Sat Jun 2 14:02:39 PDT 2018

I've been seeing problems on some of my machines with recent kernels
(first noticed in 4.17-rc, but it also now happends in 4.16.4 or
later).  The problem is that instead of unbound taking a handful of
seconds to start (often, it is all-but immediate), on the affected
machines it now takes up to two and a half minutes.

Twice I tried bisecting kernel changes, but I think there is more
than one change involved. The identified change in 4.16.stable
appeared unrelated, and reverting it from what was then 4.16.currnet
did not help.  In 4.17 a merge commit got blamed, but I found the
details on google and reverting again made no difference.  Also at
one point in the bisection, after a 'bad' kernel I went back to a
kernel I had previously labelled as 'good' and that time it too was
very slow to boot.

I have, of course, attempted to compare the kernel configs for the
affected and unaffected machines, but I dropped a lot of items,
added a few more, and did not get any joy.

So, for the moment I'm offering a workaround (patch the bootscript,
if anybody uses systemd and unbound this will obviously not help).

This separates unbound-anchor from unbound, and adds some verbosity.
On the first boot after unbound is installed, the key file in /etc
will not be installed - give it a few seconds (maybe you will not be
affected!) and then key <Ctrl-C>.  You might need to key that twice,
and perhaps follow it by <enter>.

On the first boot, the modified bootscript will report FAILED for
the anchor, but unbound should then succeed (all-but immediately).
On subsequent boots there will be a report that the key file exists,
at that point key <Ctrl-C> etc again and both parts of the script
should report OK.

NB this applies to both previous and currnet versions of unbound.

              Keyboard not found, Press F1 to continue
-------------- next part --------------
On *some* of my machines, with 4.16.4 or later kernels unbound can take
up to two and a half minutes to start.  Adding this, and waiting until
it reports that the files in /etc exist or were added, <Ctrl-C>, or
at other times <Ctrl-C> <Ctrl-C>, or <Ctrl-C> <Ctrl-C> <enter> allows the
boot to procede.

diff -Naur blfs-bootscripts-20180105/blfs/init.d/unbound blfs-bootscripts-20180105-patched/blfs/init.d/unbound
--- blfs-bootscripts-20180105/blfs/init.d/unbound	2016-01-08 21:55:44.000000000 +0000
+++ blfs-bootscripts-20180105-patched/blfs/init.d/unbound	2018-06-01 01:50:26.837794366 +0100
@@ -29,7 +29,9 @@
 case "$1" in
       log_info_msg "Starting Unbound DNS resolver..."
-      unbound-anchor
+      unbound-anchor -vv
+      evaluate_retval
+      log_info_msg "Starting Unbound DNS resolver..."
       start_daemon /usr/sbin/unbound

More information about the blfs-support mailing list