Page 1 of 1

Use NAMED instead of UNBOUND for DNS

Posted: 13 Jul 2022 01:28
by cordeos
Is there any way to reconfigure EFA to let us continue using NAMED DNS service instead of UNBOUND.

This needed because our gateways are also setup for REVERSE DNS lookups for our email sending systems.
Getting UNBOUND to work reliably for REVERSE DNS is a huge pain, and our NAMED setup has worked perfectly for years.

We currently have NAMED installed and working... but recently eFA continually tries to restart UNBOUND and it ends up in a dead state since it is competing for port 53.

We also tried disabling recurvive DNS and disabling UNBOUND and setting the local IP for DNS but this didnt help. UNBOUND continues to be restarted by some eFA process. We also tried to completely remove UNBOUND, but it is a required package for eFA.

Has anyone else found a way to NOT use UNBOUND with eFA 4.0+?

Re: Use NAMED instead of UNBOUND for DNS

Posted: 13 Jul 2022 11:46
by shawniverson
Put your eFa into maintenance mode or modify the eFa-Monitor cron to exclude unbound.

Re: Use NAMED instead of UNBOUND for DNS

Posted: 14 Jul 2022 13:23
by cordeos
ok, i guess we could alter this line in /usr/sbin/eFa-Monitor-cron...

# Monitored Service Array (daemon=sysv)
MonitoredServices=("mysqld=mysqld" "MailScanner=mailscanner" "master=postfix" "httpd=httpd" "clamd=clamd@scan" "unbound=unbound" "dccifd=adcc" "MSMilter=msmilter")
to
# Monitored Service Array (daemon=sysv)
MonitoredServices=("mysqld=mysqld" "MailScanner=mailscanner" "master=postfix" "httpd=httpd" "clamd=clamd@scan" "named=named" "dccifd=adcc" "MSMilter=msmilter")

but we assumed this would be overwritten with most updates.

Re: Use NAMED instead of UNBOUND for DNS

Posted: 14 Jul 2022 14:35
by cordeos
The other related issue we are seeing is the server's /etc/hosts file keeps getting wiped and replaced with a default settings file, losing the few custom (but critical) host/IP entries we have.

We arent sure what has changed with eFA... Our stack of eFa 4.0 servers had been running completely solidly for 2-years without even one single issue the whole time but suddenly the past couple of months we seem to be having issue-after-issue with them.

Part of this must be because we recently implemented a wider more aggressive updating stance with DNF Automatic which is now updating eFA as well as other packages on a weekly basis.

Re: Use NAMED instead of UNBOUND for DNS

Posted: 16 Jul 2022 14:34
by shawniverson
Does your network definition include DNS entries? That may be why /etc/hosts is getting overwritten.

Re: Use NAMED instead of UNBOUND for DNS

Posted: 16 Jul 2022 14:45
by shawniverson
In the next update I'm going to separate the eFa-Monitor cron config and code so that we don't touch the monitor items entries. You will need to modify it one more time after this is done, so just be prepared for that.