Unbound won't start on system boot

Thu Jun 12 20:01:37 UTC 2025

Still not starting on boot despite working with service settings.

defaults:

cat /usr/lib/systemd/system/unbound.service
[Unit]
Description=Unbound DNS server
Documentation=man:unbound(8)
After=network.target
Before=nss-lookup.target
Wants=nss-lookup.target

[Service]
Type=notify
Restart=on-failure
EnvironmentFile=-/etc/default/unbound
ExecStartPre=-/usr/libexec/unbound-helper chroot_setup
ExecStartPre=-/usr/libexec/unbound-helper root_trust_anchor_update
ExecStart=/usr/sbin/unbound -d -p $DAEMON_OPTS
ExecStopPost=-/usr/libexec/unbound-helper chroot_teardown
ExecReload=+/bin/kill -HUP $MAINPID

[Install]
WantedBy=multi-user.target

================

so it is already setup for After= but this is not enough.  So via

systemctl edit unbound.service

cat /etc/systemd/system/unbound.service.d/override.conf
[Unit]
StartLimitIntervalSec=30  # Allow restarts within a 30-second interval
StartLimitBurst=3         # Allow a maximum of 3 restarts within the 
interval

[Service]
RestartSec=10             # Wait 10 seconds before restarting

==========================

Yet, it fails on boot and this is what status reports:

× unbound.service - Unbound DNS server
      Loaded: loaded (/usr/lib/systemd/system/unbound.service; enabled; 
preset: enabled)
     Drop-In: /etc/systemd/system/unbound.service.d
              └─override.conf
      Active: failed (Result: exit-code) since Thu 2025-06-12 15:46:45 
EDT; 42s ago
        Docs: man:unbound(8)
     Process: 1055 ExecStartPre=/usr/libexec/unbound-helper chroot_setup 
(code=exited, status=0/SUCCESS)
     Process: 1057 ExecStartPre=/usr/libexec/unbound-helper 
root_trust_anchor_update (code=exited, status=0/SUCCESS)
     Process: 1060 ExecStart=/usr/sbin/unbound -d -p $DAEMON_OPTS 
(code=exited, status=1/FAILURE)
     Process: 1063 ExecStopPost=/usr/libexec/unbound-helper 
chroot_teardown (code=exited, status=0/SUCCESS)
    Main PID: 1060 (code=exited, status=1/FAILURE)
         CPU: 44ms

Jun 12 15:46:45 onlo systemd[1]: unbound.service: Scheduled restart job, 
restart counter is at 5.
Jun 12 15:46:45 onlo systemd[1]: unbound.service: Start request repeated 
too quickly.
Jun 12 15:46:45 onlo systemd[1]: unbound.service: Failed with result 
'exit-code'.
Jun 12 15:46:45 onlo systemd[1]: Failed to start unbound.service - 
Unbound DNS server.
Jun 12 15:46:45 onlo systemd[1]: unbound.service: Start request repeated 
too quickly.
Jun 12 15:46:45 onlo systemd[1]: unbound.service: Failed with result 
'exit-code'.
Jun 12 15:46:45 onlo systemd[1]: Failed to start unbound.service - 
Unbound DNS server.

=============================

restart works just fine from my login.

So why "restart counter is at 5."  And at first I tried 
StartLimitBurst=2.  I changed it to 3.  Note that it is only trying 2 times.

What am I missing here?

thanks

On 6/12/25 1:54 PM, Robert Moskowitz via ubuntu-users wrote:
>
>
> On 6/12/25 12:24 PM, Jeffrey Walton wrote:
>> On Thu, Jun 12, 2025 at 11:03 AM Robert Moskowitz via ubuntu-users
>> <ubuntu-users at lists.ubuntu.com> wrote:
>>> I am still fighting with local resolution.  That is a separate
>>> question.  But
>>>
>>> On reboot, unbound fails to start, but restarts just fine later. One
>>> google dig found:
>>>
>>> "The problem seems to relate to "nss-lookup", and I suspect that the
>>> network interface is not available fast enough"
>>>
>>> So put in your /etc/crontab
>>>
>>> @reboot     /bin/systemctl restart unbound
>>>
>>> !!!  that seems rather heavy-handed!
>>>
>>> So here is what status is showing after booting:
>>>
>>> × unbound.service - Unbound DNS server
>>>        Loaded: loaded (/usr/lib/systemd/system/unbound.service; 
>>> enabled;
>>> preset: enabled)
>>>        Active: failed (Result: exit-code) since Thu 2025-06-12 10:47:17
>>> EDT; 1min 31s ago
>>>          Docs: man:unbound(8)
>>>       Process: 1056 ExecStartPre=/usr/libexec/unbound-helper 
>>> chroot_setup
>>> (code=exited, status=0/SUCCESS)
>>>       Process: 1058 ExecStartPre=/usr/libexec/unbound-helper
>>> root_trust_anchor_update (code=exited, status=0/SUCCESS)
>>>       Process: 1061 ExecStart=/usr/sbin/unbound -d -p $DAEMON_OPTS
>>> (code=exited, status=1/FAILURE)
>>>       Process: 1064 ExecStopPost=/usr/libexec/unbound-helper
>>> chroot_teardown (code=exited, status=0/SUCCESS)
>>>      Main PID: 1061 (code=exited, status=1/FAILURE)
>>>           CPU: 43ms
>>>
>>> ================= later on restart:
>>>
>>> Jun 12 10:47:17 onlo systemd[1]: unbound.service: Scheduled restart 
>>> job,
>>> restart counter is at 5.
>>> Jun 12 10:47:17 onlo systemd[1]: unbound.service: Start request 
>>> repeated
>>> too quickly.
>>> Jun 12 10:47:17 onlo systemd[1]: unbound.service: Failed with result
>>> 'exit-code'.
>>> Jun 12 10:47:17 onlo systemd[1]: Failed to start unbound.service -
>>> Unbound DNS server.
>>> ● unbound.service - Unbound DNS server
>>>        Loaded: loaded (/usr/lib/systemd/system/unbound.service; 
>>> enabled;
>>> preset: enabled)
>>>        Active: active (running) since Thu 2025-06-12 10:49:20 EDT; 
>>> 27s ago
>>>          Docs: man:unbound(8)
>>>       Process: 1262 ExecStartPre=/usr/libexec/unbound-helper 
>>> chroot_setup
>>> (code=exited, status=0/SUCCESS)
>>>       Process: 1265 ExecStartPre=/usr/libexec/unbound-helper
>>> root_trust_anchor_update (code=exited, status=0/SUCCESS)
>>>      Main PID: 1267 (unbound)
>>>         Tasks: 1 (limit: 8175)
>>>        Memory: 8.3M (peak: 8.3M)
>>>           CPU: 88ms
>>>        CGroup: /system.slice/unbound.service
>>>                └─1267 /usr/sbin/unbound -d -p
>>>
>>> Jun 12 10:49:20 onlo systemd[1]: Starting unbound.service - Unbound DNS
>>> server...
>>> Jun 12 10:49:20 onlo (unbound)[1267]: unbound.service: Referenced but
>>> unset environment variable evaluates to an empty string: DAEMON_OPTS
>>> Jun 12 10:49:20 onlo unbound[1267]: [1267:0] notice: init module 0:
>>> subnetcache
>>> Jun 12 10:49:20 onlo unbound[1267]: [1267:0] warning: subnetcache:
>>> prefetch is set but not working for data originating from the subnet
>>> module cache.
>>> Jun 12 10:49:20 onlo unbound[1267]: [1267:0] notice: init module 1:
>>> validator
>>> Jun 12 10:49:20 onlo unbound[1267]: [1267:0] notice: init module 2: 
>>> iterator
>>> Jun 12 10:49:20 onlo unbound[1267]: [1267:0] info: start of service
>>> (unbound 1.19.2).
>>> Jun 12 10:49:20 onlo systemd[1]: Started unbound.service - Unbound DNS
>>> server.
>> <https://www.google.com/search?q=systemd+backoff+retry+start+service>
>
> this makes more sense, in this case, then using after=
>
> the advantage is, perhaps I add another service that causes problems?  
> This is a general, oops, try a bit later.
>
> thanks!
>
> One for the notes.
>
>
>