Score:4

Understanding how Unbound listen on Port 53

ps flag

I have installed unbound on Debian Buster. Now I wonder why unbound listens 2 times on each Protocol.

netstat -tulpn

tcp        0      0 0.0.0.0:53              0.0.0.0:*               LISTEN      1150/unbound        
tcp        0      0 0.0.0.0:53              0.0.0.0:*               LISTEN      1150/unbound        
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      605/sshd: /usr/sbin 
tcp        0      0 127.0.0.1:8953          0.0.0.0:*               LISTEN      1150/unbound        
tcp6       0      0 :::22                   :::*                    LISTEN      605/sshd: /usr/sbin 
udp        0      0 0.0.0.0:53              0.0.0.0:*                           1150/unbound        
udp        0      0 0.0.0.0:53              0.0.0.0:*                           1150/unbound   

Can anyone help me understand this?

Score:6
us flag
Rob

Unbound uses the SO_REUSEPORT option to allow multiple/processes threads to share the same listening port.

SO_REUSEPORT(since Linux 3.9)

          Permits multiple AF_INET or AF_INET6 sockets to be bound
          to an identical socket address.  This option must be set
          on each socket (including the first socket) prior to
          calling bind(2) on the socket.  To prevent port hijacking,
          all of the processes binding to the same address must have
          the same effective UID.  This option can be employed with
          both TCP and UDP sockets.

          For TCP sockets, this option allows accept(2) load
          distribution in a multi-threaded server to be improved by
          using a distinct listener socket for each thread.  This
          provides improved load distribution as compared to
          traditional techniques such using a single accept(2)ing
          thread that distributes connections, or having multiple
          threads that compete to accept(2) from the same socket.

          For UDP sockets, the use of this option can provide better
          distribution of incoming datagrams to multiple processes
          (or threads) as compared to the traditional technique of
          having multiple processes compete to receive datagrams on
          the same socket.
Gill-Bates avatar
ps flag
Thanks! Why I don‘t see the same for ::1 ?
us flag
Rob
I can only guess, but does your `unbound.conf` configuration specify that IPv6 should be enabled with for example the `interface: ::0` and `do-ip6: yes` directives?
mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.