- Fix #1317: Unbound starts too early. Add

  Wants=network-online.target under [Unit] in unbound.service.

diff --git a/contrib/unbound.service.in b/contrib/unbound.service.in
index 8a5d3b2b0189e829c3428f19678a7c3abb8642b3..a3a4bde16a70fd85be07ae40436daeae5ad91137 100644 (file)
--- a/contrib/unbound.service.in
+++ b/contrib/unbound.service.in
@@ -38,11 +38,17 @@
 ;   - `LockPersonality=yes` locks down the personality system call so that the
 ;     kernel execution domain may not be changed from the default.
 ;
+;   - With /etc/systemd/system/*.network a setting to make sure the network
+;     is not considered online too early, can reduce network unreachable
+;     errors on server start:
+;     [Link]
+;     RequiredForOnline=routable
 ;
 [Unit]
 Description=Validating, recursive, and caching DNS resolver
 Documentation=man:unbound(8)
 After=network-online.target
+Wants=network-online.target
 Before=nss-lookup.target
 
 [Install]

diff --git a/doc/Changelog b/doc/Changelog
index 6524e0b7deeabe8e40cf2037f870bfe04e439a01..2b26546a359167deb984e52b6f8c667db4339118 100644 (file)
--- a/doc/Changelog
+++ b/doc/Changelog
@@ -1,6 +1,8 @@
 21 August 2025: Wouter
        - Fix to check for extraneous command arguments for unbound-control,
          when the command takes no arguments but there are arguments present.
+       - Fix #1317: Unbound starts too early. Add
+         Wants=network-online.target under [Unit] in unbound.service.
 
 15 August 2025: Wouter
        - unbound-control cache_lookup +t allows tld and root names. And