Fix Common Problems More Information


Squid

Recommended Posts

Invalid Certificate

 

If you have a custom SSL certificate, the "Subject: CN" of that certificate must match the [servername].[LocalTLD] settings of your server. If you use a custom wildcard cert, "Subject: CN" must be *.[LocalTLD]. Note that Unraid does not use the "Subject Alternative Name" fields.

 

If you get this warning in Unraid 6.9, you should fix it before upgrading to 6.10. In Unraid 6.10, invalid certificates are erased and replaced with self-signed certs that match [servername].[LocalTLD].

 

You can adjust your [servername] on the Settings -> Identification page and [LocalTLD] on Settings -> Management Access.

 

If you have any questions, post the full FCP warning and your diagnostics (from Tools -> Diagnostics) to this thread https://forums.unraid.net/topic/47266-plugin-ca-fix-common-problems 

Link to comment

Missing DNS entry for host / Wrong DNS entry for host

 

Your server’s full hostname is [servername].[LocalTLD], but when your server tries to do a DNS lookup for that hostname, it fails to resolve or returns the wrong IP address.

 

If the hostname resolves correctly for your clients (maybe they use a different DNS server?) then you can probably ignore this warning.
 

Otherwise, you should add/fix the DNS entry for the full hostname, or adjust your [servername] and/or [LocalTLD] settings to something that does resolve properly.

 

You can adjust your [servername] on the Settings -> Identification page and [LocalTLD] on Settings -> Management Access. You can change the DNS server that your server uses on Settings → Network Settings.

 

If you have any questions, post the full FCP warning and your diagnostics (from Tools -> Diagnostics) to this thread https://forums.unraid.net/topic/47266-plugin-ca-fix-common-problems 

Link to comment

Multiple NICs on the same IPv4 network

 

In most cases, two network interfaces should not be assigned to the same network; TCP/IP networking isn't meant to work that way. Even if things seem to work now, you could end up with problems down the road.

 

Go to Settings -> Network Settings and review each interface. Reconfigure as needed to ensure only one nic is connected to a given network. If the nics are setup with DHCP, a simpler solution would be to ensure that there is only one network cable plugged into your server, regardless of how many nics there are.

 

If you have any questions, or if the webgui doesn't show one of the nics mentioned in the FCP warning, post the full FCP warning and your diagnostics (from Tools -> Diagnostics) to this thread https://forums.unraid.net/topic/47266-plugin-ca-fix-common-problems 

 

  • Like 1
Link to comment

Complex bonding mode

 

If you have multiple nics in your system, by default Unraid will put them all in the same "active backup" bond. This is a convenience that lets you plug a network cable into any available nic and your system will get a network connection. This is a "simple" bond that requires no special configuration on your network switch.

 

Unraid also supports several complex bonds, but they require your network switch to be specifically configured to support the bond. If you you have configured your switch with the proper support you can ignore this warning, otherwise you should change back to an "active backup" bond.

 

Another option is to disable the bond and use your nics independently. If you do this, be sure that you do not assign both nics to the same network. Also be aware that a network bond has a unique MAC address, different from your physical nics. So if you turn bonding on or off you will likely get a different IP address from DHCP.

 

If you have any questions, post the full FCP warning and your diagnostics (from Tools -> Diagnostics) to this thread https://forums.unraid.net/topic/47266-plugin-ca-fix-common-problems 

 

Link to comment

Possible corruption on flash drive

 

Fix common problems tests the integrity of your flash drive by ensuring that certain required and guaranteed to exist files can be correctly read.  You will see this error if these files are missing and/or cannot be properly read.

 

Reasons for a corrupt flash drive could be:

  • Unclean shutdown caused by power failure, crashes etc when the server is possibly updating information on the flash drive
  • Defective flash drive (replace it)

 

It would probably be best to create a post in General Support and include your diagnostics for further investigation

 

NOTE: This is a relatively new test and there may be some false positives due to various configurations, plugins installed etc.  If a false positive is found, then the next release of Fix Common Problems will "whitelist" the configuration file.

 

If you have any questions, post the full FCP warning and your diagnostics (from Tools -> Diagnostics) to this thread https://forums.unraid.net/topic/47266-plugin-ca-fix-common-problems 

Link to comment

Community Applications - Your server requires internet access

 

 

Community Applications requires a properly functioning internet access in order to operate.

 

The most common solution for lack of internet access is to manually set up DNS addresses in your Server.  Go To Settings - Network Settings and assign at least two of your favourite DNS providers.  There are many DNS providers, but some commonly used addresses would be:

  • 208.67.222.222  (Open DNS)
  • 208.67.220.220  (Open DNS)
  • 8.8.8.8  (Google)
  • 8.8.4.4  (Google)

This problem is ultimately caused by your router not properly recognizing the server and performing the DNS lookups for you, so assigning the addresses works around the router's bug.

 

image.png

 

This error can also happen if the date and time on your server is significantly off.  Ensure that your date and time (Settings - Date and Time) is correct.  Assign ntp servers if necessary and reboot to apply the changes.

 

image.png

 

 

Other possibilities for this issue can be that you are operating piHole (or similar) or pfSense and the URLs that CA is attempting to access are being blocked.  These URLs include (but aren't limited to):  github.com, amazonaws.com, docker.com etc  You should white list those domains (or ideally whitelist the entire server).  Note that running your server's internet access through piHole isn't recommended at all because Unraid OS has no ads whatsoever to block, and piHole just introduces a whole other layer of complexity to your network that can be troublesome to solve.

 

Certain political jurisdictions (China) may also have further challenges involved in having CA gain access to those URLs.  There is information within the various Chinese threads here that will offer up solutions.

 

Lastly, if you are running your server and need a proxy for internet access, you would normally be modifying the "go" file on the flash drive to configure the system to access the proxy.  Because of how Community Applications works however an additional file / modification needs to be made.  See this post: https://forums.unraid.net/topic/38582-plug-in-community-applications/page/122/?tab=comments#comment-848436 for what file to change for the proxy setup.

 

If all else fails, then you should create a new thread within General Support detailing your problems and also including your diagnostics so that other users may be able to help.  (IE:  your problems may be a general network problem or configuration issue)

 

  • Like 1
Link to comment
  • 1 month later...

Unused Certificate

 

Your 6.9 server has SSL disabled ("Use SSL/TLS" is set to "no") but there is a certificate_bundle.pem certificate on your flash drive. We recommend that you delete this file before upgrading to 6.10 by opening a web terminal and typing:
  rm /boot/config/ssl/certs/certificate_bundle.pem

 

In Unraid 6.10, if that file exists then https will be enabled regardless of the "Use SSL/TLS" setting. This provides additional flexibility, for instance if you enable the optional Remote Access feature of the My Servers plugin, you will be able to use our Let's Encrypt certificate for Remote Access without also enabling it for Local Access.

 

The reason we recommend that you delete this file is to prevent any port conflicts when upgrading to 6.10, since when this file exists, nginx will listen on the "HTTPS port" regardless of the value of "Use SSL/TLS".

 

The "Use SSL/TLS" and "HTTPS port" settings can be found on Settings -> Management Access.

 

For more information about setting up SSL see:
  https://wiki.unraid.net/Manual/Security#Securing_webGui_connections_.28SSL.29 

 

If you have any questions, post the full FCP warning and your diagnostics (from Tools -> Diagnostics) to this thread https://forums.unraid.net/topic/47266-plugin-ca-fix-common-problems 

 

  • Like 3
Link to comment
  • 5 months later...

Jumbo Frames detected
 

You have configured a network interface with a non-standard MTU, aka Jumbo Frames. It is highly recommended that you navigate to Settings -> Network Settings and change the "Desired MTU" for each interface back to the default of 1500.  Modern networks see very little improvement from using Jumbo Frames, and they can cause significant problems if not setup properly across the entire network.
 

You can ignore this warning if you are confident everything is setup correctly, but if you have any kind of networking issue this should be the first thing you change. Some issues we have seen:

  • Unable to check for plugin updates or Docker container updates
  • Unable to provision or renew a Let's Encrypt certificate
  • Unable to automatically set the system time
  • The My Servers unraid-api is unable to connect to mothership
  • The network works intermittently 
     

For more technical details see https://netcraftsmen.com/just-say-no-to-jumbo-frames/ 
 

If you have any questions, post the full FCP warning and your diagnostics (from Tools -> Diagnostics) to this thread https://forums.unraid.net/topic/47266-plugin-ca-fix-common-problems 

 

Link to comment
  • 2 weeks later...

The main network interface is not eth0


eth0 does not have a valid IP address, but another interface does. Unraid works best when the main network interface for the system is eth0, but this system does not appear to be setup that way. 

 

We recommend that you navigate to Settings -> Network Settings -> Interface Rules and adjust the settings until the main network interface is configured as eth0.

 

To be safe, you should make a backup of your flash drive first, from Main -> Boot Device -> Flash -> Flash Device Settings -> Flash Backup

If you have any questions, post the full FCP warning and your diagnostics (from Tools -> Diagnostics) to this thread https://forums.unraid.net/topic/47266-plugin-ca-fix-common-problems 

Link to comment
  • 6 months later...

macvlan call traces found

 

On certain systems, assigning dedicated IP addresses to a docker container could introduce instability to your server.  If you have a single network card, It is recommended to instead use the ipvlan network driver to alleviate this.  Switch this within Settings, Docker (advanced view) with the docker service stopped.


If you have a second network card, see https://forums.unraid.net/topic/137048-guide-how-to-solve-macvlan-and-ipvlan-issues-with-containers-on-a-custom-network/

 

  • Like 2
  • Thanks 3
  • Upvote 1
Link to comment
  • 6 months later...

Date and Time Incorrect

 

Most services on the internet require the correct (or nearly correct) date and time to be set on your server.  Your server appears to have a date and time that is incorrect by a significant amount.

 

You should set the Date and Time correctly within Settings - Date and Time and if necessary also use NTP servers so that the date / time will stay up to date.

 

image.png

 

Note that this problem could also be indicative of a failing CMOS battery on your motherboard (usually a CR2032) and you may want to look at also replacing it.

  • Like 1
Link to comment
Guest
This topic is now closed to further replies.