On Mon, Dec 05, 2011 at 10:35:03PM +0100, Klaus Layer wrote:
Andy Isaacson adi@hexapodia.org wrote on 03.12.2011:
Since DNS is the most frequent UDP traffic you'll see on a Tor node, perhaps this is simply a symptom of high packet loss on your NIC.
It's a gigabit link, with at the moment only 30% load. I don't expect significant packet loss.
If it's a decent NIC (Intel or Broadcom) then I'd agree with you. If it's a RTL or other sub-par vendor / driver, then you're overly optimistic.
You could consider running a caching nameserver on localhost. That could have negative side effects, though; you're increasing memory and CPU load by doing so, and potentially increasing attack surface depending on your exact configuration.
I am already running caching DNS. CPU is not an issue, but its eating up some memory.
Well, as these messages seems to be quite common I will just ignore them.
Wait, you're seeing these DNS failures with "nameserver 127.0.0.1" in /etc/hosts? That's more interesting, since then DNS UDP lossage on GigE pacet loss is unlikely to be the cause.
Could you clarify the configuration? Is Tor doing DNS over the GigE or to localhost?
-andy