-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
Hi,
The servers from my ISP are not stable or good enough to handle the traffic for this Tor exit router.
I get this in the log very often: Apr 24 15:14:07.000 [notice] Circuit handshake stats since last time: 91633/91636 TAP, 15962/15962 NTor. Apr 24 17:40:45.000 [warn] eventdns: All nameservers have failed Apr 24 17:40:45.000 [notice] eventdns: Nameserver <ip>:53 is back up
Both nameservers fail and come back after 1 second, or less.
I don't know what impact will this have on the exit node. Is it any problem at all?
I have decided also to setup my own DNS resolver and not use the ones from ISP, so I have installed named.
What I need help is, for your someone to tell me exactly how do i have to edit named.conf in order to:
1. Enable DNSSEC, for the clients who want to use it. Not make it a requirement, just enable it and prefer it over normal DNS if and when possible.
2. Be able to resolve all TLDs as described here: https://trac.torproject.org/projects/tor/wiki/doc/DnsResolver#DNSResolverSer...
Now I can clearly understand the message from that post but there is no instruction anywhere about how to do it, those links for Alt Roots are broken. Is this a requirement? Who needs to resolve silly TLDs not supported by IANA / ICANN anyway?
3. Cache the records for as long as possible - my relay is already using a lot of traffic so I have to spare as much as I can.
Please provide me with a good named.conf and description of settings so I can properly configure a good DNS resolver for my relay.
Thank you in advance!
"s7r@sky-ip.org" s7r@sky-ip.org wrote Thu, 24 Apr 2014 19:20:37 +0300:
| I get this in the log very often: | Apr 24 15:14:07.000 [notice] Circuit handshake stats since last time: | 91633/91636 TAP, 15962/15962 NTor. | Apr 24 17:40:45.000 [warn] eventdns: All nameservers have failed | Apr 24 17:40:45.000 [notice] eventdns: Nameserver <ip>:53 is back up | | Both nameservers fail and come back after 1 second, or less.
Are you running this relay on a BSD system, perchance?
I see this on lots of relays on FreeBSD and think that it's related to libevent on certain platforms. I also think that it's benign.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
On 4/25/2014 3:26 PM, Linus Nordberg wrote:
"s7r@sky-ip.org" s7r@sky-ip.org wrote Thu, 24 Apr 2014 19:20:37 +0300:
| I get this in the log very often: | Apr 24 15:14:07.000 [notice] Circuit handshake stats since last time: | 91633/91636 TAP, 15962/15962 NTor. | Apr 24 17:40:45.000 [warn] eventdns: All nameservers have failed | Apr 24 17:40:45.000 [notice] eventdns: Nameserver <ip>:53 is back up | | Both nameservers fail and come back after 1 second, or less.
Are you running this relay on a BSD system, perchance?
I see this on lots of relays on FreeBSD and think that it's related to libevent on certain platforms. I also think that it's benign. _______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Yeah I am running it on FreeBSD 10.0 release.
Anything I can do about it? If it's just working on normal basis regardless this warning i can leave it like this?
tor-relays@lists.torproject.org
-
Linus Nordberg -
s7r@sky-ip.org