[tor-bugs] #21989 [Core Tor/Tor]: Should we tell Exits to reject all traffic if DNS fails?
Tor Bug Tracker & Wiki
blackhole at torproject.org
Wed Apr 19 05:21:59 UTC 2017
#21989: Should we tell Exits to reject all traffic if DNS fails?
------------------------------+------------------------------
Reporter: teor | Owner:
Type: defect | Status: new
Priority: Medium | Milestone: Tor: unspecified
Component: Core Tor/Tor | Version:
Severity: Normal | Keywords: dns, tor-exit
Actual Points: | Parent ID: #21900
Points: 1 | Reviewer:
Sponsor: |
------------------------------+------------------------------
Tor Exits with broken DNS still allow Exit traffic.
But this slows down initial connections for clients, because the Exit will
refuse all DNS requests. (Clients no longer cache DNS.)
Perhaps we should make Exits refuse traffic until their DNS is working?
(Unless a non-default option is set?)
This would also fix #21900, where a broken DNS config really does stop all
Exit traffic.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/21989>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list