[tor-relays] Logs full of "eventdns: All nameservers have failed"
Andy Isaacson
adi at hexapodia.org
Sat Dec 10 10:01:19 UTC 2011
On Mon, Dec 05, 2011 at 10:35:03PM +0100, Klaus Layer wrote:
> Andy Isaacson <adi at hexapodia.org> wrote on 03.12.2011:
> > Since DNS is the most frequent UDP traffic you'll see on a Tor node,
> > perhaps this is simply a symptom of high packet loss on your NIC.
>
> It's a gigabit link, with at the moment only 30% load. I don't expect
> significant packet loss.
If it's a decent NIC (Intel or Broadcom) then I'd agree with you. If
it's a RTL or other sub-par vendor / driver, then you're overly
optimistic.
> > You could consider running a caching nameserver on localhost. That
> > could have negative side effects, though; you're increasing memory and
> > CPU load by doing so, and potentially increasing attack surface
> > depending on your exact configuration.
>
> I am already running caching DNS. CPU is not an issue, but its eating
> up some memory.
>
> Well, as these messages seems to be quite common I will just ignore
> them.
Wait, you're seeing these DNS failures with "nameserver 127.0.0.1" in
/etc/hosts? That's more interesting, since then DNS UDP lossage on GigE
pacet loss is unlikely to be the cause.
Could you clarify the configuration? Is Tor doing DNS over the GigE or
to localhost?
-andy
More information about the tor-relays
mailing list