[tor-relays] dnsmasq configuration for an exit relay (Debian)

Toralf Förster toralf.foerster at gmx.de
Sun Oct 8 16:54:43 UTC 2017


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

On 10/08/2017 06:34 PM, Igor Mitrofanov wrote:
> With a large-enough cache and sufficient uptime dnsmasq effectively
> becomes a mini-DNS server that stores IP addresses for the vast
> majority of sites that Tor users ever visit. 

NAK, just 10,000 addresses can be cached.

The stats of dnsmasq my exit relay shows after 6 hours :

Oct  8 18:51:17 mr-fox dnsmasq[19806]: cache size 10000, 203238/1102103 cache insertions re-used unexpired cache entries.
Oct  8 18:51:17 mr-fox dnsmasq[19806]: queries forwarded 444146, queries answered locally 42117
Oct  8 18:51:17 mr-fox dnsmasq[19806]: DNSSEC memory in use 120768, max 173280, allocated 999984

so just 10% of all DNS queries are cached, the vast majority is forwarded to the DNS server of my ISP.

- -- 
Toralf
PGP C4EACDDE 0076E94E
-----BEGIN PGP SIGNATURE-----

iI0EAREIADUWIQQaN2+ZSp0CbxPiTc/E6s3eAHbpTgUCWdpYUxccdG9yYWxmLmZv
ZXJzdGVyQGdteC5kZQAKCRDE6s3eAHbpTlOlAP0RNGzXHqM7blXf/TmaAagKoWW2
Gb2/YGRwC0yeZ+qOAAD+P7EN2GQ5bdpoVG4eBq17Hq3y6Qoegyh/CRyI5rZWQpc=
=Yd69
-----END PGP SIGNATURE-----


More information about the tor-relays mailing list