[tor-relays] lets stop using central big DNS resolvers (Google, Level3, OpenDNS, Quad9, Cloudflare)
Paul
pa011 at web.de
Sun May 13 13:34:06 UTC 2018
Am 11.05.2018 um 00:16 schrieb nusenu:
> Dear Exit Relay Operators,
>
> I'd like to invite you to check your exit's DNS resolver by
> having a look at the following list of exits using resolvers
> outside their AS (especially if it is Google, OpenDNS, Quad9 or Cloudflare).
>
> You can search the list for you contactinfo, relay nickname or relay fingerprint (first 8 characters):
>
> https://gist.github.com/nusenu/cb766ff7945fafd9f90ee7f211a2508f#file-tor-dns-april-2018-txt
>
>
> I extended the "DNS on Exit Relays" section in the Tor Relay Guide
> to include specific instructions what is recommended for Tor exit operators with
> regards to DNS on exit relays.
>
> https://trac.torproject.org/projects/tor/wiki/TorRelayGuide#DNSonExitRelays
>
> If you found yourself on the list above and changed your DNS to a local (same host or same AS)
> resolver or found a false-positive, please drop me an email (off-list is also ok).
>
>
> The goal is to be bellow the following thresholds within one year:
> - not have any single remoteAS entity control more than 10% exit capacity
> - reduce the overall remoteAS share to bellow 20% exit capacity
>
> the longer version of this can be found at:
> https://medium.com/@nusenu/who-controls-tors-dns-traffic-a74a7632e8ca
>
> thanks for helping with DNS decentralization on the tor network,
> nusenu
Thank you for giving another helpful push on that nusenu !!
I changed my Linux exits.
Unfortunately the /etc/resolv.conf gets overwritten on reboot. On Linux I solved that with editing /etc/resolvconf/resolv.conf.d/base. In that file, i put in the info as i would in resolv.conf.
nameserver 127.0.0.1
Then i told resolvconf to regenerate resolv.conf
sudo resolvconf -u
How do i protect against overwriting best in FreeBSD (maybe there could be a hint on https://trac.torproject.org/projects/tor/wiki/TorRelayGuide#DNSonExitRelays ) as well?
Where can I find an Update of https://gist.github.com/nusenu/cb766ff7945fafd9f90ee7f211a2508f#file-tor-dns-april-2018-txt ?
How can one find out which DNS resolver an exit uses?
Thanks
Paul
More information about the tor-relays
mailing list