[tor-relays] exit operators: overall DNS failure rate above 5% - please check your DNS resolver
teor
teor at riseup.net
Mon Jul 1 23:57:19 UTC 2019
> On 1 Jul 2019, at 21:41, Tyler Durden <virii at enn.lu> wrote:
>
> I can't really understand why our relays should fail so often because
> the logs of our DNS daemon don't show anything and I haven't seen the
> warning about nameservers that failed for a long time...
>
> Maybe the script that checks about DNS failures on Exits is not
> reporting correctly?
There are some other options worth considering:
* the script is overloading its client, which fails some requests
* the exit is overloaded with circuits or streams (and not DNS), so it fails
some requests without a DNS query
* DNS fails in a way that the exit doesn't detect and log
Tor's DNS support is quite old, and it has had some significant bugs in the
past. So I'd start looking there.
It's also worth checking the health of your DNS resolver. Tor exits put an
unusual amount of load on DNS: there are lots of requests, for lots of
different domains.
T
More information about the tor-relays
mailing list