[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-talk] glibc's DNS lookups fail



Hello List,

I am experiencing a strange problem for about two weeks or so.

I am using GNU/Liux (Debian 6 x86-64) and Tor 0.2.2.35 built from source. 
I forward all my tcp traffic and udp traffic on port 53 to my tor instance
via netfilter.

So here is my problem:  whenever I do DNS lookup via glibc, the first
lookup to a specific domain fails.  The second lookup and all following
lookups (to the very same domain) succeed (until I reboot my machine).

~$ gnutls-cli --starttls torproject.org -p 80
Resolving 'torproject.org'...
Cannot resolve torproject.org:80: Name or service not known
~$ tor2 gnutls-cli --starttls torproject.org -p 80
Resolving 'torproject.org'...
Connecting to '38.229.72.14:80'...

- Simple Client Mode:

  C-c C-c

(I am using gnutls-cli here because of its nice output.  Any other
application that uses glibc, for example nc, fail as well.)

Applications that use their own DNS lookup code (firefox, nslookup) do not
suffer of this problem.  In fact, their DNS lookups work just fine!

I tried tracing the request down in Wireshark.  Unfortunately it did not
help me.  There are two DNS requests per lookup, one A and one AAAA.  Both
are correctly forwarded to tor, the AAAA fails ('Not implemented'), but
the A one actually does return a valid IP!

1	0.000000	192.168.178.30	127.0.0.1	DNS	Standard query A torproject.org
2	0.000027	192.168.178.30	127.0.0.1	DNS	Standard query AAAA torproject.org
3	0.000155	192.168.178.1	192.168.178.30	DNS	Standard query response, Not
implemented
# tor does its magic
8	1.157351	192.168.178.1	192.168.178.30	DNS	Standard query response A
38.229.72.14
# now glibc tries the lookup again, now with the search domain appended,
as configured in my /etc/resolv.conf.  The lookups fail, of course...
9	1.157441	192.168.178.30	127.0.0.1	DNS	Standard query A
torproject.org.my.search.domain
10	1.157455	192.168.178.30	127.0.0.1	DNS	Standard query AAAA
torproject.org.my.search.domain

I have no idea whats going on here.  It definitely has something to do
with tor.  When I remove my iptable rules, DNS lookups work fine.  On top
of that, my setup used to work for about 5 months or so.  I have no clue
what I did to break thing so badly.

Do you have any idea what may cause this issue?

Thank you so much!

Cheers,

Douglas


_______________________________________________
tor-talk mailing list
tor-talk@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk