[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
[tor-bugs] #2575 [Tor Relay]: No DNS means no exiting
#2575: No DNS means no exiting
------------------------+---------------------------------------------------
Reporter: atagar | Owner:
Type: defect | Status: new
Priority: minor | Milestone:
Component: Tor Relay | Version:
Keywords: | Parent:
Points: | Actualpointsdone:
Pointsdone: | Actualpoints:
------------------------+---------------------------------------------------
If an exit is unable or unwilling to relay DNS requests then it's reverted
to being a non-exiting relay [1].
Is this a good idea? There's a tradeoff where on one hand we want to keep
lookups and connections on the same circuit (limiting the spread of
potentially sensitive information and due to possible colluding for
correlation), but on the other this is throwing away potentially useful
exits.
This might be a non-issue for numerous reasons...
a. If the risks of the former out weigh the benefits of the later.
b. If this almost never occurs (since this is done on the client side
there's no way to tell).
c. We need to direct the failed DNS requests somewhere and exits that,
say, disallow HTTP might be doing so for reasons that make handling DNS
requests for webpages bad for them. For this one I'd suggest that we
direct these requests to exits that explicitly allow port 53.
I'm moving the discussion here from irc since it didn't get any traction
and I'd like to make sure that we aren't needlessly hurting the network
with this behavior. Cheers! -Damian
[1] https://gitweb.torproject.org/tor.git/blob/HEAD:/src/or/router.c#l1867
From #tor-dev:
09:07 < atagar> Ahhh, evidently any exit relays DNS (reguardless of if
they've allowed port 53), hence why it was ignoring the
ExitPolicyRejectPrivate check. New couple questions in case anyone knows
the answer offhand.
09:07 < atagar> Is anyone with any sort of accept before a reject-all in
their exit policy considered to be an exit?
09:07 < atagar> Is this a good idea? Ie, are there cases where someone
would want to be an exit but not provide DNS resolution? At present we
drop relays that block tor from doing DNS resolution to be middle-hops
(which could be hurting the network).
09:10 < atagar> here's the no-dns-makes-us-a-middle-hop code:
https://gitweb.torproject.org/tor.git/blob/HEAD:/src/or/router.c#l1867
09:14 < shahn> The issue is that Tor connects to a hostname usually
09:15 < shahn> so if the exit node doesn't support DNS, then you can't use
them for that without additional delays
09:17 < atagar> I understand why keeping lookups and connections on the
same circuit is important, but is demoting these relays to be non-exits
better than falling back to doing lookups via another circuit?
09:19 < shahn> (unless the resolution is already cached)
09:19 < atagar> of course
09:20 < shahn> sorry bigtime lag
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/2575>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs