[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-relays] Logs full of "eventdns: All nameservers have failed"

To: tor-relays@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-relays] Logs full of "eventdns: All nameservers have failed"
From: Andy Isaacson <adi@xxxxxxxxxxxxx>
Date: Sat, 10 Dec 2011 02:01:19 -0800
Delivered-to: archiver@xxxxxxxx
Delivery-date: Sat, 10 Dec 2011 05:01:35 -0500
In-reply-to: <201112052235.07808.klaus.layer@xxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-relays>
List-help: <mailto:tor-relays-request@lists.torproject.org?subject=help>
List-id: "This mailing list is for support and questions about running Tor relays \(exit, non-exit, bridge\)." <tor-relays.lists.torproject.org>
List-post: <mailto:tor-relays@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=unsubscribe>
References: <201112030738.10183.klaus.layer@xxxxxx> <20111203224931.GE12631@xxxxxxxxxxxxx> <201112052235.07808.klaus.layer@xxxxxx>
Reply-to: tor-relays@xxxxxxxxxxxxxxxxxxxx
Sender: tor-relays-bounces@xxxxxxxxxxxxxxxxxxxx
User-agent: Mutt/1.5.18 (2008-05-17)

On Mon, Dec 05, 2011 at 10:35:03PM +0100, Klaus Layer wrote:
> Andy Isaacson <adi@xxxxxxxxxxxxx> wrote on 03.12.2011:
> > Since DNS is the most frequent UDP traffic you'll see on a Tor node,
> > perhaps this is simply a symptom of high packet loss on your NIC.
>
> It's a gigabit link, with at the moment only 30% load. I don't expect 
> significant packet loss.

If it's a decent NIC (Intel or Broadcom) then I'd agree with you.  If
it's a RTL or other sub-par vendor / driver, then you're overly
optimistic.

> > You could consider running a caching nameserver on localhost.  That
> > could have negative side effects, though; you're increasing memory and
> > CPU load by doing so, and potentially increasing attack surface
> > depending on your exact configuration.
>
> I am already running caching DNS. CPU is not an issue, but its eating
> up some memory.
> 
> Well, as these messages seems to be quite common I will just ignore
> them.


Wait, you're seeing these DNS failures with "nameserver 127.0.0.1" in
/etc/hosts?  That's more interesting, since then DNS UDP lossage on GigE
pacet loss is unlikely to be the cause.

Could you clarify the configuration?  Is Tor doing DNS over the GigE or
to localhost?

-andy
_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Follow-Ups:
- Re: [tor-relays] Logs full of "eventdns: All nameservers have failed"
  - From: Klaus Layer

References:
- [tor-relays] Logs full of "eventdns: All nameservers have failed"
  - From: Klaus Layer
- Re: [tor-relays] Logs full of "eventdns: All nameservers have failed"
  - From: Andy Isaacson
- Re: [tor-relays] Logs full of "eventdns: All nameservers have failed"
  - From: Klaus Layer

Prev by Author: Re: [tor-relays] Logs full of "eventdns: All nameservers have failed"
Next by Author: Re: [tor-relays] Bandwidth Authority PID Feedback Experiment #2 Starting
Previous by thread: Re: [tor-relays] Logs full of "eventdns: All nameservers have failed"
Next by thread: Re: [tor-relays] Logs full of "eventdns: All nameservers have failed"
Index(es):
- Author
- Thread