[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-relays] exit operators: overall DNS failure rate above 5% - please check your DNS resolver



Just set your exit relay DNS to 8.8.8.8 and 1.1.1.1 I mean dns traffic isn't bulk traffic, let google and CloudFlare do the "work"

Thanks,

Matt Westfall
President & CIO
ECAN Solutions, Inc.
Everything Computers and Networks
804.592.1672

------ Original Message ------
From: "Tim Niemeyer" <tim@xxxxxxxx>
To: tor-relays@xxxxxxxxxxxxxxxxxxxx
Sent: 6/29/2019 2:59:34 AM
Subject: Re: [tor-relays] exit operators: overall DNS failure rate above 5% - please check your DNS resolver

Hi nusenu
 
After reading your Mail, I realized that not the DNS records for the
exit IPs are failing. Instead this list shows problems to resolve dns
on the exit.
 
I looked at our exit and all looks fine. Resolver works very fast and
nothing imporint within the logfile. Only some dudes use 0.100.2.2 as
remote address, but let's be fair, that can't work. ;)
 
There are 4 exits on one machine with one dns server. Only 3 of them
are shown in the list:
 
Maybe it is a load problem, because this machine has 100% cpu load? :(
 
A dedicated machine for dns may be good, but currently we have only
this one machine. Another way could be to recude exit capacity, but I
don't know if it's a good idea to throttle it?
 
Btw, in the mean time we got more upstream transit and now we are
looking to get better / second hardware. But money is a limiting
factor. :(
 
Kind regards
Tim
 
Am Freitag, den 28.06.2019, 20:16 +0000 schrieb nusenu:
Dear Exit relay operators,
 
first of all thanks for running exit relays!
 
One of the crucial service that you provide in addition to
forwarding 
TCP streams is DNS resolution for tor clients. 
Exit relays which fail to resolve hostnames
are barely useful for tor clients.
 
We noticed that lately the failure rates did increase significantly
due to some major exit operators apparently having DNS issues and we
would like
to urge you to visit Arthur's "Tor Exit DNS Timeouts" 
page that shows you the DNS error rate for exit relays:
 
(the page is usually updated once a day)
 
Please consider checking your DNS if your exit relay consistently
shows a non zero 
timeout rate - and make sure you run an up to date tor version.
 
If you are an exit operator but have no (or no working) ContactInfo,
please consider
updating that field in your torrc so we can reach you if something is
wrong
with your relay.
 
kind regards
nusenu
_______________________________________________
tor-relays mailing list
_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays