[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-relays] lets stop using central big DNS resolvers (Google, Level3, OpenDNS, Quad9, Cloudflare)
- To: tor-relays@xxxxxxxxxxxxxxxxxxxx
- Subject: Re: [tor-relays] lets stop using central big DNS resolvers (Google, Level3, OpenDNS, Quad9, Cloudflare)
- From: nusenu <nusenu-lists@xxxxxxxxxx>
- Date: Sat, 12 May 2018 08:54:00 +0000
- Delivered-to: archiver@xxxxxxxx
- Delivery-date: Sat, 12 May 2018 04:55:00 -0400
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/simple; d=riseup.net; s=squak; t=1526115287; bh=8KjL4Ap8OT2SsU86Vajgj2r2ofgoflVYBzB8UIaD8H4=; h=Subject:To:References:From:Date:In-Reply-To:From; b=FdOoFDJKigKQ9jrC33WwmXRiTUYOc9W6CdNm0HX27nuLMnn2EgSNBwRuuiDXcsEH9 +hezmt/HrbnId88fR0G81UU/THI5xHxT8GcIUPNZ5fUnolhqwQQIYGhnTA+DqM4iAC SkU0cRUb1YCdtnFzeZeEoF9ZZxBR3ZJnWnYvh4hg=
- In-reply-to: <20180511225406.70cfb3be4d2f8b90525f62c8@dson.org>
- List-archive: <http://lists.torproject.org/pipermail/tor-relays/>
- List-help: <mailto:tor-relays-request@lists.torproject.org?subject=help>
- List-id: "support and questions about running Tor relays \(exit, non-exit, bridge\)" <tor-relays.lists.torproject.org>
- List-post: <mailto:tor-relays@lists.torproject.org>
- List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=subscribe>
- List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=unsubscribe>
- References: <5e7d99ef-9514-cee4-985f-7f1d4a21dfec@riseup.net> <a518aa08-871d-afaf-819f-6e4bee01fb20@enn.lu> <20180511225406.70cfb3be4d2f8b90525f62c8@dson.org>
- Reply-to: tor-relays@xxxxxxxxxxxxxxxxxxxx
- Sender: "tor-relays" <tor-relays-bounces@xxxxxxxxxxxxxxxxxxxx>
>> All our nodes are using a local DNS caching server and only use google
>> as a fallback.
>
> I was also using google just as a fallback; I've now changed my node to
> just use a local resolver, with no fallback.
>
> Neither the email from nusenu nor the documentation pointed to actually
> says which of these options is preferable. If you (nusenu) are looking
> to reduce the exits using these resolvers, I'd suggest explicitly also
> saying to not use them even as a fallback after a local resolver
> (assuming that's what you want). Maybe you had intended this to come
> across with the existing text, but I don't think it's obvious enough.
Yes, I was not clear on that, thanks for your feedback I amended the text
in the Tor Relay Guide aiming to clarify this.
here is the diff (which includes also other changes)
https://trac.torproject.org/projects/tor/wiki/TorRelayGuide?action=diff&version=210
the most relevant change with regards to your comment is:
was: "Don't use any of the big DNS resolvers to avoid centralization"
is: "Don't use any of the big DNS resolvers as your primary or fallback DNS resolver to avoid centralization"
"if you want to add a second DNS resolver as a fallback to your /etc/resolv.conf configuration, try to choose a resolver within your autonomous system and make sure it is not your first entry in that file (the first entry should be your local resolver)"
--
https://mastodon.social/@nusenu
twitter: @nusenu_
Attachment:
signature.asc
Description: OpenPGP digital signature
_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
- References:
- [tor-relays] lets stop using central big DNS resolvers (Google, Level3, OpenDNS, Quad9, Cloudflare)
- Re: [tor-relays] lets stop using central big DNS resolvers (Google, Level3, OpenDNS, Quad9, Cloudflare)
- Re: [tor-relays] lets stop using central big DNS resolvers (Google, Level3, OpenDNS, Quad9, Cloudflare)