[tor-dev] Requesting feedback on TorDNSd v1.1

LETO m8rovpdyd at gmail.com
Tue Jul 26 23:43:41 UTC 2011


Hello,

+ Currently, when a query fails, it'll use the next configured DNS server
and reattempt to query on that one. Nothing special is done at the moment,
but I'm open for suggestions.

+ A possible issue I see is that retrying a(n invalid) query on all possible
domains may give a delay since it'll attempt to query all configured dns
servers.

+ If I had to add additional DNS servers, I'd add in the OpenDNS servers.

I'd like to add that one of the other nice features of TorDNSd are the
filters : An internet connection not leaking out any DNS requests could look
suspicious, but using 'filter-direct' rules you could define a couple of
'legal' queries to leak 'on purpose'.

- LETO

On Tue, Jul 26, 2011 at 11:16 PM, intrigeri <intrigeri at boum.org> wrote:

> Hi,
>
> LETO wrote (26 Jul 2011 22:45:21 GMT) :
> > It can use one or multiple remote dns servers (by default the google
> > ones) meaning you can perform all queries (not just 'A' ones)
>
> Ok. I see the point of using ttdnsd-like functionality to supplement
> what the Tor DNS resolver is able to achieve itself. See our page
> about this issue on the Tails wiki in case you want to understand the
> place I'm speaking from:
>
>  https://tails.boum.org/todo/support_arbitrary_dns_queries/
>
> I also see the point of not granting one (and maybe a few) company/ies
> the power to decide example.com does not exist for TorDNSd (and Tails)
> users. Hence my past, present and future questions:
>
> How exactly does TorDNSd deal with multiple remote DNS servers?
>
> What issues could be possibly caused by using multiple remote DNS
> recursive servers by default in TorDNSd?
>
> What additional recursive servers would you consider worth adding to
> the default TorDNSd configuration?
>
> Bye,
> --
>  intrigeri <intrigeri at boum.org>
>  | GnuPG key @ https://gaffer.ptitcanardnoir.org/intrigeri/intrigeri.asc
>  | OTR fingerprint @ https://gaffer.ptitcanardnoir.org/intrigeri/otr.asc
>   | Did you exchange a walk on part in the war
>  | for a lead role in the cage?
> _______________________________________________
> tor-dev mailing list
> tor-dev at lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-dev/attachments/20110726/055043c7/attachment.htm>


More information about the tor-dev mailing list