[tor-dev] Tor and DNS

intrigeri intrigeri at boum.org
Sat Jan 21 14:27:58 UTC 2012


Hi,

Ondrej Mikle wrote (21 Jan 2012 01:47:56 GMT) :
> So far I've seen ttdnsd used only in Tails, TorDNSd was seen
> mentioned only in the Tor mailing lists (not sure how many
> individuals may be using it though).

> ttdnsd: kind of works, unless validation is required (ttdnsd fails
> as unbound forwarder, most likely because of not handling DS queries
> correctly)

> It seems that bunch of people who experimented with DNS over Tor
> came to conclusion that using existing caching resolver like unbound
> is simpler than specialized resolvers like ttdnsd.

For the record, Tails uses a combination of the pdnsd caching DNS
server, the Tor resolver (for request types it supports) and ttdnsd
(fallback for other requests); details:

   https://tails.boum.org/contribute/design/Tor_enforcement/DNS/

Cheers,
--
  intrigeri
  | GnuPG key @ https://gaffer.ptitcanardnoir.org/intrigeri/intrigeri.asc
  | OTR fingerprint @ https://gaffer.ptitcanardnoir.org/intrigeri/otr.asc
  | Do not be trapped by the need to achieve anything.
  | This way, you achieve everything.


More information about the tor-dev mailing list