[tor-talk] glibc's DNS lookups fail
douglastskillern at lavabit.com
douglastskillern at lavabit.com
Tue Feb 14 07:43:44 UTC 2012
Hello List,
I am experiencing a strange problem for about two weeks or so.
I am using GNU/Liux (Debian 6 x86-64) and Tor 0.2.2.35 built from source.
I forward all my tcp traffic and udp traffic on port 53 to my tor instance
via netfilter.
So here is my problem: whenever I do DNS lookup via glibc, the first
lookup to a specific domain fails. The second lookup and all following
lookups (to the very same domain) succeed (until I reboot my machine).
~$ gnutls-cli --starttls torproject.org -p 80
Resolving 'torproject.org'...
Cannot resolve torproject.org:80: Name or service not known
~$ tor2 gnutls-cli --starttls torproject.org -p 80
Resolving 'torproject.org'...
Connecting to '38.229.72.14:80'...
- Simple Client Mode:
C-c C-c
(I am using gnutls-cli here because of its nice output. Any other
application that uses glibc, for example nc, fail as well.)
Applications that use their own DNS lookup code (firefox, nslookup) do not
suffer of this problem. In fact, their DNS lookups work just fine!
I tried tracing the request down in Wireshark. Unfortunately it did not
help me. There are two DNS requests per lookup, one A and one AAAA. Both
are correctly forwarded to tor, the AAAA fails ('Not implemented'), but
the A one actually does return a valid IP!
1 0.000000 192.168.178.30 127.0.0.1 DNS Standard query A torproject.org
2 0.000027 192.168.178.30 127.0.0.1 DNS Standard query AAAA torproject.org
3 0.000155 192.168.178.1 192.168.178.30 DNS Standard query response, Not
implemented
# tor does its magic
8 1.157351 192.168.178.1 192.168.178.30 DNS Standard query response A
38.229.72.14
# now glibc tries the lookup again, now with the search domain appended,
as configured in my /etc/resolv.conf. The lookups fail, of course...
9 1.157441 192.168.178.30 127.0.0.1 DNS Standard query A
torproject.org.my.search.domain
10 1.157455 192.168.178.30 127.0.0.1 DNS Standard query AAAA
torproject.org.my.search.domain
I have no idea whats going on here. It definitely has something to do
with tor. When I remove my iptable rules, DNS lookups work fine. On top
of that, my setup used to work for about 5 months or so. I have no clue
what I did to break thing so badly.
Do you have any idea what may cause this issue?
Thank you so much!
Cheers,
Douglas
More information about the tor-talk
mailing list