Opened 2 years ago

Last modified 2 years ago

#23113 new defect

Manage DNS state better when "All nameservers have failed"

Reported by: teor Owned by:
Priority: Medium Milestone: Tor: unspecified
Component: Core Tor/Tor Version: Tor: 0.2.6.10
Severity: Normal Keywords: dns, security-low, 032-unreached
Cc: Actual Points:
Parent ID: Points: 1
Reviewer: Sponsor:

Description (last modified by teor)

We should downgrade this warning when it only happens for a short period of time (or a small number of requests), or when it happens in response to a malformed request.

This warning is causing operators to make sub-optimal DNS server choices: for example, avoiding using a local cache in favour of remote resolvers.

Sometimes changing the local resolver makes a difference:
https://trac.torproject.org/projects/tor/ticket/1936#comment:12

Sometimes it happens in response to malformed requests:
https://trac.torproject.org/projects/tor/ticket/11600#comment:6

Sometimes it's harmless:
https://trac.torproject.org/projects/tor/ticket/11600#comment:7
Because it's followed by:

[notice] eventdns: Nameserver <ISP-resolver2>:53 is back up

Child Tickets

Change History (4)

comment:1 Changed 2 years ago by teor

Description: modified (diff)

comment:2 Changed 2 years ago by teor

Keywords: security-low added
Summary: Downgrade "All nameservers have faled" warningManage DNS state better when "All nameservers have failed"

There's potentially an attack here, too:

  • launch an invalid request to make tor think the primary name server is down
  • launch a valid request to a secondary name server

I don't think this gets you much, but we should think about it some more.

comment:3 Changed 2 years ago by hdqdak8v32aor

Instead of burying the message, how about fixing the underlying cause, which is eventdns blindly forwarding malformed DNS queries guaranteed to evoke Bad response 5 (refused)?

comment:4 Changed 2 years ago by nickm

Keywords: 032-unreached added
Milestone: Tor: 0.3.2.x-finalTor: unspecified

Mark a large number of tickets that I do not think we will do for 0.3.2.

Note: See TracTickets for help on using tickets.