Opened 8 years ago

Closed 7 years ago

Last modified 7 years ago

#3017 closed defect (user disappeared)

DNS update causes Tor to fail

Reported by: nick2day Owned by:
Priority: Medium Milestone: Tor: 0.2.2.x-final
Component: Core Tor/Tor Version:
Severity: Keywords: DNS fail hup tor-relay
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

Tor daemon fails when updating DNS servers.

Ubuntu 10.04 LTS
Tor vers. 2.1.30

Steps to reproduce:

Update DNS servers via manually editing /etc/resolv.conf
restart networking (/etc/init.d/networking restart)
hup Tor Daemon (/etc/init.d/tor reload)

relevant portion of /var/log/tor/log, from time of first DNS failure, through fixing, and then reproducing the error.

Apr 26 18:11:28.706 [notice] Your DNS provider gave an answer for "3ksmgx7pleop6qc.invalid", which is not supposed to exist. Apparently they are hijacking DNS failures. Trying to correct for this. We've noticed 1 possibly bad address so far.
Apr 26 18:11:28.897 [notice] Your DNS provider has given "67.215.77.132" as an answer for 6 different invalid addresses. Apparently they are hijacking DNS failures. I'll try to correct for this by treating future occurrences of "67.215.77.132" as 'not found'.
Apr 26 23:35:29.453 [warn] eventdns: All nameservers have failed
Apr 26 23:35:29.765 [notice] eventdns: Nameserver 213.186.33.99 is back up
Apr 27 08:24:27.381 [warn] eventdns: All nameservers have failed
Apr 27 08:24:27.466 [notice] eventdns: Nameserver 208.67.222.222 is back up
Apr 27 10:08:50.689 [notice] We're missing a certificate from authority with signing key EEB9299D295C1C815E289FBF2F2BBEA5F52FDD19: launching request.
Apr 27 10:41:26.715 [notice] Catching signal TERM, exiting cleanly.
Apr 27 23:13:10.200 [notice] Tor 0.2.1.30 opening log file.
Apr 27 23:13:10.202 [notice] Parsing GEOIP file.
Apr 27 23:13:10.665 [notice] OpenSSL OpenSSL 0.9.8k 25 Mar 2009 [9080bf] looks like it's older than 0.9.8l, but some vendors have backported 0.9.8l's renegotiation code to earlier versions, and some have backported the code from 0.9.8m or 0.9.8n. I'll set both SSL3_FLAGS and SSL_OP just to be safe.
Apr 27 23:13:10.871 [notice] Your Tor server's identity key fingerprint is 'SoftwareFreedom2 12D95FC52020647773B3DE00F79717B6F992AA27'
Apr 27 23:13:19.225 [notice] We now have enough directory information to build circuits.
Apr 27 23:13:19.225 [notice] Bootstrapped 80%: Connecting to the Tor network.
Apr 27 23:13:19.292 [notice] Bootstrapped 85%: Finishing handshake with first hop.
Apr 27 23:13:20.196 [notice] Self-testing indicates your ORPort is reachable from the outside. Excellent. Publishing server descriptor.
Apr 27 23:13:20.887 [notice] Bootstrapped 90%: Establishing a Tor circuit.
Apr 27 23:13:21.832 [notice] Tor has successfully opened a circuit. Looks like client functionality is working.
Apr 27 23:13:21.832 [notice] Bootstrapped 100%: Done.
Apr 27 23:14:29.297 [notice] Performing bandwidth self-test...done.
Apr 27 23:14:42.391 [notice] Self-testing indicates your DirPort is reachable from the outside. Excellent.
Apr 28 00:06:19.732 [notice] Received reload signal (hup). Reloading config and resetting internal state.
Apr 28 00:06:19.734 [notice] Tor 0.2.1.30 opening log file.
Apr 28 00:07:01.139 [warn] eventdns: All nameservers have failed

Appears to only happen on hup. If tor is stopped completely and restarted, everything works fine.

Child Tickets

Change History (6)

comment:1 Changed 8 years ago by rransom

Component: - Select a componentTor Relay
Milestone: Tor: 0.2.2.x-final
Version: Tor: unspecified

comment:2 Changed 8 years ago by arma

What happens if you leave out the "restart networking" step?

Also, does it happen on 0.2.2.x as well?

I vaguely recall a bug entry here where we talk about specifying which dns resolver failed, to make these log complaints easier to act on.

comment:3 Changed 8 years ago by Sebastian

Status: newneeds_information

Is there more than the log messages to make sure that DNS fails completely? Does Tor actually stop relaying?

comment:4 Changed 7 years ago by nickm

Resolution: user disappeared
Status: needs_informationclosed

No contact since april. Please reopen if the answer to "does it happen on 0.2.2.x as well?" is "yes"

comment:5 Changed 7 years ago by nickm

Keywords: tor-relay added

comment:6 Changed 7 years ago by nickm

Component: Tor RelayTor
Note: See TracTickets for help on using tickets.