Commit 98275743 authored by Sebastian Hahn's avatar Sebastian Hahn Committed by Nick Mathewson
Browse files

Fix DNS resolution on busy exit relays

Thanks to Dhalgren who analyzed this issue two years ago and found a
parent 04d4786c
o Major bugfixes (Exit nodes):
- Fix an issue causing high-bandwidth exit nodes to fail a majority
or all of their DNS requests, making them basically unsuitable for
regular usage in Tor circuits. The problem is related to
libevent's DNS handling, but we can work around it in Tor. Fixes
bugs 21394 and 18580; bugfix on which introduced
eventdns. Credit goes to Dhalgren for identifying and finding a
workaround to this bug and to gamambel, arthuredelstein and
arma in helping to track it down and analyze it.
...@@ -1425,14 +1425,31 @@ configure_nameservers(int force) ...@@ -1425,14 +1425,31 @@ configure_nameservers(int force)
#define SET(k,v) evdns_base_set_option(the_evdns_base, (k), (v)) #define SET(k,v) evdns_base_set_option(the_evdns_base, (k), (v))
// If we only have one nameserver, it does not make sense to back off
// from it for a timeout. Unfortunately, the value for max-timeouts is
// currently clamped by libevent to 255, but it does not hurt to set
// it higher in case libevent gets a patch for this.
// Reducing attempts in the case of just one name server too, because
// it is very likely to be a local one where a network connectivity
// issue should not cause an attempt to fail.
if (evdns_base_count_nameservers(the_evdns_base) == 1) { if (evdns_base_count_nameservers(the_evdns_base) == 1) {
SET("max-timeouts:", "16"); SET("max-timeouts:", "1000000");
SET("timeout:", "10"); SET("attempts:", "1");
} else { } else {
SET("max-timeouts:", "3"); SET("max-timeouts:", "3");
SET("timeout:", "5");
} }
// Elongate the queue of maximum inflight dns requests, so if a bunch
// time out at the resolver (happens commonly with unbound) we won't
// stall every other DNS request. This potentially means some wasted
// CPU as there's a walk over a linear queue involved, but this is a
// much better tradeoff compared to just failing DNS requests because
// of a full queue.
SET("max-inflight:", "8192");
// Time out after 5 seconds if no reply.
SET("timeout:", "5");
if (options->ServerDNSRandomizeCase) if (options->ServerDNSRandomizeCase)
SET("randomize-case:", "1"); SET("randomize-case:", "1");
else else
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment