tor dns + bind = lame name-server

Hello,

I've been trying for a couple of hours now to make this work .. a part went ok .. but there still seems to be a problem.

My named/bind setup looks like this:

zone "onion" IN { type forward; forwarders { 127.0.0.2; }; };

My ~/.torrc #Log debug User dexter DataDirectory /home/dexter/.tor/ SocksListenAddress 127.0.0.1 SocksListenAddress 192.168.1.95 SocksPolicy accept 127.0.0.1/32 SocksPolicy accept 192.168.1.0/24 SocksPolicy reject * NewCircuitPeriod 99999 KeepalivePeriod 60 DNSPort 127.0.0.2:53 TransPort 9040 AutomapHostsOnResolve 1 VirtualAddrNetwork 10.192.0.0/10 HiddenServiceDir /home/dexter/.tor/hidden_service/ HiddenServicePort 80 127.0.0.1:80

My resolv.conf nameserver 127.0.0.1 Bind listens on 127.0.0.1:53

Here's what happens:

$ dig +short a pcl5dt2boqqvmpk7.onion @127.0.0.2
10.206.233.205 $ dig +short a pcl5dt2boqqvmpk7.onion @127.0.0.2 10.206.233.205 $ dig +short a pcl5dt2boqqvmpk7.onion @127.0.0.2 10.206.233.205 So tor's dns server is ok...

$ dig +short a pcl5dt2boqqvmpk7.onion @127.0.0.1 10.206.233.205 $ dig +short a pcl5dt2boqqvmpk7.onion @127.0.0.1 10.206.233.205 $ dig +short a pcl5dt2boqqvmpk7.onion @127.0.0.1 10.206.233.205 So my bind forwards ok. Now watch this:

$ dig +short aaaa pcl5dt2boqqvmpk7.onion @127.0.0.1
$ dig +short a pcl5dt2boqqvmpk7.onion @127.0.0.1
$ dig +short a pcl5dt2boqqvmpk7.onion @127.0.0.1 $ dig +short a pcl5dt2boqqvmpk7.onion @127.0.0.2 10.206.233.205

So, as soon as named asks for something, the tor dns doesn't answer correctly answering with an A for an AAAA instead of giving an empty AAAA with NOERROR ( I think this is the problem ) and gets marked as a lame-server and will cache it like this for 600 seconds I think.

Named's logs show this: queries: info: client 127.0.0.1#55980 (pcl5dt2boqqvmpk7.onion): view internal: query: pcl5dt2boqqvmpk7.onion IN A +E (127.0.0.1) queries: info: client 127.0.0.1#37020 (pcl5dt2boqqvmpk7.onion): view internal: query: pcl5dt2boqqvmpk7.onion IN A +E (127.0.0.1) queries: info: client 127.0.0.1#40132 (pcl5dt2boqqvmpk7.onion): view internal: query: pcl5dt2boqqvmpk7.onion IN A +E (127.0.0.1) queries: info: client 127.0.0.1#47246 (pcl5dt2boqqvmpk7.onion): view internal: query: pcl5dt2boqqvmpk7.onion IN AAAA +E (127.0.0.1) resolver: notice: DNS format error from 127.0.0.2#53 resolving pcl5dt2boqqvmpk7.onion/AAAA for client 127.0.0.1#47246: reply has no answer lame-servers: info: error (FORMERR) resolving 'pcl5dt2boqqvmpk7.onion/AAAA/IN': 127.0.0.2#53 queries: info: client 127.0.0.1#59716 (pcl5dt2boqqvmpk7.onion): view internal: query: pcl5dt2boqqvmpk7.onion IN A +E (127.0.0.1) queries: info: client 127.0.0.1#55020 (pcl5dt2boqqvmpk7.onion): view internal: query: pcl5dt2boqqvmpk7.onion IN A +E (127.0.0.1)

Any ideas on how to solve this ? Thanks in advance.

Trac:
Username: d3xt3r01