GitLab

When we next revamp the spec, we should arrange that the RELAY_END reason bytes (spec 6.3) distinguish the two fundamentally different kinds of DNS failure.

Currently, REASON_RESOLVEFAILED seems to do double duty for all of:

1. The DNS worked properly and told us that the host definitely doesn't exist (NXDOMAIN) or that this isn't a hostname we can use (NODATA pseudo-rcode)

2. The DNS isn't working properly and we weren't able to find out about this host.

3. The question we asked the DNS server was invalid (eg, wrong hostname syntax, name too long, etc.)

I don't think we absolutely need to distinguish 3; it can be lumped in with 1, and it shoudl be rare. But we should distinguish 1 from 2. They correspond, from (say) a Tor Browser user's pov, "this website cannot be reached due to some network or computer not working right" and "you have a wrong (or out of date) URL".