diff options
author | Nick Mathewson <nickm@torproject.org> | 2018-04-04 08:55:37 -0400 |
---|---|---|
committer | Nick Mathewson <nickm@torproject.org> | 2018-04-04 08:55:37 -0400 |
commit | ec8ee541296f3ca494421cd8c8f9903e848823ec (patch) | |
tree | 3165f70f53dc67f2eb0f42ce40b86035d57c7e6a | |
parent | 7ccb1c5a859873656ab074c88935865bcf4b4c38 (diff) | |
parent | 06484eb5e19081f478c0c5569e2de6fcfb8d3531 (diff) | |
download | tor-ec8ee541296f3ca494421cd8c8f9903e848823ec.tar.gz tor-ec8ee541296f3ca494421cd8c8f9903e848823ec.zip |
Merge branch 'bug21394_029_redux' into maint-0.3.3
-rw-r--r-- | changes/bug21394.2 | 7 | ||||
-rw-r--r-- | src/or/dns.c | 19 |
2 files changed, 18 insertions, 8 deletions
diff --git a/changes/bug21394.2 b/changes/bug21394.2 new file mode 100644 index 0000000000..b580d2a786 --- /dev/null +++ b/changes/bug21394.2 @@ -0,0 +1,7 @@ + o Minor bugfix (Exit node DNS retries): + - Re-attempt timed-out DNS queries 3 times before failure, since our + timeout is 5 seconds for them, but clients wait 10-15. Also allow + slightly more timeouts per resolver before giving up on it in the + case where an exit has multiple resolvers configured. Fixes bug 21394; + bugfix on 0.3.1.9. + diff --git a/src/or/dns.c b/src/or/dns.c index e4dc8048ed..411e2d5aa6 100644 --- a/src/or/dns.c +++ b/src/or/dns.c @@ -1441,27 +1441,30 @@ configure_nameservers(int force) // If we only have one nameserver, it does not make sense to back off // from it for a timeout. Unfortunately, the value for max-timeouts is // currently clamped by libevent to 255, but it does not hurt to set - // it higher in case libevent gets a patch for this. - // Reducing attempts in the case of just one name server too, because - // it is very likely to be a local one where a network connectivity - // issue should not cause an attempt to fail. + // it higher in case libevent gets a patch for this. Higher-than- + // default maximum of 3 with multiple nameservers to avoid spuriously + // marking one down on bursts of timeouts resulting from scans/attacks + // against non-responding authoritative DNS servers. if (evdns_base_count_nameservers(the_evdns_base) == 1) { SET("max-timeouts:", "1000000"); - SET("attempts:", "1"); } else { - SET("max-timeouts:", "3"); + SET("max-timeouts:", "10"); } // Elongate the queue of maximum inflight dns requests, so if a bunch - // time out at the resolver (happens commonly with unbound) we won't + // remain pending at the resolver (happens commonly with Unbound) we won't // stall every other DNS request. This potentially means some wasted // CPU as there's a walk over a linear queue involved, but this is a // much better tradeoff compared to just failing DNS requests because // of a full queue. SET("max-inflight:", "8192"); - // Time out after 5 seconds if no reply. + // Two retries at 5 and 10 seconds for bind9/named which relies on + // clients to handle retries. Second retry for retried circuits with + // extended 15 second timeout. Superfluous with local-system Unbound + // instance--has its own elaborate retry scheme. SET("timeout:", "5"); + SET("attempts:","3"); if (options->ServerDNSRandomizeCase) SET("randomize-case:", "1"); |