Project

General

Profile

Feature #5801

DNS resolution sometimes fails

Added by Tails about 6 years ago. Updated about 5 years ago.

Status:
Confirmed
Priority:
Normal
Assignee:
-
Category:
-
Target version:
-
Start date:
Due date:
% Done:

0%

Feature Branch:
Type of work:
Test
Blueprint:
Starter:
No
Affected tool:

Description

While running the 0.15 test suite, it happened that Claws Mail could not connect to a mail server. It was clearly DNS related: running host mail.example.com also fails, but host mail.example.com 127.0.0.2 succeeds. After the second command claws is happy due to the DNS cache. I guess we have a serious regression from feature/remove-pdnsd that only affects "DNS leaks", i.e. when the system resolver (Tor) is used. Urgh. Oh and tor-resolve mail.example.com works just fine.

Next thing to do: test if that's still the case.

If it is, perhaps we could simply get some caching DNS resolver back (and maybe pick unbound this time).

It seems than only non-SOCKS applications are affected.

History

#1 Updated by foob over 5 years ago

  • Description updated (diff)
  • Starter set to No

It may be related to this TOR bug https://trac.torproject.org/projects/tor/ticket/11741. It cause the Tor resolver to fail if a DNS answer is >512B.

If examples of such failing domain names are found. One can see the record size using

dig $host | grep MSG size

outside of tails.

Also available in: Atom PDF