2015-12-20 17:21 GMT+01:00 Remi Gacogne <listes+tor-rel...@valombre.net>: >> On the other hand, I would say using a local DNS cache can increase both >> your relay's performance and perhaps offers a slight privacy gain to tor >> clients, given that a cached DNS response will be served directly to a >> tor client rather than querying an external resolver for the 2nd time. > > Note that, whenever possible, Tor relay operators using a local DNS > resolver should enable qname mininisation [1], so that the resolver only > sends to the authoritative servers what they need to know to respond. > Support for qname minimisation has recently been added in unbound [2] > 1.5.7, and is planned in the future Knot resolver [3]. > > [1]: https://tools.ietf.org/html/draft-ietf-dnsop-qname-minimisation-08 > [2]: https://www.nlnetlabs.nl/bugs-script/show_bug.cgi?id=648 > [3]: https://github.com/CZ-NIC/knot-resolver
It should be noted that on Debian unbound is v. 1.4.17 and support for qname minimisation has been added in v. 1.5.7 C _______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
