New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
monerod does DNS lookups and attempts to connect to other nodes, even if specifying an exclusive node #3128
Comments
Which commit hash are you running ? As for DNS lookups, ifyou don't want them, use DNS_PUBLIC=somethinginvalid or tcp://127.0.0.1 |
Latest stable release (793bc97)
Why do I need to opt-out for privacy? DNS lookups are not required when |
That wouldn't help if I had a local DNS resolver running, right? |
Then it's fixed by 054054c. Why do you think --add-exclusive-node is a DNS option ? It is not. Using 127.0.0.1 would not work if you have a DNS resolver listening. |
Why would the daemon need to connect to a DNS server if it only needs to connect to a single IP which was specified via a command line arg? |
To get updates and checkpoints. |
Where does it check for updates / try to retrieve checkpoints from? I assume it uses other nodes. Why is the exclusive node I'm providing not sufficient enough to do that? |
OK, doesn't look like it. I will try to start |
It appears not. --offline disables those, but a "just for DNS" switch would seem useful. |
I'm now starting |
Try --seed-node SAMEIP:SAMEPORT |
Or:
|
Didn't help, even with the patch applied it still does DNS lookups. |
Can you tell what it is trying to resolve ? |
|
Ah, I see it. Fixing... |
Didn't help :( Just to be sure: I've applied #3143 and #3145 and am passing these args: "$MONEROD" \
--add-exclusive-node 127.0.0.1:18090 --allow-local-ip \
--p2p-bind-ip 127.0.0.1 \
--rpc-bind-ip 127.0.0.1 \
--no-igd \
--hide-my-port \
--db-sync-mode safe \
--check-updates disabled \
--disable-dns-checkpoints |
Seems to be fixed, see #3146 (comment) |
I updated 3145, it was checking exclusive nodes before parsing the command line. |
+resolved |
I tried launching
monerod
onnode A
with these args:"$MONEROD" \ --add-exclusive-node 127.0.0.1:18090 --allow-local-ip \ --p2p-bind-ip 127.0.0.1 \ --rpc-bind-ip 127.0.0.1 \ --no-igd \ --hide-my-port \ --db-sync-mode safe
Port 18090 is forwarded from my other
node B
via SSH.Still,
monerod
onnode A
does DNS lookups on the seed nodes using Google DNS (8.8.4.4) and tries to connect to the various nodes returned.This is a privacy issue and should not happen when
--add-exclusive-node
is used.EDIT:
Fix Google DNS IP,
monerod
is not using 8.8.8.8.The text was updated successfully, but these errors were encountered: