[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-relays] Questions about 4 Relays per IP and the ddos mitigation scripts

To: tor-relays@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-relays] Questions about 4 Relays per IP and the ddos mitigation scripts
From: Roger Dingledine <arma@xxxxxxxxxxxxxx>
Date: Tue, 7 Feb 2023 18:31:31 -0500
Delivered-to: archiver@xxxxxxxx
Delivery-date: Tue, 07 Feb 2023 18:31:45 -0500
Dkim-signature: v=1; a=rsa-sha256; c=simple/simple; d=torproject.org; s=2022-eugeni; t=1675812699; bh=gpTrcevw2GRiVkYt1QRagiWD4YJWb989k6qyHi52Ph8=; h=Date:From:To:References:In-Reply-To:Subject:List-Id: List-Unsubscribe:List-Archive:List-Post:List-Help:List-Subscribe: Reply-To:From; b=IUDM/oMWy7/81LiAMno0garyKnbKV6IIOjTBrfxnsuZhPQY3j1qmmTfP/WKcE7qq/ B6zJcZD0v3u352dTYcfc8tQ2f9WYaKAkm8e3OPf1LabgBtmdSRgQI7qpzhge24adoq Q7/gCu0vAVFdZzKVvjjfeQLmgerQKe/n5tO4Q7fPvW6c8eXKogHJ1dXWmnQlvfwwa/ ZJNk05rFUv/DS4WDfOzf9AHAc6eYIiNXvmFSEiLj4bk06COYOqInF0yDN7zSrpebc8 E+sIE+RWdMjG3g/3SNzYw527SNzhpkEYjn3rSxhedM5QZEfC7q3L2rOjrPHio+Ma5m pqr7n9dZs/SiQ==
In-reply-to: <f22938c5-394c-9ace-5a72-bcddd9faea44@riseup.net>
List-archive: <http://lists.torproject.org/pipermail/tor-relays/>
List-help: <mailto:tor-relays-request@lists.torproject.org?subject=help>
List-id: "support and questions about running Tor relays \(exit, non-exit, bridge\)" <tor-relays.lists.torproject.org>
List-post: <mailto:tor-relays@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=unsubscribe>
References: <32ba4f01-2e87-97c9-2310-746990fe1e27@wcbsecurity.com> <baec606d-7856-18e2-bf13-3f40bf207f6d@riseup.net> <9e562779-af0d-a120-60b0-fd6e9202aa1c@wcbsecurity.com> <f22938c5-394c-9ace-5a72-bcddd9faea44@riseup.net>
Reply-to: tor-relays@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-relays" <tor-relays-bounces@xxxxxxxxxxxxxxxxxxxx>

On Wed, Feb 08, 2023 at 12:07:22AM +0100, nusenu wrote:
> I recall a gitlab.tpo issue that discussed the details of whether
> tor clients should change guards when their picked guard lost/gained flags.
> Maybe someone else could paste a link to it.

This might be the one you want:
https://gitlab.torproject.org/tpo/core/torspec/-/issues/141

It has quite the complicated story, and I think our current behavior
("move to the next guard in the list if our current guard doesn't have
the Guard flag") is good for performance but bad for security, but it's
a complicated enough analysis that reasonable people can disagree.

--Roger

_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

References:
- [tor-relays] Questions about 4 Relays per IP and the ddos mitigation scripts
  - From: Chris Enkidu-6
- Re: [tor-relays] Questions about 4 Relays per IP and the ddos mitigation scripts
  - From: nusenu
- Re: [tor-relays] Questions about 4 Relays per IP and the ddos mitigation scripts
  - From: Chris Enkidu-6
- Re: [tor-relays] Questions about 4 Relays per IP and the ddos mitigation scripts
  - From: nusenu

Prev by Author: Re: [tor-relays] relay configuration not allowing optimal performance
Next by Author: Re: [tor-relays] publish current AuthDirMaxServersPerAddr limit?
Previous by thread: Re: [tor-relays] Questions about 4 Relays per IP and the ddos mitigation scripts
Next by thread: Re: [tor-relays] Questions about 4 Relays per IP and the ddos mitigation scripts
Index(es):
- Author
- Thread