[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-bugs] #10169 [Tor]: Extend OOM handler to cover channels/connection buffers
#10169: Extend OOM handler to cover channels/connection buffers
------------------------+----------------------------------------
Reporter: nickm | Owner:
Type: defect | Status: needs_review
Priority: major | Milestone: Tor: 0.2.4.x-final
Component: Tor | Version:
Resolution: | Keywords: tor-relay oom 024-backport
Actual Points: | Parent ID:
Points: |
------------------------+----------------------------------------
Comment (by robgjansen):
TLDR, the defense seems to be working correctly.
I tried this out on my small 10 node test network in Shadow, where all
relays has ample 10 MiB/s connections. I merged both my sniper attack code
and nickm'sÂ'''bug10169_025_v2'''ÂwithÂ'''tor-0.2.5.2-alpha'''. Then I
tested the sniper attack using 1 team of 10 circuits (1 client instance to
use a ping circuit to measure rtt, 1 client instance to launch 9 sniper
circuits). I tested the attack without nickm's defense, and with nickm's
defense usingÂ`MaxMemInQueuesÂ50 MB`Â(which automatically gets adjusted up
to 256MB). Then I ran a second test with 2 teams of 10 circuits.
The results are in
[https://trac.torproject.org/projects/tor/attachment/ticket/10169/all.ram.time.png
the attack graph]. Both the graph and the log file indicates that the
sniper's circuits were successfully killed after memory exceeded the 256MB
limit.
I'm not exactly sure why the defense was not being triggered before, but
looking back at my config I may have been using MaxMemInQueues of 500 MB
(which would have been to large to trigger OOM killer).
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/10169#comment:22>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs