[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-bugs] #24797 [Core Tor/Tor]: Add an option that makes Tor use fewer connections
#24797: Add an option that makes Tor use fewer connections
-------------------------------------------------+-------------------------
Reporter: teor | Owner: neel
Type: enhancement | Status:
| needs_revision
Priority: Medium | Milestone: Tor:
| unspecified
Component: Core Tor/Tor | Version:
Severity: Normal | Resolution:
Keywords: tor-relay, tor-dos, | Actual Points:
034-triage-20180328, 034-removed-20180328, |
035-removed-20180711 |
Parent ID: | Points: 1
Reviewer: | Sponsor:
-------------------------------------------------+-------------------------
Comment (by teor):
Replying to [comment:16 teor]:
> Hi,
>
> The MaxSockets default in the man page is incorrect:
> {{{
> (Default: 1000)
> }}}
> It should say "Default: unlimited" or something similar.
>
> I don't think we should fail if ConnLimit_ is lower than MaxSockets: why
not just log a notice message, and use ConnLimit_?
> MaxSockets is a maximum, not a minimum requirement.
>
> Please update the options unit tests to test the new option, and its
interaction with DisableOOSCheck.
Replying to [comment:18 arma]:
> Replying to [comment:16 teor]:
> > I don't think we should fail if ConnLimit_ is lower than MaxSockets:
why not just log a notice message, and use ConnLimit_?
>
> Use ConnLimit for what? As the min or as the max?
`ConnLimit_` (underscore) is the maximum number of file descriptors
discovered from the OS. Tor doesn't go above this limit: it is a maximum.
`ConnLimit` (no underscore) is the minimum required value of `ConnLimit_`
for tor to start.
So I suggest replacing `ConnLimit_` with `min(MaxSockets, ConnLimit_)`:
> > > If you add another torrc option MaxSockets, then use min(MaxSockets,
ConnLimit_) instead of ConnLimit_, all the rest of the code should just
work.
> > >
> > > Using min(MaxSockets, ConnLimit_) allows us to override the OS when
its limit is too high, and it makes sure we don't ever go over the OS
limit.
> I'm still thinking we shouldn't add this feature. We periodically have
people who want this sort of thing, and if they set it and it gets
triggered, they are being a bad relay. Why are we offering them a way to
be a bad relay?
Because they're about to hit their limit anyway, and they want to fail
slightly less awfully using `DisableOOSCheck 0`.
Some people want to be able to access their relays after tor hits its
socket limit (#28367). And as neel said, others can't set ulimit on their
machines.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/24797#comment:22>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs