[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
[tor-commits] [tor/master] parameterize bw cutoffs to guarantee Fast and Guard flags
commit c0ec4eafc54d84089536caf51b1367e8d9ddacef
Author: Roger Dingledine <arma@xxxxxxxxxxxxxx>
Date: Wed Nov 16 20:55:33 2011 -0500
parameterize bw cutoffs to guarantee Fast and Guard flags
Now it will be easier for researchers to simulate Tor networks with
different values. Resolves ticket 4484.
---
changes/feature4484 | 8 ++++++++
src/or/config.c | 8 ++++++++
src/or/dirserv.c | 24 ++++++++++++------------
src/or/or.h | 8 ++++++++
4 files changed, 36 insertions(+), 12 deletions(-)
diff --git a/changes/feature4484 b/changes/feature4484
new file mode 100644
index 0000000..78154e9
--- /dev/null
+++ b/changes/feature4484
@@ -0,0 +1,8 @@
+ o Minor features:
+ - Add two new config options for directory authorities:
+ AuthDirFastGuarantee sets a bandwidth threshold for guaranteeing the
+ Fast flag, and AuthDirGuardBWGuarantee sets a bandwidth threshold
+ that is always sufficient to satisfy the bandwidth requirement for
+ the Guard flag. Now it will be easier for researchers to simulate
+ Tor networks with different values. Resolves ticket 4484.
+
diff --git a/src/or/config.c b/src/or/config.c
index ffa763e..94a6538 100644
--- a/src/or/config.c
+++ b/src/or/config.c
@@ -175,6 +175,8 @@ static config_var_t _option_vars[] = {
V(AuthDirBadDir, LINELIST, NULL),
V(AuthDirBadExit, LINELIST, NULL),
V(AuthDirInvalid, LINELIST, NULL),
+ V(AuthDirFastGuarantee, MEMUNIT, "20 KB"),
+ V(AuthDirGuardBWGuarantee, MEMUNIT, "250 KB"),
V(AuthDirReject, LINELIST, NULL),
V(AuthDirRejectUnlisted, BOOL, "0"),
V(AuthDirListBadDirs, BOOL, "0"),
@@ -3373,6 +3375,12 @@ options_validate(or_options_t *old_options, or_options_t *options,
if (ensure_bandwidth_cap(&options->PerConnBWBurst,
"PerConnBWBurst", msg) < 0)
return -1;
+ if (ensure_bandwidth_cap(&options->AuthDirFastGuarantee,
+ "AuthDirFastGuarantee", msg) < 0)
+ return -1;
+ if (ensure_bandwidth_cap(&options->AuthDirGuardBWGuarantee,
+ "AuthDirGuardBWGuarantee", msg) < 0)
+ return -1;
if (options->RelayBandwidthRate && !options->RelayBandwidthBurst)
options->RelayBandwidthBurst = options->RelayBandwidthRate;
diff --git a/src/or/dirserv.c b/src/or/dirserv.c
index c427fe2..19d9702 100644
--- a/src/or/dirserv.c
+++ b/src/or/dirserv.c
@@ -1692,12 +1692,6 @@ should_generate_v2_networkstatus(void)
/** If a router's MTBF is at least this value, then it is always stable.
* See above. (Corresponds to about 7 days for current decay rates.) */
#define MTBF_TO_GUARANTEE_STABLE (60*60*24*5)
-/** Similarly, we protect sufficiently fast nodes from being pushed
- * out of the set of Fast nodes. */
-#define BANDWIDTH_TO_GUARANTEE_FAST ROUTER_REQUIRED_MIN_BANDWIDTH
-/** Similarly, every node with sufficient bandwidth can be considered
- * for Guard status. */
-#define BANDWIDTH_TO_GUARANTEE_GUARD (250*1024)
/** Similarly, every node with at least this much weighted time known can be
* considered familiar enough to be a guard. Corresponds to about 20 days for
* current decay rates.
@@ -1841,6 +1835,7 @@ dirserv_compute_performance_thresholds(routerlist_t *rl)
long *tks;
double *mtbfs, *wfus;
time_t now = time(NULL);
+ or_options_t *options = get_options();
/* initialize these all here, in case there are no routers */
stable_uptime = 0;
@@ -1910,8 +1905,11 @@ dirserv_compute_performance_thresholds(routerlist_t *rl)
if (guard_tk > TIME_KNOWN_TO_GUARANTEE_FAMILIAR)
guard_tk = TIME_KNOWN_TO_GUARANTEE_FAMILIAR;
- if (fast_bandwidth > BANDWIDTH_TO_GUARANTEE_FAST)
- fast_bandwidth = BANDWIDTH_TO_GUARANTEE_FAST;
+ /* Protect sufficiently fast nodes from being pushed out of the set
+ * of Fast nodes. */
+ if (options->AuthDirFastGuarantee &&
+ fast_bandwidth > options->AuthDirFastGuarantee)
+ fast_bandwidth = options->AuthDirFastGuarantee;
/* Now that we have a time-known that 7/8 routers are known longer than,
* fill wfus with the wfu of every such "familiar" router. */
@@ -2335,6 +2333,8 @@ set_routerstatus_from_routerinfo(routerstatus_t *rs,
const or_options_t *options = get_options();
int unstable_version =
!tor_version_as_new_as(ri->platform,"0.1.1.16-rc-cvs");
+ uint32_t routerbw = router_get_advertised_bandwidth(ri);
+
memset(rs, 0, sizeof(routerstatus_t));
rs->is_authority =
@@ -2360,10 +2360,10 @@ set_routerstatus_from_routerinfo(routerstatus_t *rs,
rs->is_valid = ri->is_valid;
if (rs->is_fast &&
- (router_get_advertised_bandwidth(ri) >= BANDWIDTH_TO_GUARANTEE_GUARD ||
- router_get_advertised_bandwidth(ri) >=
- MIN(guard_bandwidth_including_exits,
- guard_bandwidth_excluding_exits)) &&
+ ((options->AuthDirGuardBWGuarantee &&
+ routerbw >= options->AuthDirGuardBWGuarantee) ||
+ routerbw >= MIN(guard_bandwidth_including_exits,
+ guard_bandwidth_excluding_exits)) &&
(options->GiveGuardFlagTo_CVE_2011_2768_VulnerableRelays ||
is_router_version_good_for_possible_guard(ri->platform))) {
long tk = rep_hist_get_weighted_time_known(
diff --git a/src/or/or.h b/src/or/or.h
index 7d50e1f..c0714ee 100644
--- a/src/or/or.h
+++ b/src/or/or.h
@@ -2676,6 +2676,14 @@ typedef struct {
* exploitation of CVE-2011-2768 against their clients? */
int GiveGuardFlagTo_CVE_2011_2768_VulnerableRelays;
+ /** If non-zero, always vote the Fast flag for any relay advertising
+ * this amount of capacity or more. */
+ uint64_t AuthDirFastGuarantee;
+
+ /** If non-zero, this advertised capacity or more is always sufficient
+ * to satisfy the bandwidth requirement for the Guard flag. */
+ uint64_t AuthDirGuardBWGuarantee;
+
char *AccountingStart; /**< How long is the accounting interval, and when
* does it start? */
uint64_t AccountingMax; /**< How many bytes do we allow per accounting
_______________________________________________
tor-commits mailing list
tor-commits@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits