[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: MaxOnionsPending questions
On Fri, Aug 15, 2008 at 04:58:48AM -0500, Scott Bennett wrote:
> The tor man page says,
>
> MaxOnionsPending NUM
> If you have more than this number of onionskins queued for
> decrypt, reject new ones. (Default: 100)
>
> Does "onionskins" in this context mean cells or cell payloads?
Neither. It means incoming CREATE request payloads.
(Why "onionskin"? In the original Onion Routing designs, "onions"
were structures made with multiple nested PK encryption and used to
create circuits. In Tor, circuits are built interactively, one hop at
a time, in order to get forward secrecy and (trivially) prevent replay
attacks. Instead of sending an entire onion, we send one layer of the
onion --or onionskin-- at a time.)
> What is a
> typical high water mark for the number of onionskins actually in a decryption
> queue at one time? Under what circumstances? How can one find out what the
> actual high water mark is for one's own tor server? Is there a way to reset
> the current high water mark to 0, so that one could find out usage levels on
> a periodic basis?
These are all good questions! Pending onionskin requests are managed
in the cpuworker.c file, but I don't think high-water marks are
tracked. A patch to handle this better would be welcome.
--
Nick