[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: active connections when hibernating
- To: or-talk@xxxxxxxxxxxxx
- Subject: Re: active connections when hibernating
- From: "Michael_google gmail_Gersten" <keybounce@xxxxxxxxx>
- Date: Sun, 15 Jul 2007 09:22:00 -0700
- Delivered-to: archiver@xxxxxxxx
- Delivered-to: or-talk-outgoing@xxxxxxxx
- Delivered-to: or-talk@xxxxxxxx
- Delivery-date: Sun, 15 Jul 2007 12:22:08 -0400
- Dkim-signature: a=rsa-sha1; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=WpdcnBrm2G9hOLVk96e8eH269oBHeQqK2S6nvUJR6X1QSHcjAaqnTAYybFld1MBObc6OA1/8l5XZwIw0HHmG7hGM9HWKJRkHLa2IGLX7hphJI+iVy8j94beQKyD0iYVzNvCDjIWobSHm9iB7u6E54qsEpOKzLpx0wwRHaEO6pcQ=
- Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=gKBnfvBeQTUgjgUl3LP52ABJGhNi6PF3bBcIEtuLQc+nXxyh4vALtRoUFRmUUm5cCMjYZzLMSAZNEwdKEM4BWcBUkHy3rXDRUaSKEOy+g2DcdlZYvj6gFF9ft0JquOxMq4qAWijokVXVDEFU9d57DbEf5Tp1lY4xfpMKMu01Q5I=
- In-reply-to: <200707140857.l6E8vma1013840@xxxxxxxxxxxxx>
- References: <200707140857.l6E8vma1013840@xxxxxxxxxxxxx>
- Reply-to: or-talk@xxxxxxxxxxxxx
- Sender: owner-or-talk@xxxxxxxxxxxxx
On 7/14/07, Scott Bennett <bennett@xxxxxxxxxx> wrote:
On Fri, 13 Jul 2007 14:59:44 -0700 "Michael_google gmail_Gersten"
<keybounce@xxxxxxxxx> wrote:
>Hours? Possibly. They'll stay open until the other side closes them,
>as I understand; that's one hour by default.
But those are client-side connections. When routers connect to other
routers, they tend to keep those connections open. As I understand it,
this not only avoids the unnecessary overhead of tearing down and setting
up new connections to the same places repeatedly, it provides another
obstruction to anyone trying to do traffic analysis.
Alright, lets see. I have one tor configured as a client only, and one
as a client (on an unused port) and a server. Lsof reports 88 outgoing
connections, and 48 incoming connections. I just closed the ORListener
port, so that one is only doing client (and old server connections).
10 minutes later, I still have 81 outgoing, and 32 incoming.
Oh foo, I fell asleep. Next morning: Client has one outgoing
connection to Lefkada, and server has one connection to pppool:9030
(directory server?), one outgoing to a brazil site on a "random" port,
and one incoming tor connection.
Turning on Vidalia: Vidalia shows two connections to Lefkada, but lsof
only shows one actual socket connection. Dang, but that changes how I
thought tor did communication.
Re-enabling the ORListener on the server (Odd, it's ORPort in the
config, but OR Listener in the logs), and waiting a moment: Wow. I'm
looking at 5 SYN_SENT, one established outgoing tor, one established
incoming tor (and we're talking seconds after publishing the
descriptor), and one established unknown outgoing (Local port is not a
listening port; remote port is a "random" high numbered port). And
that's before the bandwidth test.
Which is itself an interesting question. How can tor publish its
descriptor before it knows how much bandwidth to claim in the
descriptor?
>Heck, if I shut down my or-port (so no new connections arrive), and
>turn it off in my browser (so no new outgoing connections are made),
The client is supposed to continue to maintain some circuits, so
that some will be ready for use anytime the client should come to need
them. Because circuits are old after ten minutes, no new connections
are made through them, and they are torn down when the last connection
through them is closed. In order to keep circuits available, the client
therefore must keep building new circuits from time to time to replace
the ones that get aged and closed.
In the past, I've seen that if the client has no activity, it does not
replace the connections. I have seen an idle tor client wind up with
no open sockets.
>then my tor winds up with no sockets open in about 2 hours. (Maybe
>less, I haven't checked that frequently)
Then perhaps there is something wrong with your network connection
that it breaks all circuits from time to time.
Nope. I have circuits open for days (ssh).