[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: Prebuilding circuits?
- To: or-talk@xxxxxxxxxxxxx
- Subject: Re: Prebuilding circuits?
- From: "F. Fox" <kitsune.or@xxxxxxxxx>
- Date: Wed, 12 Mar 2008 13:42:03 -0700
- Delivered-to: archiver@xxxxxxxx
- Delivered-to: or-talk-outgoing@xxxxxxxx
- Delivered-to: or-talk@xxxxxxxx
- Delivery-date: Wed, 12 Mar 2008 16:42:15 -0400
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:user-agent:mime-version:to:subject:references:in-reply-to:x-enigmail-version:content-type:content-transfer-encoding; bh=Xts4AVBUJtAZmtBxbQib0SwgQFDpFTyYnhT32EHpzxI=; b=VRqsx0it54SMBqsbKtbnPPMtYChxcqbzcSH40N1Ro37fI/JmHOybgRQ70APLdNB+mx9XYqNBAOOVxzHFvgyWi/tqoVX0HfvhtgzhArzSQSLfMuZ/7X5EUD0LBcvfrAEynt0ZqTTlW0KJCH3DM9o8l1NQPoCKfritODvVyjdd4cA=
- Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:user-agent:mime-version:to:subject:references:in-reply-to:x-enigmail-version:content-type:content-transfer-encoding; b=qV31gEGza1mumCXKMj/4a2CmlfDbUmue2GXwl8O4I01Pr02ppYJT6vJ2tnaZbAJDEQnEwCYvynOS42EYQaHcGdXqhTDgoDyrVYzXtK2HM7nMLiMVjg9ctF9R/napHjhokFQqJF/ydPWVWt66hKJ4g9nQ8caoIZb6jem9SGPf3wY=
- In-reply-to: <47D79058.1030400@xxxxxxxxx>
- References: <47D79058.1030400@xxxxxxxxx>
- Reply-to: or-talk@xxxxxxxxxxxxx
- Sender: owner-or-talk@xxxxxxxxxxxxx
- User-agent: Icedove 1.5.0.14pre (X11/20080208)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Kees Vonk wrote:
> I have found that while using Tor the first connection to a site always
> times out. As I understand it, this is because Tor is still building a
> circuit to the site in question.
(snip)
First, a bit about Tor's circuitry:
Tor doesn't build circuits to sites - it builds circuits from a user to
an exit node. That exit node then makes "normal" (i.e., unencrypted)
connections to sites on the user's behalf (along with many other users).
(The exception to this are hidden services, which connect two circuits
together at a rendezvous point.)
I'm assuming that the site you mention is a "normal," unencrypted Web
site - i.e., port 80; let's call that site, Site X.
For a fixed amount of time - by default, 10 minutes - Tor will re-use
circuits. So, if you go to Site X, and then go to another site - let's
call it Site Y - before that time is up, then Site X and Site Y will use
the same circuit, come out the same exit, and have the same "virtual
identity" (the IP you take on from the point of view of the sites).
****
Next, a plausible explanation of what's going on:
Depending on the nodes that Tor chooses to build a circuit through -
usually chosen randomly - it may take a bit to build them. Overloaded or
slow nodes might be part of the cause of this.
If it's really a problem - or if you want to get some extra speed - you
might add this to your torrc:
CircuitBuildTimeout 5
That tends to favor fast nodes that aren't overloaded, at the tradeoff
of some of the added anonymity that an unlimited "Tor cloud" would provide.
- --
F. Fox
AAS, CompTIA A+/Network+/Security+
Owner of Tor node "kitsune"
http://fenrisfox.livejournal.com
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iQIVAwUBR9hAGuj8TXmm2ggwAQiP7Q//WNL1TZAxvngudD45mSUng1z0c+OwNdPT
p7nMaMawuPy8LHVvcsRF6E5M2n466jf0tp+CmQhwI3yytPwHIvDQp1SorYIDHUQC
COZRRH34euURD5cKl1e9D8/DARw+wOjcipGCvoP1EVvAmcki1xFSIFvCnVidFmT5
Fw7UYqVHGPxeSJWtJ1UODKilSeR1Hi23vAUd5uejlkVz7+MM3KizIZWnzTGRjuw6
7M6MW8F+gJ/ldApUsxaKm2ThytIwxCzCYcZFmn5lExZYWtBzhbwHhWGNWHkcholm
ztBBM6Ge5q/UrW7WXNwmFfaSjHl7Zvk68UGHLjRxeuSxXQZFx8vYO0XEVVyWXsSc
NRepn3ep0WTk/KhrGYdSFEMV1r7gQXxm4ucdPFQoYYvesDT7jBi3Twsup3sPVNTJ
u/DKGF16A6bBsa+18BgUk9P9z3oDzCKGfpXr8nHeX9B0mgxjgWOt90xv8jqRNMV9
kPbaMKjkjVyiPZhFOEfb3F31PO05uqak1eyUq8VPoGiKZUTIW+rAbxt7x90OZY8E
2he408CPqjnwDxEUqnJAyXrQWlIiHtOmXpPmt1jmJ3xX8XhshGE2jjWF2cZ04Tvu
OQ9R4N21q/krXIAjY13+sEGvjKNHYZOVfUW/4wInqRj0/jlrq0jfgFfvOfMu9VIu
mPPcGHRKQM0=
=HnGe
-----END PGP SIGNATURE-----