[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Prebuilding circuits?



F. Fox wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Kees Vonk wrote:
I have found that while using Tor the first connection to a site always
times out. As I understand it, this is because Tor is still building a
circuit to the site in question.
(snip)

First, a bit about Tor's circuitry:

Tor doesn't build circuits to sites - it builds circuits from a user to
an exit node. That exit node then makes "normal" (i.e., unencrypted)
connections to sites on the user's behalf (along with many other users).

(The exception to this are hidden services, which connect two circuits
together at a rendezvous point.)

I'm assuming that the site you mention is a "normal," unencrypted Web
site - i.e., port 80; let's call that site, Site X.


It is an encrypted site on a none standard port, would that make a difference?

For a fixed amount of time - by default, 10 minutes - Tor will re-use
circuits. So, if you go to Site X, and then go to another site - let's
call it Site Y - before that time is up, then Site X and Site Y will use
the same circuit, come out the same exit, and have the same "virtual
identity" (the IP you take on from the point of view of the sites).

****

Next, a plausible explanation of what's going on:

Depending on the nodes that Tor chooses to build a circuit through -
usually chosen randomly - it may take a bit to build them. Overloaded or
slow nodes might be part of the cause of this.

If it's really a problem - or if you want to get some extra speed - you
might add this to your torrc:

CircuitBuildTimeout 5

That tends to favor fast nodes that aren't overloaded, at the tradeoff
of some of the added anonymity that an unlimited "Tor cloud" would provide.

That seems to improve things a little, but how bad would this trade off be (I mean what percentage of Tor servers would be ignored because of this).

Thanks,

Kees