Thus spake John Case (case@xxxxxxxxxxxxxxxx): > On Sat, 8 May 2010, Mike Perry wrote: > > >>This means that your non-Exit flagged node will be weighted like an > >>Exit flagged node for the exit position, but will be weighted as if > >>you were a non-scarce middle or guard node for the other positions. > >> > >>In sort, you would in theory get slightly more total load than if you > >>were an actual Exit. > > > >On second thought, this is not fully correct. You will in theory get > >slightly more load than if you were just a Guard/Middle node. Since we > >do not currently balance among different exit port classes, you might > >still get less load than a full-on Exit when Exits are scarce, because > >80 might not carry that much traffic in terms of bytes as other ports. > > > >Not an easy question to answer in either case. Having good answers to > >these questions might help us refine our load balancing algoriths > >further. > > Thanks. So, it's hard to say, but I can assume there will be significant > exit traffic, even with just one TCP port valid for exit... > > I suppose I could see the ratio of actual connections by simply running > 'netstat', yes ? If my orport and dirport are 9001/9030, and I am > allowing port 80 exit, then all netstat connections showing port 80 are > exit connections, so I could (roughly) calculate these numbers myself, > right ? Yes. Though this brings up the other approxmiation of the load balancing algorithms, which is that we balance per-connection, which have non-uniform bandwidth use across ports and protocols. According to http://www.cs.washington.edu/homes/yoshi/papers/Tor/PETS2008_37.pdf, 92.5% of the connections through Tor are HTTP, accounting for 58% of the traffic. So you should see a much larger number of TCP connections (and possibly also total traffic) as comparted to if you also added port 443 and/or 6667 to gain the Exit flag. Especially if you are a Guard. The extra data that we would need beyond that published in the paper above is a data rate per connection by port, in addition to connection duration information. Gathering this data in a safe fashion, and figuring out how to use it are open questions (though probably not terribly difficult ones). -- Mike Perry Mad Computer Scientist fscked.org evil labs
Attachment:
pgpSN38AZyXj7.pgp
Description: PGP signature