[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Why some Tor servers are slow (was Re: TOR Park Exit Node Question)

To: or-talk@xxxxxxxxxxxxx
Subject: Re: Why some Tor servers are slow (was Re: TOR Park Exit Node Question)
From: Giorgos Pallas <gpall@xxxxxxxxxxx>
Date: Mon, 03 Oct 2005 11:25:05 +0300
Delivered-to: archiver@seul.org
Delivered-to: or-talk-outgoing@seul.org
Delivered-to: or-talk@seul.org
Delivery-date: Mon, 03 Oct 2005 04:25:27 -0400
In-reply-to: <20050930224601.GS4630@localhost.localdomain>
References: <092820051623.12011.433AC392000EA2BB00002EEB22058844849D0A900A9CD20A050703@comcast.net> <20050929194109.GR4630@localhost.localdomain> <433C4A70.6010803@addicts.nl> <433D1BCE.2010502@ccf.auth.gr> <20050930224601.GS4630@localhost.localdomain>
Reply-to: or-talk@xxxxxxxxxxxxx
Sender: owner-or-talk@xxxxxxxxxxxxx
User-agent: Mozilla/5.0 (Windows; U; Windows NT 5.2; en-US; rv:1.7.5) Gecko/20041217

Roger Dingledine wrote:

So masquerade is somehow not putting much attention into its ssl
handshakes. This could be because its network connection is actually
through a proxy or a firewall that is dropping some of the packets or
slowing things down tremendously. It could also be that it's running on
a 100 mhz 486, or its ulimits are set to something crazy-low, or it's
busy ray-tracing a movie, or something else.

I'd be curious to learn what's up with it. I've seen this behavior before
on Windows machines behind cable modems and crappy NAT boxes.

--Roger

I am also curious to know what is wrong with my server. Masquerade is a Debian linux (latest release) box , with an Athlon 500 MHz, and 256 MB RAM. It is not behind any NAT, it has a direct, switched connection to the internet at 100 Mbps.

Using the command Peter Palfrader gave, I was able to reproduce the problem on the very box, so the network can't have anything to do with it (I guess):

postmortem:# time openssl s_client -connect 155.207.113.227:9001
CONNECTED(00000003)
depth=1 /O=TOR/CN=masquerade <identity>
verify error:num=19:self signed certificate in certificate chain
verify return:0
---
Certificate chain
0 s:/O=TOR/CN=masquerade
  i:/O=TOR/CN=masquerade <identity>
1 s:/O=TOR/CN=masquerade <identity>
  i:/O=TOR/CN=masquerade <identity>
---
Server certificate
-----BEGIN CERTIFICATE-----
...
...
...
-----END CERTIFICATE-----
subject=/O=TOR/CN=masquerade
issuer=/O=TOR/CN=masquerade <identity>
---
No client certificate CA names sent
---
SSL handshake has read 1469 bytes and written 344 bytes
---
New, TLSv1/SSLv3, Cipher is EDH-RSA-DES-CBC3-SHA
Server public key is 1024 bit
SSL-Session:
   Protocol  : TLSv1
   Cipher    : EDH-RSA-DES-CBC3-SHA
   Session-ID:
   Session-ID-ctx:
   Master-Key: ...
   Key-Arg   : None
   Start Time: 1128325862
   Timeout   : 300 (sec)
   Verify return code: 19 (self signed certificate in certificate chain)
---
read:errno=0

real    0m46.904s
user    0m0.093s
sys     0m0.007s

So, something is going wrong specificaly with ssl because if you try to make other connections to the server (eg web browse: http://postmortem.csd.auth.gr), it works very fast.So, how could I further troubleshoot ssl? Using some openssl parameters maybe? Any ideas?

Follow-Ups:
- Re: Why some Tor servers are slow (was Re: TOR Park Exit Node Question)
  - From: Chris Palmer

Prev by Author: Re: TOR Park Exit Node Question
Next by Author: Re: Why some Tor servers are slow
Previous by thread: Re: Why some Tor servers are slow (was Re: TOR Park Exit Node Question)
Next by thread: Re: Why some Tor servers are slow (was Re: TOR Park Exit Node Question)
Index(es):
- Author
- Thread