[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #33018 [Core Tor/Tor]: Dir auths using an unsustainable 400+ mbit/s, need to diagnose and fix

To: undisclosed-recipients: ;
Subject: Re: [tor-bugs] #33018 [Core Tor/Tor]: Dir auths using an unsustainable 400+ mbit/s, need to diagnose and fix
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Mon, 27 Jan 2020 22:50:59 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Mon, 27 Jan 2020 17:51:09 -0500
In-reply-to: <044.461dd48d6037b51f23921d9a5574286a@torproject.org>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs/>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <044.461dd48d6037b51f23921d9a5574286a@torproject.org>
Reply-to: no-reply@xxxxxxxxxxxxxx, blackhole@xxxxxxxxxxxxxx
Sender: "tor-bugs" <tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx>

#33018: Dir auths using an unsustainable 400+ mbit/s, need to diagnose and fix
---------------------------------------+-----------------------------------
 Reporter:  arma                       |          Owner:  dgoulet
     Type:  defect                     |         Status:  assigned
 Priority:  Medium                     |      Milestone:  Tor:
                                       |  0.4.3.x-final
Component:  Core Tor/Tor               |        Version:
 Severity:  Normal                     |     Resolution:
 Keywords:  network-health 043-should  |  Actual Points:
Parent ID:                             |         Points:
 Reviewer:                             |        Sponsor:
---------------------------------------+-----------------------------------

Comment (by teor):

 Replying to [comment:12 Sebastian]:
 > Replying to [comment:8 teor]:
 > > Replying to [comment:2 Sebastian]:
 > > > I am not concerned about relays connecting from a wrong IP address.
 I basically feel like that shouldn't even be possible configuration-wise
 > >
 > > Relays can set different addresses in the Address and
 OutboundBindAddress options, and their inbound and outbound traffic will
 be on different addresses. Some operators use these options, others put
 their Address on a non-default route.
 > >
 > > So we do need to consider this case, particularly when relays are
 trying to discover their own IP address from an authority. But relays
 should fall back to discovering their address and getting a consensus from
 other relays, if all the authorities fail.
 > >
 > > So maybe it will work anyway? We should do a test to make sure.
 >
 > I know these kinds of configurations are possible, but why is that and
 why are we OK with it. That's my point here, we should IMO change your
 stance to this being not supported behaviour.

 At the moment, relays (and directory authorities) use the system default
 route for outbound traffic, rather than the advertised address.

 If you want to change OutboundBindAddress, here's what we could do:
 1. make OutboundBindAddress default to the advertised addresses (IPv4 and
 IPv6), but fall back to unbound if binding to a specific address doesn't
 work - fixes most relays
 2. deprecate OutboundBindAddress - needs proposal (or consultation with
 relay operators), fixes some of the rest

 We can't fix all the relays, because operators can still use firewalls
 (and other weird network configs) to change the outbound address.

 I'll put step 1 in my upcoming IPv6 address discovery proposal as optional
 work. I think it's best we do step 2 separately. Because it's likely to be
 controversial.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/33018#comment:16>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

References:
- [tor-bugs] #33018 [Core Tor/Tor]: Dir auths using an unsustainable 400+ mbit/s, need to diagnose and fix
  - From: Tor Bug Tracker & Wiki

Prev by Author: Re: [tor-bugs] #30625 [Applications/Tor Browser]: new window dimensions are affected by dpi (was: (without toolbar) the window size is not exact multiple of 100 pixels)
Next by Author: [tor-bugs] #33000 [Applications/Tor Browser]: Click-to-play does not work on embedded videos on the blog in safer mode
Previous by thread: Re: [tor-bugs] #33018 [Core Tor/Tor]: Dir auths using an unsustainable 400+ mbit/s, need to diagnose and fix
Next by thread: Re: [tor-bugs] #33018 [Core Tor/Tor]: Dir auths using an unsustainable 400+ mbit/s, need to diagnose and fix
Index(es):
- Author
- Thread