[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: IP datagram size for TLS connection to relay
- To: or-dev@xxxxxxxxxxxxx
- Subject: Re: IP datagram size for TLS connection to relay
- From: Nick Mathewson <nickm@xxxxxxxxxxxxx>
- Date: Fri, 3 Dec 2010 12:18:18 -0500
- Delivered-to: archiver@xxxxxxxx
- Delivered-to: or-dev-outgoing@xxxxxxxx
- Delivered-to: or-dev@xxxxxxxx
- Delivery-date: Fri, 03 Dec 2010 12:18:25 -0500
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:sender:received :in-reply-to:references:date:x-google-sender-auth:message-id:subject :from:to:content-type:content-transfer-encoding; bh=4euMSWY2n/juXHGXiwA3IFTFeQni07PUxYaDFFZTTEw=; b=GkoD3i/dcbWol+TMCkLzXvazAN1drLp91xqIAFHIsqS2VoDuJaXa4NItlXMbNj3aNP tRb+7f0NUFBU7SvzA5bYKRDZxrsTtGZb9tJX5HHhniWD/+KcZyage+A/B0MN0qf1AUZp lwG4zu/pRqKjpF+gsLAjNxvxF6/J0N3QW8Ioo=
- Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:sender:in-reply-to:references:date :x-google-sender-auth:message-id:subject:from:to:content-type :content-transfer-encoding; b=sV1RJQp89Fy14qQMUCqSaKsZYxM0Gm9OP5sawXIyeSWH5QAgZ2Lt7OYmzXO26KL4Ph jLWzpsBHuqBezOsru7tJ2/sUH91CE5MTXU81g6Ciu/9uavQTdRFjf4hTFsYmDhcYISjw L6mjL5k1p7qWUnJtQ0hWKvkGC4OZZUeok37z0=
- In-reply-to: <AANLkTim_puWS=ZpxxtWgxqz7abFhfawBQeqdhg0qBBB2@xxxxxxxxxxxxxx>
- References: <AANLkTim_puWS=ZpxxtWgxqz7abFhfawBQeqdhg0qBBB2@xxxxxxxxxxxxxx>
- Reply-to: or-dev@xxxxxxxxxxxxx
- Sender: owner-or-dev@xxxxxxxxxxxxx
On Fri, Dec 3, 2010 at 6:25 AM, Weidong Shao <weidongshao@xxxxxxxxx> wrote:
> Hi
> I did a packet capture and found that the IP datagram size for TLS between
> my browser and the first relay has different sizes, some of which are 638,
> which corresponds to the fixed TOR cell size of 512. But I also see sizes
> of 1500, and other values.
> Does it mean that there are IP packets other than the 512-byte tor cell in
> the same TLS connection?
It's just as likely that the packets aren't always getting sent in
multiples of one cell. The current code puts cells in a buffer as
it's about to send them, and lets the buffers and ratelimiting
backends decide how much to send at a time.