> How much worse? During the Montreal tor dev meeting I counted 1947 circuit build failures. https://lists.torproject.org/pipermail/tor-project/2017-October/001492.html > And where did you scan *from*? I scaned from a server in the Netherlands. > (It's hard to interpret the results without the latency and quality of your > client connection.) I can record latency. What do you mean by quality? I mean... I'm not using these circuits to actually send and receive stuff. > Also, we have just deployed defences to exactly this kind of rapid circuit > or connection building by a single client. I wonder if your client triggered > those defences. The circuit defences would likely cause timeouts, and > the connection defences would likely cause failures. aha! That might explain the terrible results, hopefully it's not that network health has gotten worse in the last six months. > I also wonder if your client triggered custom defences on some relays. I doubt it. I am not making sequential circuits to the same relays. The relays choosen for each circuit builds are generated from a shuffle. > You might get better results if you scan more slowly. > Try to stay under 1 circuit every 3 seconds to each relay from OK. I will try this. The scan will take longer but hopefully produce more accurate and useful results. > your IP address. Try to stay under 50 connections to the same > relay from your IP address. hmm OK. I can limit the number of concurrenct circuits that are being built but I do not believe that txtorcon let's me control the number of "connections" that little-t tor makes. > I'm going from memory, check the Tor man page, dir-spec, and > the consensus for the latest DDoS parameter values.
Attachment:
signature.asc
Description: PGP signature
_______________________________________________ tor-dev mailing list tor-dev@xxxxxxxxxxxxxxxxxxxx https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev