[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-relays] Experimental DoS mitigation is in tor master

To: "tor-relays@xxxxxxxxxxxxxxxxxxxx" <tor-relays@xxxxxxxxxxxxxxxxxxxx>
Subject: Re: [tor-relays] Experimental DoS mitigation is in tor master
From: John Ricketts <john@xxxxxxxxxxx>
Date: Wed, 31 Jan 2018 10:47:14 +0000
Accept-language: en-US
Delivered-to: archiver@xxxxxxxx
Delivery-date: Wed, 31 Jan 2018 05:48:16 -0500
In-reply-to: <20180131091652.GE23414@moria.seul.org>
List-archive: <http://lists.torproject.org/pipermail/tor-relays/>
List-help: <mailto:tor-relays-request@lists.torproject.org?subject=help>
List-id: "support and questions about running Tor relays \(exit, non-exit, bridge\)" <tor-relays.lists.torproject.org>
List-post: <mailto:tor-relays@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=unsubscribe>
References: <20180131091652.GE23414@moria.seul.org>
Reply-to: tor-relays@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-relays" <tor-relays-bounces@xxxxxxxxxxxxxxxxxxxx>
Thread-index: AQHTmnQ3cEcqikAJgkaVLzqnAJ7oFqONzM21
Thread-topic: [tor-relays] Experimental DoS mitigation is in tor master

Woo, for sure!

> On Jan 31, 2018, at 03:16, Roger Dingledine <arma@xxxxxxx> wrote:
> 
> Hi folks,
> 
> Thanks for your patience with the relay overload issues.
> 
> We've merged https://bugs.torproject.org/24902 into tor git master. We'll
> be putting out an 0.3.3.2-alpha release in not too long for wider testing,
> and eventually backporting it all the way back to 0.2.9, but if you're
> the sort who enjoys running code from git, now is a great time to try it
> and let us know of problems and/or successes.
> 
> Here's the changelog stanza:
> 
>  o Major features:
>    - Give relays some defenses against the recent network overload. We
>      start with three defenses (default parameters in parentheses).
>      First: if a single client address makes too many connections
>      (>100), hang up on further connections. Second: if a single client
>      address makes circuits too quickly (more than 3 per second, with
>      an allowed burst of 90) while also having too many connections open
>      (3), refuse new create cells for the next while (1-2 hours). Third:
>      if a client asks to establish a rendezvous point to you directly,
>      ignore the request. These defenses can be manually controlled
>      by new torrc options, but relays will also take guidance from
>      consensus parameters, so there's no need to configure anything
>      manually. Implements ticket 24902.
> 
> To repeat that last part: there are a bunch of torrc options you can
> use to tweak stuff, but you can leave it all at the defaults and it will
> read its instructions out of the consensus parameters:
> https://consensus-health.torproject.org/#consensusparams
> 
> Woo,
> --Roger
> 
> _______________________________________________
> tor-relays mailing list
> tor-relays@xxxxxxxxxxxxxxxxxxxx
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

References:
- [tor-relays] Experimental DoS mitigation is in tor master
  - From: Roger Dingledine

Prev by Author: Re: [tor-relays] What's the priority right now?
Next by Author: Re: [tor-relays] Setting myfamily
Previous by thread: Re: [tor-relays] Experimental DoS mitigation is in tor master
Next by thread: Re: [tor-relays] Experimental DoS mitigation is in tor master
Index(es):
- Author
- Thread