[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-relays] max TCP interruption before Tor circuit teardown?



This morning I got my first Tor traffic flood since upgrading to 2.4.x.
Logs didn't say anything about not being able to handle the amount of
circuit creation requests, but it showed a 200x increase in active TAP
circuits (~400k/hour) and the traffic pattern is the same: Advertising
100kb bandwidth, but slammed with ~2Mb traffic.

When I saw it, I checked my relay's flags, and it has the stable flag,
and has been tagged stable for at least 3 days. It's been up for 7 days.

I would love to contribute data to help correlate w/ your findings
Gordon. Any metrics or logs that would be particularly helpful? I
currently use NTop to measure traffic, but it's not very granular.

I also currently don't use any iptables rules to throttle, but am happy
to experiment with that if you want me to try out any particular
configurations.

Dan

On 11/01/2013 05:30 PM, Gordon Morehouse wrote:
> huh, well, near as I can tell, I didn't get Stable for any time represented yesterday (2013-10-31) for the node VastCatbox.
> 
> So maybe that theory is incorrect.  In that case I don't know what would trigger the SYN flood behavior other than Roger's idea about becoming an introducer for a popular HS, but... eh... seems like a stretch, a node offering 2.5Mbps that isn't flagged Stable?
> 
> -Gordon
> 
> On Fri, 1 Nov 2013 13:10:17 +0100, David Serrano <tor@xxxxxxxxxxxx> wrote:
> 
>> On 2013-10-31 10:04:02 (-0700), Gordon Morehouse wrote:
>>>
>>> I can't
>>> verify it, but my suspicion is this is happening when I get my Stable
>>> flag (I have no idea if I'd gotten it back this morning or not) or
>>> shortly thereafter.
>>
>> You can use https://metrics.torproject.org/relay-search.html and enter
>> your IP address to figure that out.
>>
>>
>> -- 
>>  David Serrano
>>  GnuPG id: 280A01F9
>> _______________________________________________
>> tor-relays mailing list
>> tor-relays@xxxxxxxxxxxxxxxxxxxx
>> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
> 
> 
> 
> _______________________________________________
> tor-relays mailing list
> tor-relays@xxxxxxxxxxxxxxxxxxxx
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
> 

-- 
http://disman.tl
OpenPGP key: http://disman.tl/pgp.asc
Fingerprint: 2480 095D 4B16 436F 35AB 7305 F670 74ED BD86 43A9
_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays