[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
[tor-talk] [Advanced configuration troubleshooting] Exit node slowed way down
Hi guys,
I've been running a kind-of 1gbps (voxility style 1gbps) exit server on
Debian for a couple months, and while it started out very fast, it's
gotten much slower over time. The server itself hasn't slowed down --
if I do speed tests, it still pulls 25MB/s (bytes not bits) with no
problem (on top of the tor load), but it never seems to push more than
10-12MB/s through the tor network, even if I run 6 tor processes with
each separated onto a private cpu core. Even if I stop the other tor
processes and revert to a single-tor-instance server, it doesn't reach
the old 20 MB/s anymore.
For a visual, you can see how it just sort of gave up on life around the
beginning of August here (although some of that is accounted by extra
tor instances cannibalizing stats):
https://atlas.torproject.org/#details/88984E7F8DDB702644660E10A5C7019FA80B8AFF
Moritz et al previously previously helped me with configuring the
server, when I ran into the 2-instances-per-IP limit, so I'm hoping
maybe you guys can help lightning strike twice and move me through this
wall I've hit. Has anybody had this kind of problem when they added
additional IPs & instances to their server? I think I must have messed
up a setting somewhere...
Also, please dummy-check my configs (just the main instance):
*torrc:*
Nickname 00Teh0Signul00
ContactInfo Administrator <yopackets BT lavabit dot com>
ORPort 10001
DirPort 10030
SocksPort 10050
RunAsDaemon 1
DisableDebuggerAttachment 0
BandwidthBurst 125 MB
BandwidthRate 80 MB
RelayBandwidthRate 80 MB
RelayBandwidthBurst 125 MB
MyFamily $F7360D25BF58BD1CD4E10199619B585A59CB5912,
$374FF6496AB55D44208E6718110736FB88B339F6,
$B3AFCD13E7683757083FAACD6B579B7D35DBD220,
$8937E37AE18C4FEA062915D9CE3C4E3A55499966,
$26F728EF33D03C054B9417FAE92C809DCDEF5ED4
ExitPolicy accept *:10000
ExitPolicy reject 0.0.0.0/8:*
ExitPolicy reject 169.254.0.0/16:*
ExitPolicy reject 10.0.0.0/8:*
ExitPolicy reject 172.16.0.0/12:*
ExitPolicy accept *:20
ExitPolicy accept *:21
ExitPolicy accept *:22
ExitPolicy accept *:23
ExitPolicy accept *:53
ExitPolicy accept *:69
ExitPolicy accept *:80
ExitPolicy accept *:443
ExitPolicy accept *:465
ExitPolicy accept *:563
ExitPolicy accept *:587
ExitPolicy accept *:992-995
ExitPolicy accept *:1863
ExitPolicy accept *:5190
ExitPolicy accept *:5500
ExitPolicy accept *:5800
ExitPolicy accept *:5900
ExitPolicy accept *:6660-6669
ExitPolicy accept *:6891-6901
ExitPolicy accept *:10001
ExitPolicy accept *:9001
ExitPolicy accept *:9090
ExitPolicy reject *:*
*sysctl* (straight c&p [minus the nf_conntrack entries] from Moritz'
excellent guide. nf_conntrack is not currently used on my server):
net.core.rmem_max = 33554432
net.core.wmem_max = 33554432
net.ipv4.tcp_rmem = 4096 87380 33554432
net.ipv4.tcp_wmem = 4096 65536 33554432
net.core.rmem_default = 524287
net.core.wmem_default = 524287
net.core.optmem_max = 524287
net.core.netdev_max_backlog = 300000
net.ipv4.tcp_mem = 33554432 33554432 33554432
net.ipv4.tcp_max_orphans = 30000
net.ipv4.tcp_max_syn_backlog = 300000
net.ipv4.tcp_fin_timeout = 4
vm.min_free_kbytes = 65536
net.ipv4.tcp_keepalive_time = 60
net.ipv4.tcp_keepalive_intvl = 10
net.ipv4.tcp_keepalive_probes = 3
net.ipv4.ip_local_port_range = 1025 65530
net.core.somaxconn = 30720
net.ipv4.tcp_max_tw_buckets = 2000000
net.ipv4.tcp_timestamps = 0
*ifconfig -a:*
eth0 Link encap:Ethernet HWaddr e8:39:35:4d:d6:53
inet addr:93.114.43.156 Bcast:93.114.43.191 Mask:255.255.255.192
inet6 addr: fe80::ea39:35ff:fe4d:d653/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:5605736 errors:0 dropped:0 overruns:0 frame:0
TX packets:5380620 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:20000
RX bytes:4696777991 (4.3 GiB) TX bytes:4190572765 (3.9 GiB)
Interrupt:20 Memory:fe400000-fe420000
eth0:1 Link encap:Ethernet HWaddr e8:39:35:4d:d6:53
inet addr:93.114.40.194 Bcast:93.114.40.255 Mask:255.255.255.192
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Interrupt:20 Memory:fe400000-fe420000
eth0:2 Link encap:Ethernet HWaddr e8:39:35:4d:d6:53
inet addr:93.114.43.233 Bcast:93.114.43.255 Mask:255.255.255.192
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Interrupt:20 Memory:fe400000-fe420000
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:2294 errors:0 dropped:0 overruns:0 frame:0
TX packets:2294 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:4315831 (4.1 MiB) TX bytes:4315831 (4.1 MiB)
*resolv.conf:*
nameserver 184.169.143.224
nameserver 79.172.201.120
nameserver 84.22.106.2
nameserver 8.8.8.8
nameserver 4.2.2.2
nameserver 209.244.0.3
nameserver 8.26.56.26
nameserver 198.153.192.1
Thanks again!
P.S. I've tried hundreds of things at this point (creating a "clean"
torrc, conntrack, no conntrack, modifying MTUs, changing kernel setting
per guides... unchanging them...), and none of them seem to make a
significant difference. I would be grateful for new ideas -- hoping I
made an obvious mistake...
_______________________________________________
tor-talk mailing list
tor-talk@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk