[tor-bugs] #6761 [Tor Relay]: PDS_NO_EXISTING_SERVERDESC_FETCH is somewhat archaic

Tor Bug Tracker & Wiki torproject-admin at torproject.org
Tue Sep 4 10:29:39 UTC 2012

#6761: PDS_NO_EXISTING_SERVERDESC_FETCH is somewhat archaic
 Reporter:  arma       |          Owner:                    
     Type:  defect     |         Status:  new               
 Priority:  normal     |      Milestone:  Tor: 0.2.4.x-final
Component:  Tor Relay  |        Version:                    
 Keywords:             |         Parent:                    
   Points:             |   Actualpoints:                    
 In bug #366 we made it so Tor won't open a second dir fetch to an
 authority if it has one already. Great.
         rs = router_pick_trusteddirserver(type, pds_flags);
         if (rs == NULL && (pds_flags & (PDS_NO_EXISTING_SERVERDESC_FETCH|
             log_debug(LD_DIR, "Deferring serverdesc fetch: all authorities
                       "are in use.");

 But we didn't update it to look for begindir conns, so it only applies to
 direct dir fetches. Ok.
       if (no_microdesc_fetching) {
         if (connection_get_by_type_addr_port_purpose(
              CONN_TYPE_DIR, &addr, d->dir_port,

 So it doesn't apply to clients, only relays. That makes sense, because
 relays are the ones who typically would contact authorities anyway.
   int prefer_authority = directory_fetches_from_authorities(options);

 But when a relay starts up and gets a consensus, it has a line like this
 Sep 04 05:47:40.000 [info] launch_descriptor_downloads(): Launching 33
 requests for 3114 routers, 96 at a time

 33 requests! Surely that's way more than the 8 or so authorities we have.
 And relays don't use begindir to talk to authorities, since it slows them
 down too much:
   int use_begindir = supports_begindir &&
                      directory_command_should_use_begindir(options, _addr,
                        or_port, router_purpose, anonymized_connection);

 Doesn't that mean we hit the "one per authority" limit and drop the rest
 of those requests?

 It turns out that directory_fetches_from_authorities() is false for most
 relays when they start up:
   if (server_mode(options) && router_pick_published_address(options,
     return 1; /* we don't know our IP address; ask an authority. */
   refuseunknown = ! router_my_exit_policy_is_reject_star() &&
   if (options->DirPort == NULL && !refuseunknown)
     return 0;
   if (!server_mode(options) || !advertised_server_mode())
     return 0;
   me = router_get_my_routerinfo();
   if (!me || (!me->dir_port && !refuseunknown))
     return 0; /* if dirport not advertised, return 0 too */
   return 1;

 So these relays end up asking arbitrary other relays they found in the
 consensus! Cue Nick's circus music here. Not the best way to get fresh

 In my case here (and I expect it's a common case), my relay failed the
 "!advertised_server_mode" check, since it hadn't done its reachability
 test yet so it hadn't published a descriptor yet.

 Maybe this is actually a feature that just-starting-up relays don't fetch
 descriptors from authorities. It probably doesn't hurt much, and probably
 helps authority load a bit.

 But I don't think it's a feature that we allow multiple descriptor-
 fetching dir requests in parallel to an authority iff they're begindir

Ticket URL: <https://trac.torproject.org/projects/tor/ticket/6761>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list