[tor-bugs] #28703 [Core Tor/Tor]: bootstrapping very slow with filtered network
Tor Bug Tracker & Wiki
blackhole at torproject.org
Mon Dec 3 13:22:37 UTC 2018
#28703: bootstrapping very slow with filtered network
--------------------------+------------------------------
Reporter: weasel | Owner: (none)
Type: defect | Status: new
Priority: Medium | Milestone:
Component: Core Tor/Tor | Version: Tor: 0.3.4.9
Severity: Normal | Resolution:
Keywords: | Actual Points:
Parent ID: | Points:
Reviewer: | Sponsor:
--------------------------+------------------------------
Description changed by weasel:
Old description:
> Hi!
>
> Tor 0.3.4.9, on Debian stretch (thus linked against libssl
> 1.1.0f-3+deb9u2)
> bootstraps very slowly if network access is limited.
>
> Network access is filtered, to only allow outgoing TCP connections to
> ports 80 and 443. All other network connections are DROPped, i.e. from
> an application point of few, connection attempts will just time out. Tor
> is not told about this network restriction (i.e., no FirewallFirwall
> configuration).
>
> The times in the following samples are times (in seconds) from process
> launch (with a non-existing data directory) until PROGRESS=100 is
> reported in a getinfo status/bootstrap-phase:
>
> ''>>150, 12, 135, 137, 131, 143, >>250, >>250, >>250, >>250, 12, 133,
> 153, 135, >>250, 132, 153, 192, >>250, 134, 12, 133, 137, >>250, 135,
> 142, >>250, 135, 9, >>250, >>250, 135, 134, 135, 132, 136, 133, 7, 133,
> 134, >>250, 131, 136, 133, 135, 8, 133, >>250, 133, >>250, >>250, 12,
> >>250, 6, >>250, >>250, 144, 132, 133, 139, 134, >>250, 12, >>250, 135,
> >>250, 135, 133, 133, 134, 11, 133, 133, >>250, >>250
>
> (>>x indicates that the bootstrap process was not finished after x
> seconds and the test has been aborted.)
>
> The chances of bootstrapping in under two minutes (which is for instance
> the timeout that onionbalance uses) are not very good.
>
> It'd be nice if Tor had a way to deal with this better.
New description:
Hi!
Tor 0.3.4.9, on Debian stretch (thus linked against libssl
1.1.0f-3+deb9u2) bootstraps very slowly if network access is limited.
Network access is filtered, to only allow outgoing TCP connections to
ports 80 and 443. All other network connections are DROPped, i.e. from an
application point of few, connection attempts will just time out. Tor is
not told about this network restriction (i.e., no FirewallFirwall
configuration).
The times in the following samples are times (in seconds) from process
launch (with a non-existing data directory) until PROGRESS=100 is reported
in a getinfo status/bootstrap-phase:
''>>150, 12, 135, 137, 131, 143, >>250, >>250, >>250, >>250, 12, 133, 153,
135, >>250, 132, 153, 192, >>250, 134, 12, 133, 137, >>250, 135, 142,
>>250, 135, 9, >>250, >>250, 135, 134, 135, 132, 136, 133, 7, 133, 134,
>>250, 131, 136, 133, 135, 8, 133, >>250, 133, >>250, >>250, 12, >>250, 6,
>>250, >>250, 144, 132, 133, 139, 134, >>250, 12, >>250, 135, >>250, 135,
133, 133, 134, 11, 133, 133, >>250, >>250
(>>x indicates that the bootstrap process was not finished after x seconds
and the test has been aborted.)
The chances of bootstrapping in under two minutes (which is for instance
the timeout that onionbalance uses) are not very good.
It'd be nice if Tor had a way to deal with this better.
--
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/28703#comment:2>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list