[tor-bugs] #24902 [Core Tor/Tor]: Denial of Service mitigation subsystem
Tor Bug Tracker & Wiki
blackhole at torproject.org
Tue Feb 13 03:50:20 UTC 2018
#24902: Denial of Service mitigation subsystem
-------------------------------------------------+-------------------------
Reporter: dgoulet | Owner: dgoulet
Type: enhancement | Status:
| needs_revision
Priority: Very High | Milestone: Tor:
| 0.3.3.x-final
Component: Core Tor/Tor | Version:
Severity: Normal | Resolution:
Keywords: ddos, tor-relay, review-group-30, | Actual Points:
029-backport, 031-backport, 032-backport, |
review-group-31, SponsorV |
Parent ID: | Points:
Reviewer: arma | Sponsor:
-------------------------------------------------+-------------------------
Comment (by teor):
My relay radia4 became unmeasured shortly after I disabled my firewall and
started relying on the DDoS defences. And then a few hours later, it came
back up again.
I've checked that it's reachable on IPv4 and IPv6, and that the remaining
firewall rules aren't blocking anything (unless the authorities are making
*lots* of connections).
Could the authorities (or the bandwidth authority clients) be triggering
one of the defences?
Aren't authorities meant to be exempted as relays?
Perhaps the bandwidth authority clients are building too many circuits?
(In particular, maatuska, bastet, moria1, and faravahar stopped voting for
it.)
https://atlas.torproject.org/#details/C6B3546CC6BCCB649FEC82D348D464554BC6323D
https://consensus-health.torproject.org/consensus-
health-2018-02-13-01-00.html#C6B3546CC6BCCB649FEC82D348D464554BC6323D
It's back up now, so it's not a big deal. But we should watch out for
missing relay votes during 0.3.3.2-alpha.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/24902#comment:69>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list