[tor-bugs] #33336 [Circumvention/Snowflake]: Trial deployment of Snowflake with Turbo Tunnel

Fri Feb 21 10:57:27 UTC 2020

#33336: Trial deployment of Snowflake with Turbo Tunnel
-------------------------------------+--------------------------
 Reporter:  dcf                      |          Owner:  dcf
     Type:  task                     |         Status:  accepted
 Priority:  Medium                   |      Milestone:
Component:  Circumvention/Snowflake  |        Version:
 Severity:  Normal                   |     Resolution:
 Keywords:  turbotunnel              |  Actual Points:
Parent ID:                           |         Points:
 Reviewer:                           |        Sponsor:
-------------------------------------+--------------------------

Comment (by arma):

 Replying to [comment:12 dcf]:
 > I think I know why idle browsing seemed to disconnect more, at least in
 the quic case. It's because the older version of quic-go we are using
 (2019-04-01) does not send frequent enough keepalives. It sets the
 keepalive interval to half the idle timeout, which for us is
 [https://gitweb.torproject.org/user/dcf/snowflake.git/tree/client/lib/snowflake.go?h
 =turbotunnel-quic&id=d5be0906ffe4ef8de8a9345690713bc362d3bcee#n72 10
 minutes]. Keepalives every 5 minutes are not enough to prevent
 [https://gitweb.torproject.org/user/dcf/snowflake.git/tree/client/lib/webrtc.go?h
 =turbotunnel-quic&id=d5be0906ffe4ef8de8a9345690713bc362d3bcee#n110
 checkForStaleness] from killing the connection after 30 seconds of
 idleness.

 Remember that Tor has its own application level (i.e. tor client <=> tor
 bridge in this case) keepalives.

 Which by an odd quirk of fate are also sent and received every 5 minutes:
 see the KeepalivePeriod torrc option:
 https://gitweb.torproject.org/tor.git/tree/src/core/mainloop/mainloop.c#n1236

 You could in theory crank this number down to 20 seconds to workaround the
 problem at the quic layer. But it is definitely not the right long term
 answer, and also it might introduce other weird side effects, like
 apparently we use the Keepalive parameter to decide if we've waited long
 enough that we should give up on an in-progress-but-not-yet-open OR
 connection:
 https://gitweb.torproject.org/tor.git/tree/src/core/mainloop/mainloop.c#n1236

 It is in any case an option to explore if upgrading the quic libs turns
 out to be messier than expected. :)

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/33336#comment:13>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online