[tor-dev] Proposal: Controller events to better understand connection/circuit usage
Karsten Loesing
karsten at torproject.org
Wed Feb 6 16:14:12 UTC 2013
Hi everyone,
here's a proposal that defines three new controller events for the
TestingTorNetwork mode that shall help us better understand connection
and circuit usage in private Tor networks with the goal to make
simulations more accurate.
And there's also code:
https://gitweb.torproject.org/karsten/tor.git/shortlog/refs/heads/morestats2
Feedback, to both proposal and code, much appreciated!
Thanks,
Karsten
Filename: xxx-usage-controller-events.txt
Title: Controller events to better understand connection/circuit usage
Author: Rob Jansen, Karsten Loesing
Created: 2013-02-06
Status: Open
Target: 0.2.5.x
1. Overview
This proposal defines three new controller events that shall help
understand connection and circuit usage. These events are designed
to be emitted in private Tor networks only. This proposal also
defines a tweak to an existing event for the same purpose.
2. Motivation
We need to better understand connection and circuit usage in order to
better simulate Tor networks. Existing controller events are a fine
start, but we need more detailed information about per-connection
bandwidth, processed cells by circuit, and token bucket refills. This
proposal defines controller events containing the desired information.
Most of these usage data are too sensitive to be captured in the
public network, unless aggregated sufficiently. That is why we're
focusing on private Tor networks first, that is, relays that have
TestingTorNetwork set. The new controller events described in this
proposal shall all be restricted to private Tor networks. In the next
step we might define aggregate statistics to be gathered by public
relays, but that will require a new proposal.
3. Design
The proposed new event types use Tor's asynchronous event mechanism
where a controller registers for events by type and processes events
received from the Tor process.
Tor controllers can register for any of the new event types, but
events will only be emitted if the Tor process is running in
TestingTorNetwork mode.
4. Security implications
There should be no security implications from the new event types,
because they are only emitted in private Tor networks.
5. Specification
5.1. Adding an ID field to ORCONN events
The new syntax for ORCONN events is:
"650" SP "ORCONN" SP (LongName / Target) SP ORStatus
[ SP "ID=" ConnId ] [ SP "REASON=" Reason ]
[ SP "NCIRCS=" NumCircuits ] CRLF
ConnID is the connection ID which is locally unique among all
connection types and which is only included in TestingTorNetwork
mode.
The remaining specification of that event type stays unchanged.
5.2. Bandwidth used on an OR or DIR or EXIT connection
The syntax is:
"650" SP "CONN_BW" SP ConnID SP ConnType SP BytesRead SP
BytesWritten CRLF
BytesRead = 1*DIGIT
BytesWritten = 1*DIGIT
ConnID is the connection ID which is locally unique among all
connection types.
ConnType is the connection type, which can be "OR" or "DIR" or "EXIT".
BytesWritten and BytesRead are the number of bytes written and read
by Tor since the last CONN_BW event on this connection.
These events are generated about once per second per connection; no
events are generated for connections that have not read or written.
These events are only generated if TestingTorNetwork is set.
5.3. Per-circuit cell stats
The syntax is:
"650" SP "CELL_STATS" SP
PCircID SP PConnID SP PAdded SP PRemoved SP PTime SP
NCircID SP NConnID SP NAdded SP NRemoved SP NTime CRLF
PCircID and NCircID are the locally unique IDs of the app-ward
(PCircID) and exit-ward (NCircID) circuit.
PConnID and NConnID are the locally unique IDs of the app-ward
(PConnID) and exit-ward (NConnID) OR connection.
PAdded and NAdded are the total number of cells added to the app-ward
(PAdded) and exit-ward (NAdded) queues of this circuit.
PRemoved and NRemoved are the total number of cells processed from the
app-ward (PRemoved) and exit-ward (NRemoved) queues of this circuit.
PTime and NTime are the total waiting times in milliseconds of all
processed cells in the app-ward (PTime) and exit-ward (NTime) queues
of this circuit.
PAdded, NAdded, PRemoved, NRemoved, PTime, and NTime are
semicolon-separated key-value lists with keys being lower-case cell
types and values being cell numbers or waiting times.
These events are generated about once per second per circuit; no
events are generated for circuits that have not added or processed any
cell. These events are only generated if TestingTorNetwork is set.
5.4. Token buckets refilled
The syntax is:
"650" SP "TB_EMPTY" SP ["GLOBAL" || "RELAY" || "ORCONN" SP ConnID]
SP ReadBucketEmpty SP WriteBucketEmpty SP LastRefill CRLF
This event is generated when refilling a previously empty token
bucket. The "GLOBAL" and "RELAY" keywords are used for the global or
relay token buckets, the "ORCONN" keyword together with a ConnID is
used for the token buckets of an OR connection.
If both global and relay buckets and/or the buckets of one or more OR
connections run out of tokens at the same time, multiple separate
events are generated.
ReadBucketEmpty (WriteBucketEmpty) is the time in millis that the read
(write) bucket was empty. LastRefill is the time in millis since the
last refill. ReadBucketEmpty or WriteBucketEmpty are capped at
LastRefill in order not to report empty times more than once.
These events are only generated if TestingTorNetwork is set.
6. Compatibility
There should not be any compatibility issues with other Tor versions.
7. Implementation
Most of the implementation should be straight-forward.
There's one exception: we pondered adding a unique circuit ID to
CELL_STATS events, but so far, only origin circuits have a unique ID.
We could move that field from origin_circuit_t to circuit_t and
update all references in the code. But this may have undesired side
effects which we're not yet aware of. We don't have a good answer
yet if we need this ID or not.
8. Performance and scalability notes
Most of the new code won't be executed in normal Tor mode. Wherever
we needed new fields in existing structs, we tried hard to keep them
as small as possible. Still, we should make sure that memory
requirements won't grow significantly on busy relays.
More information about the tor-dev
mailing list