[tor-dev] Adding a NotDir router status flag

Matthew Finkel matthew.finkel at gmail.com
Tue Jun 9 03:40:02 UTC 2015


On Wed, Jun 03, 2015 at 01:33:11AM +1000, teor wrote:
> 
> > Date: Fri, 29 May 2015 14:24:33 +0300
> > From: s7r <s7r at sky-ip.org>
> > 
> > Signed PGP part
> > Hi Matt,
> > 
> > Nice to hear there's ongoing work for this proposal.
> > 
> > I also see the NotDir flag as useful for migration, because for quite
> > some time after prop 237 is implemented we will still have relays in
> > the consensus which will have DirPort open (separate from ORPort). A
> > client needs to know to make directory requests on DirPort for the
> > relays with V2Dir flag, and know to make directory requests on ORPort
> > for the relays which only have ORPort open and NotDir flag.
> > 

Right. Interestingly, zero clients care about the V2Dir flag currently.
It's purely a cosmetic detail of the consensus. It is useful for us,
but it will be nice when Dir Auths stop voting for it.

> > 
> > After (hopefully) medium time we can drop the V2Dir flag (we are way
> > passed from V2 directory anyway) and after longer time we can also
> > drop NotDir. I guess this depends if directory requests on ORPort will
> > be only implemented in new Tor releases or also backport?
> 
> It's unlikely we'd backport a feature of this magnitude - we already ran into issues (mainly with hidden services) when the authorities assumed that relays with only an ORPort would answer directory requests, but the relays weren't actually doing so.
> 

There's no need for backporting this. Old versions of Tor won't care about it.

> > I guess we
> > can say it's safe to drop both flags when over 95% of the relays
> > respond to directory requests on ORPort. We will just need Valid flag
> > to make sure we can separate the relays which try to poison directory
> > data.
> 
> When relays have AccountingMax set, they disable their DirPort to maximise the bandwidth used for relaying Tor cells.
> This implies that they should also ask for the NotDir flag, and refuse to
> respond to directory requests on both the DirPort and ORPort. (We don't want relays that are already bandwidth-constrained receiving directory requests that we know they'll refuse - this is a waste of their bandwidth.)
> 
> Does this need to be part of prop 237?
> 

Ah, yes, but no. It's in the implementation but not in the proposal.
Good catch. I'll add this as an implementation note in the proposal.

> Since the NotDir flag is still useful in with AccountingMax, we should reconsider the plan to drop NotDir in a few releases' time.
> 

Yes, I suspect it will take a few years before enough clients and relays upgrade.


Thanks for the feedback!


More information about the tor-dev mailing list