Tor client performance (was Re: URGENT: patch needed ASAP for authority bug)
Roger Dingledine
arma at mit.edu
Wed Apr 21 10:59:18 UTC 2010
On Wed, Apr 21, 2010 at 12:01:40PM +0200, Hans Schnehl wrote:
> During all the 'testing', vallenator lost it's guard and stable flag.
> For a try, I left it completely idle for a few days, restarted it
> *with another IP*, only to find the node with 20.000 states/connections
> within some 2 hours. Again, this is the upper limit of connections this
> box will accept.
For those who like patching their Tor, I've attached a diff that applies
to current git. (For developers, it should be easy enough to merge in
to other recent Tor versions too.) It will tell you, once a second at
log-level notice, how many OR conns you have open and how many were used
as one-hop directory fetches. The lines look like:
Apr 21 06:47:30.286 [notice] 7265 (2623,4360) of 9149/9272 used for begindir
Meaning I have 9272 total connections, of which 9149 are TLS connections,
and 7265 of those were used for one-hop directory fetches. Of those 7265,
2623 of those have no circuits attached currently (meaning the client
did its directory fetch, expired the circuit, and hasn't bothered closing
the TLS conn), and 4360 have one circuit attached currently (meaning they
haven't expired the circuit yet). That leaves 7265-2623-4360=282 TLS conns
used for directory fetches that have more than one circuit open currently.
Once I've slept and have thought about it more, I'm going to write a
test patch that will preemptively close these TLS connections earlier
than the client would otherwise close them. Done right, it should help
a lot without screwing up too much -- *if* the problem is that we have
way more directory fetches going on that we anticipated. The problem
might also be that guards have too many incoming connections; we'll
tackle that one separately.
If you want to help out, please run your Tor with the patch for a while
(several hours) and mail me your notice lines. Be sure to tell me which
relay is yours, so I can check out its flags, etc.
> You may see this behaviour for quite a few more nodes by going through
> your historic consensuses or, a little more comfortable, wacthing the
> graphs on one of the TNS sites.
Yeah. Part of the challenge here is that we have a huge influx of users,
or at least user connections, and that causes some relays to give up,
meaning that the huge influx focuses even more on the ones that remain.
So, all of you fine relay operators, please bear with us rather than
giving up. :)
> BTW, only in very rare cases the bandwidth n the consensus for this node
> was anywhere close to what was actually annoounced or it was willing to
> provide. Looks to me as if the authorities method of determining nodes
> bandwidth is somewhat insufficient and therefore may not necessarily be a
> base for anything.
Right -- as described earlier in the thread, the numbers in the consensus
are weights, not bandwidths.
Thanks!
--Roger
-------------- next part --------------
A non-text attachment was scrubbed...
Name: begindir-patch1.diff
Type: text/x-diff
Size: 2499 bytes
Desc: not available
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20100421/eade4ae1/attachment.diff>
More information about the tor-relays
mailing list