[tor-relays] Circuit creation "storms" overwhelming Raspberry Pi?

Roger Dingledine arma at mit.edu
Wed Jun 5 23:42:13 UTC 2013


On Wed, Jun 05, 2013 at 09:20:02AM -0000, temp5 at tormail.org wrote:
> I've been seeing these storms as well on my relay. I average something
> like 100 connections for weeks and weeks per the tor logs, but then
> suddenly it will jump into the thousands and I'll see the "Failed to hand
> off onionskin." and "Your computer is too slow to handle this many circuit
> creation requests!" messages.
> 
> I wonder if it's some type of DDOS too.

The current theory is that these happen when your relay becomes the hidden
service directory, or introduction point, for a popular hidden service.

So these are basically roving hotspots that move around the network. In
the case of the hidden service directory the pain lasts about a day,
and in the case of the introduction point, it lasts for some function of
the duration of the introduction point (could be a while) and the time
that the hidden service descriptor is fresh (15 minutes or so). Based
on the logs here, it sounds like it might be the introduction point in
these cases.

Here are some tickets to look at:
https://trac.torproject.org/projects/tor/ticket/3825
https://trac.torproject.org/projects/tor/ticket/4862
https://trac.torproject.org/projects/tor/ticket/8950

Also, the switch to the new ntor circuit-level handshake should reduce the
cpu requirements for create cells (in addition to being more secure). So
once more people have switched to ntor, these hotspots shouldn't be so
bad. It is unclear if that's the same as 'shouldn't be bad'. :)

https://gitweb.torproject.org/torspec.git/blob/HEAD:/proposals/216-ntor-handshake.txt

--Roger



More information about the tor-relays mailing list