[tor-relays] 0.2.4.17-rc on Pi, a couple weeks on
Gordon Morehouse
gordon at morehouse.me
Wed Sep 18 15:04:41 UTC 2013
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Addendum to addendum: the router fail is definitely caused by Tor
connections filling up the router's ip_conntrack table - once it gets
near full, it somehow interferes with a couple other services on my
router (especially DNSmasq) even if there is free RAM. I will need to
figure out some iptables tricks for the Pi, which I've long known, to
prevent this, just no time yet.
Note that somehow, due to a brief enough hiccup I guess, my Pi relay
retained Named, Stable and Fast this morning, so as soon as I
restarted it it was instantly slammed with thousands of connections.
I may need to do the kludge of rate-limiting incoming connections to
the Tor ports for now, using iptables.
Also of note: regarding the ntp and time/clock issue: it appears that
because I was using a particular stripped image of Raspbian, some
spurious .conf and init.d files were left for the Raspbian 'ntp'
package, which I purged, and ensured that only 'ntpdate' (for setting
the clock at startup, run in /etc/rc.local) and 'openntpd' are installed.
Best,
- -Gordon M.
Gordon Morehouse:
> Addendum: restarting tor instantly puts my router into a tailspin
> this morning. This is a WRT54G (old school, 3.0 hardware, 200MHz
> MIPS). While that's old, there are many, many consumer routers out
> there with similar specs and worse firmware. In this case it
> causes major problems with DNS.
>
> I'd like to figure out what is going on with this in order to
> prevent it from happening as part of the Cipollini project[1] so
> (when the time comes) we're not distributing images for Raspberry
> Pi which crash people's routers. :(
>
> Request timeout for icmp_seq 847981 64 bytes from 192.168.1.1:
> icmp_seq=61550 ttl=64 time=1.136 ms Request timeout for icmp_seq
> 847983 Request timeout for icmp_seq 847984 Request timeout for
> icmp_seq 847985 64 bytes from 192.168.1.1: icmp_seq=61554 ttl=64
> time=0.917 ms Request timeout for icmp_seq 847987 64 bytes from
> 192.168.1.1: icmp_seq=61556 ttl=64 time=0.929 ms Request timeout
> for icmp_seq 847989 Request timeout for icmp_seq 847990 64 bytes
> from 192.168.1.1: icmp_seq=61559 ttl=64 time=0.929 ms 64 bytes
> from 192.168.1.1: icmp_seq=61560 ttl=64 time=0.922 ms Request
> timeout for icmp_seq 847993 Request timeout for icmp_seq 847994
>
> Best, -Gordon M.
>
>
>
> Gordon Morehouse:
>
>
> _______________________________________________ tor-relays mailing
> list tor-relays at lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
>
- --
Sent from my thing that sends email.
-----BEGIN PGP SIGNATURE-----
iQEcBAEBCgAGBQJSOcEIAAoJED/jpRoe7/ujY6QIAImt9T6uaH6OYIZsLkmNAwTm
3d+QyDVAz/tewS732QOqhnqqB4eMAnWsec7wNQB0ZmD5H1pkqFDlZqNxQqeAF/Zv
VNNM2IG8nCJGLuvkKE24ta/qpwpLAZY6LvObzTNh9IxYfIteMY4+zU06XRd5jS1J
QN5+RPMOAhL50kaGjVW65r2lDB5/XQdBEoIA3LI4yVCaEUCtBEzC3S3jlzPIxqR7
LVrBACMi0W6A43m3OMvxpejFWMahoATYiZVYmZWc/LysGgmyn70rav47rh9/0psh
gRvnHAF+5YHytgSrDxW1+H9fmA0PnAlbv8YGNkvwLCXGo39oChUc9W34Im9kuSc=
=x7pi
-----END PGP SIGNATURE-----
More information about the tor-relays
mailing list