[tor-relays] Balancing throughput versus getting Black-Holed
Mirimir
mirimir at riseup.net
Wed Oct 25 23:39:20 UTC 2017
On 10/25/2017 12:31 PM, teor wrote:
>
>> On 26 Oct 2017, at 10:23, Mirimir <mirimir at riseup.net> wrote:
>>
>> On 10/25/2017 11:31 AM, Paul Templeton wrote:
>>>
>>>> How long is your relay blackholed for?
>>> Usually 12Hrs - I'll look at a second IP to see if it helps a bit.
>>>
>>> Having the ability to rotate address would be good... :)
>>>
>>> Paul
>>
>> I wonder how quickly the subnet would get black-holed.
>>
>> I've thought of doing that with IPv6. With a /64, the relay could use a
>> new OutboundBindAddress for each circuit.
>
> Or each stream.
Right, per stream :) That'd be cool.
> There's a design tradeoff here: using a different address for each stream
> provides less linkability between streams on the same circuit. But it may
> confuse remote websites that expect all requests from a page to come from
> the same source IP address.
Could circuit vs stream be configurable in the client?
> I think we would probably choose an IP per stream, because our design is
> willing to compromise usability on a few websites for privacy on all.
>
>> But maybe the /64 would just
>> get black-holed.
>
> Maybe. Shall we try it and see?
>
>> DirPort and ORPort would, of course, be IPv4.
>
> Relays must have an IPv4 ORPort.
>
> Relays should also declare (if possible):
> * an IPv4 DirPort, to help other relays and tools like stem
> * an IPv6 ORPort, to help IPv6 clients
>
> T
>
> --
> Tim / teor
>
> PGP C855 6CED 5D90 A0C5 29F6 4D43 450C BA7F 968F 094B
> ricochet:ekmygaiu4rzgsk6n
> ------------------------------------------------------------------------
>
>
>
> _______________________________________________
> tor-relays mailing list
> tor-relays at lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
>
More information about the tor-relays
mailing list