[tor-relays] Tor relay occasionally maxing out CPU usage
William Kane
ttallink at googlemail.com
Sun May 17 18:20:54 UTC 2020
Hi there,
I am the operator of the following relay:
https://metrics.torproject.org/rs.html#details/47E1157F7DA6DF80EC00D745D73ACD7B0A380BCF
The relay is running on my Arch Linux server running kernel version 5.6.11.
This is my tor configuration file:
ORPort 37.157.195.83:38619
ORPort [2a02:2b88:2:1::3239:0]:38619
DirPort 37.157.195.83:44776
Nickname michaelscott
ContactInfo ttallink at googlemail.com
ControlPort 9051
SocksPort 0
CookieAuthentication 1
ExitPolicy reject *:*
DataDirectory /var/lib/tor
Sandbox 1
Linux kernel boot parameters from grub:
quiet mitigations=off
Kernel parameters from /etc/sysctl.d set on boot through systemd:
kernel.dmesg_restrict = 1
net.ipv6.ip_nonlocal_bind = 1
kernel.yama.ptrace_scope = 3
vm.swappiness = 60
Tor systemd unit (shipped by distribution):
[Unit]
Description=Anonymizing Overlay Network
After=network.target
[Service]
User=tor
Type=simple
ExecStart=/usr/bin/tor -f /etc/tor/torrc
ExecReload=/usr/bin/kill -HUP $MAINPID
KillSignal=SIGINT
LimitNOFILE=8192
PrivateDevices=yes
[Install]
WantedBy=multi-user.target
Tor systemd unit overrides:
[Service]
ProtectSystem=strict
ProtectHome=true
PrivateTmp=true
ProtectKernelLogs=true
ProtectKernelModules=true
ProtectKernelTunables=true
ProtectControlGroups=true
NoNewPrivileges=true
RestrictSUIDSGID=true
RestrictAddressFamilies=AF_INET AF_INET6
ReadWritePaths=/var/lib/tor
Occasionally, the CPU usage hit's 100%, and the maximum throughput
drops down to around 16 Mbps from it's usual 80 Mbps. This happens
randomly and not a fixed intervals which makes it pretty hard to
profile.
No abnormal entries in the log files.
I found ticket #24857 in which someone describes a similar behavior,
but on _Windows_.
https://trac.torproject.org/projects/tor/ticket/24857
Is this also an issue on Linux?
In that case, setting DirCache to 0 should fix the issue, however that
would mean that, according to the manual, I would no longer be able to
mirror directory information.
If anyone else encountered the same problem and found a solution,
please let me know.
Best Regards,
William
More information about the tor-relays
mailing list