[tor-relays] Exit relay operators please help test #2667 branch
s7r
s7r at sky-ip.org
Wed Feb 3 23:20:58 UTC 2021
Roger Dingledine wrote:
> Hello friendly relay operators,
>
> Another day, another weird thing with the Tor network. This time we
> have some jerk bombing the directory authorities with directory fetches,
> and doing it via exits:
> https://lists.torproject.org/pipermail/network-health/2021-January/000661.html
>
> The network is mostly holding together, but I wouldn't say it is pretty.
>
> One of the long-term fixes will be ticket #2667:
> https://gitlab.torproject.org/tpo/core/tor/-/issues/2667
> where exit relays refuse to let users connect back into the Tor network.
>
> David and I made a branch this evening that implements #2667, and it
> could use some testing. If you're comfortable building your exit relay
> from a git branch, please do, and let us know how it goes. It is the
> "ticket2667" branch on either
> https://git.torproject.org/user/arma/tor
> or
> https://gitlab.torproject.org/arma/tor/
>
> And if your relay is currently using 100% cpu and/or way more bandwidth
> than usual, you might be especially excited to try out this patch. :)
>
> When the defense triggers, you will see an info-level log line like
> "%s tried to connect back to a known relay address. Closing."
> (where %s is the destination, so don't get upset at them. :)
>
> You can let us know how it's going either by mail just to me, or by a
> reply on the list, whichever you prefer. Once we know that you're running
> the branch, we can also probe your relay remotely to verify that it is
> correctly refusing those connections.
>
> Thanks!
> --Roger
>
Hello,
Indeed the defense is triggered more often than I expected. Very nice.
I tried to read on that ticket that's a decade old but didn't understand
what was the final resolution.
This defense is only implemented at the Exit relay, and it blocks all
the relay:ORPort / DirPort combinations that exit knows about according
to its version of the consensus?
What happens if the abuser has a different valid consensus (newer/older)
that has some relays which are not known by the Exit? Or if the abuser
uses for re-entry a relay configured with `PublishServerDescriptor 0`?
How does it treat bridges?
And most important, does this means that an Exit will no longer try to
connect to other middle relay? At this moment can't an exit relay (of
course with a small probability) be used as a middle or entry? Won't
this become a mess if we have 80% of relays Exits and thus used more as
1st or 2nd hops, or in a perfect future where 100% or relays are all exits?
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 495 bytes
Desc: OpenPGP digital signature
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20210204/8f8aa3b4/attachment.sig>
More information about the tor-relays
mailing list