[tor-talk] shutdown latencies
Justin Aplin
japlin at gmail.com
Wed Feb 15 22:47:41 UTC 2012
On 2/15/2012 3:31 PM, eliaz wrote:
> Thanks, this gives me someplace to start.
>
> On 2/15/2012 1:52 PM, Justin Aplin wrote:
>> On Feb 15, 2012, at 12:48 PM, eliaz wrote:
>>> I've set ShutdownWaitLength to 30 minutes in torrc.
>> If this is actually set to 30 minutes, and not 30 seconds, I believe
>> that's your problem
> I do other things besides maintain a bridge on this machine; I've set a
> half-hr timeout so that I can shut down when necessary& then restart
> before the bridge goes down. I thought this would make it easier on the
> network& the people using the bridge.
I think you're misunderstanding the point of the clean shutdown
procedure slightly. Bridges, exits, and middle nodes publish new server
descriptors every time they start, regardless of what their shutdown
state was. So when you reboot your machine, it's not coming back up
"before the bridge goes down", the bridge was "down" as soon as its
process was killed in the shutdown. The new instance on the newly
rebooted machine will be added to the network as soon as Tor starts again.
People who already have your IP/fingerprint listed as one of their
bridges will be able to resume using your node as soon as the Tor
process starts running again.
>>> When for some reason I have to press "Stop Tor" and get the message
>>> "Would you like to shut down gracefully and give clients time to find a
>>> new relay?" along with the red onion icon, what exactly does
>>> this mean?
>>
>> It signals your node to stop accepting new connections, and not
>> renew existing ones when they end. This allows those clients who were
>> connected through your node to smoothly transition to a new node without
>> interruption. At the end of the ShutdownWaitLength timeout, all
>> connections are killed regardless, and the node shuts down.
> I think I understand you to mean that the clients (nodes) are talking
> code to each other, and the actual users don't even notice that the
> bridge is gone& they're on a new path. Is this correct?
This is true as long as the user has more than one bridge listed. When
yours stops accepting connections, their client will automatically
switch to another, (hopefully) providing an uninterrupted connection.
The same is true for users not using bridges, except that they have a
much larger pool of new nodes to pull from, since they don't have to
list which ones to use manually.
>>> The icon seems to sit there forever
> I exaggerated; I guess I've been too busy (aka too damned impatient) to
> wait more than 30 minutes... Thanks again - eliaz
Since your node stops accepting new connections as soon as its shutdown
process starts, it may actually better serve the network to have a short
shutdown time (say, a minute or so). Say, theoretically, several people
usually use your node at once, and only one of them is holding up the
shutdown process, this limits the usability of your bridge for that half
hour or so to just that one person. If you get the reboot over with
quickly, however, you get the node back up in its fully-working state,
able to accept multiple connections, much faster.
The fact that Tor is taking the full 30 minutes to shut down is
bothering me, as I've never seen that behavior before. I have a hunch
that there is one or more people out there for whom you are the only
bridge (or the only working bridge) on their list, so they have nobody
to switch to when you shut down. There's nothing you can do about that,
however, and I'd still recommend the shorter timeout above.
Thanks for running a bridge!
~Justin Aplin
More information about the tor-talk
mailing list