<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta content="text/html; charset=ISO-8859-1"
http-equiv="Content-Type">
</head>
<body bgcolor="#ffffff" text="#000000">
TCP (and thus TLS) in general is a stream protocol. The fact that
Tor or someone else writes to it in units of 512 does not guarantee
anything about how the stream is segmented into IP packets. It
usually gets fragmented the same (or multiples of it), since data is
flushed fast, but you can easily get other sizes when your send rate
is higher or some if TCP's widows gets clogged.<br>
<br>
Csaba<br>
<br>
On 12/03/2010 11:37 PM, Xinwen Fu wrote:
<blockquote
cite="mid:AANLkTi=ye562vrkJMbpwWPoECGBvwqA8_NPsy02Gv4y8@mail.gmail.com"
type="cite">This phenomenon was explored: <a
moz-do-not-send="true"
href="http://www.cs.uml.edu/%7Exinwenfu/paper/CCS09_Fu.pdf">http://www.cs.uml.edu/~xinwenfu/paper/CCS09_Fu.pdf</a>.<br>
<br>
Equal-sized cells at the application layer does not mean
equal-sized packets at the IP layer. <br>
<br>
Xinwen Fu<br>
<br>
<div class="gmail_quote">On Fri, Dec 3, 2010 at 12:18 PM, Nick
Mathewson <span dir="ltr"><<a moz-do-not-send="true"
href="mailto:nickm@freehaven.net">nickm@freehaven.net</a>></span>
wrote:<br>
<blockquote class="gmail_quote" style="margin: 0pt 0pt 0pt
0.8ex; border-left: 1px solid rgb(204, 204, 204);
padding-left: 1ex;">
<div>
<div class="h5">On Fri, Dec 3, 2010 at 6:25 AM, Weidong Shao
<<a moz-do-not-send="true"
href="mailto:weidongshao@gmail.com">weidongshao@gmail.com</a>>
wrote:<br>
> Hi<br>
> I did a packet capture and found that the IP datagram
size for TLS between<br>
> my browser and the first relay has different sizes,
some of which are 638,<br>
> which corresponds to the fixed TOR cell size of 512.
But I also see sizes<br>
> of 1500, and other values.<br>
> Does it mean that there are IP packets other than the
512-byte tor cell in<br>
> the same TLS connection?<br>
<br>
</div>
</div>
It's just as likely that the packets aren't always getting
sent in<br>
multiples of one cell. The current code puts cells in a
buffer as<br>
it's about to send them, and lets the buffers and ratelimiting<br>
backends decide how much to send at a time.<br>
</blockquote>
</div>
<br>
</blockquote>
<br>
</body>
</html>