commit 05d9d63548dff686f66b2f1322a7f80e452462a1 Author: teor teor2345@gmail.com Date: Sat Dec 20 11:35:00 2014 +1100
Speed up tor bootstrap phase (chutney portion)
Speed up the tor bootstrap by modifying both tor and chutney.
Comprehensive bootstrap: (30s) Reduce the consensus interval to 10 seconds Depends on corresponding tor changes Don't require any bandwith for an exit flag Depends on corresponding tor changes
Fast Bootstrap: (10s) Assume that everything is reachable and an exit Start building paths once the minimum number of descriptors are available Reduce consensus validity to 2 intervals
Also make other minor config fixes
Resolves bug 13823. Tests resolution of (tor) bug 13718 and children. --- torrc_templates/authority.tmpl | 33 +++++++++++++++++++++++++++------ torrc_templates/bridge-v6.tmpl | 2 +- torrc_templates/bridge.tmpl | 7 ++----- torrc_templates/bridgeauthority.tmpl | 2 +- torrc_templates/bridgeclient.tmpl | 13 ++++++++++++- torrc_templates/client.tmpl | 8 +++++++- torrc_templates/common.i | 27 +++++++++++++++++++++++++++ torrc_templates/exit-v4.i | 16 +++++++++++++++- torrc_templates/exit-v6.i | 16 +++++++++++++++- torrc_templates/relay-non-exit.tmpl | 8 +++++++- 10 files changed, 114 insertions(+), 18 deletions(-)
diff --git a/torrc_templates/authority.tmpl b/torrc_templates/authority.tmpl index eda123c..108e1cf 100644 --- a/torrc_templates/authority.tmpl +++ b/torrc_templates/authority.tmpl @@ -1,19 +1,40 @@ -${include:relay.tmpl} +${include:relay-non-exit.tmpl} + AuthoritativeDirectory 1 V3AuthoritativeDirectory 1 ContactInfo auth${nodenum}@test.test ExitPolicy reject *:* -TestingV3AuthInitialVotingInterval 300 + +# Speed up the consensus cycle as fast as it will go +# Voting Interval can be: +# 10, 12, 15, 18, 20, 24, 25, 30, 36, 40, 45, 50, 60, ... +# Testing Initial Voting Interval can be: +# 5, 6, 8, 9, or any of the possible values for Voting Interval, +# as they both need to evenly divide 30 minutes. +# If clock desynchronisation is an issue, use an interval of at least: +# 18 * drift in seconds, to allow for a clock slop factor +TestingV3AuthInitialVotingInterval 5 +V3AuthVotingInterval 10 +# VoteDelay + DistDelay must be less than VotingInterval TestingV3AuthInitialVoteDelay 2 +V3AuthVoteDelay 2 TestingV3AuthInitialDistDelay 2 -TestingV3AuthVotingStartOffset 0 +V3AuthDistDelay 2 +# This is autoconfigured by chutney, so you probably don't want to use it +#TestingV3AuthVotingStartOffset 0
# Work around situations where the Exit and Guard flags aren't being set # These flags are set eventually, but it takes ~30 minutes # We could be more precise here, but it's easiest just to vote everything -# Clients are sensible enough to filter out Exits without any exit ports, +# Clients are sensible enough to filter out Exits without any exit ports, # and Guards without ORPorts # If your tor doesn't recognise TestingDirAuthVoteExit, update your chutney # to a version that includes the issue-13161-check-torrc-options features -TestingDirAuthVoteExit * -TestingDirAuthVoteGuard * + +# These are all set in common.i in the Comprehensive/Rapid sections +# Work around Exit requirements +#TestingDirAuthVoteExit * +# Work around bandwidth thresholds for exits +#TestingMinExitFlagThreshold 0 +# Work around Guard uptime requirements +#TestingDirAuthVoteGuard * diff --git a/torrc_templates/bridge-v6.tmpl b/torrc_templates/bridge-v6.tmpl index c9ba1e3..7e4ff91 100644 --- a/torrc_templates/bridge-v6.tmpl +++ b/torrc_templates/bridge-v6.tmpl @@ -1,3 +1,3 @@ ${include:bridge.tmpl} -OrPort ${ipv6_addr}:${orport} IPv6Only
+OrPort ${ipv6_addr}:${orport} IPv6Only diff --git a/torrc_templates/bridge.tmpl b/torrc_templates/bridge.tmpl index 0c1a622..34c7f14 100644 --- a/torrc_templates/bridge.tmpl +++ b/torrc_templates/bridge.tmpl @@ -1,7 +1,4 @@ -${include:common.i} -SocksPort 0 -OrPort $orport -Address $ip +${include:relay-non-exit.tmpl} + BridgeRelay 1 ExitPolicy reject *:* - diff --git a/torrc_templates/bridgeauthority.tmpl b/torrc_templates/bridgeauthority.tmpl index 5598069..04fd2b5 100644 --- a/torrc_templates/bridgeauthority.tmpl +++ b/torrc_templates/bridgeauthority.tmpl @@ -1,4 +1,4 @@ -${include:relay.tmpl} +${include:relay-non-exit.tmpl} AuthoritativeDirectory 1 ContactInfo bridgeauth${nodenum}@test.test ExitPolicy reject *:* diff --git a/torrc_templates/bridgeclient.tmpl b/torrc_templates/bridgeclient.tmpl index f414718..4c10c54 100644 --- a/torrc_templates/bridgeclient.tmpl +++ b/torrc_templates/bridgeclient.tmpl @@ -1,5 +1,16 @@ ${include:client.tmpl} + UseBridges 1 -UseMicrodescriptors 0 # Microdescriptors don't work well with bridge clients + +# In some tor versions, Microdescriptors don't work well with bridge clients +# But the latest git sources appear to be fine +#UseMicrodescriptors 0 + ${bridges}
+# Like TestingClientDownloadSchedule, but for bridge clients +# Try to download after: +# the minimum initial consensus time to start with, +# a few eager fetches, +# then half the minimum testing consensus interval +TestingBridgeDownloadSchedule 0, 5 diff --git a/torrc_templates/client.tmpl b/torrc_templates/client.tmpl index 1eb1d99..3aff6cb 100644 --- a/torrc_templates/client.tmpl +++ b/torrc_templates/client.tmpl @@ -1,6 +1,12 @@ ${include:common.i} SocksPort $socksport + #NOTE: Setting TestingClientConsensusDownloadSchedule doesn't # help -- dl_stats.schedule is not DL_SCHED_CONSENSUS # at boostrap time. -TestingClientDownloadSchedule 10, 2, 2, 4, 4, 8, 13, 18, 25, 40, 60 +# Try to download after: +# the minimum initial consensus time to start with, +# a few eager fetches, +# then half the minimum testing consensus interval +TestingClientDownloadSchedule 0, 5 +TestingClientConsensusDownloadSchedule 0, 5 diff --git a/torrc_templates/common.i b/torrc_templates/common.i index 42eebc4..16f2944 100644 --- a/torrc_templates/common.i +++ b/torrc_templates/common.i @@ -1,4 +1,29 @@ TestingTorNetwork 1 + +## Comprehensive Bootstrap Testing Options ## +# These typically launch a working minimal Tor network in 25s-30s +# See authority.tmpl for a partial explanation +#AssumeReachable 0 +#Default PathsNeededToBuildCircuits 0.6 +#Disable TestingDirAuthVoteExit +#Default V3AuthNIntervalsValid 3 + +## Rapid Bootstrap Testing Options ## +# These typically launch a working minimal Tor network in 6s-10s +# These parameters make tor networks bootstrap fast, +# but can cause consensus instability and network unreliability +# (Some are also bad for security.) +AssumeReachable 1 +PathsNeededToBuildCircuits 0.25 +TestingDirAuthVoteExit * +V3AuthNIntervalsValid 2 + +## Always On Testing Options ## +# We enable TestingDirAuthVoteGuard to avoid Guard stability requirements +TestingDirAuthVoteGuard * +# We set TestingMinExitFlagThreshold to 0 to avoid Exit bandwidth requirements +TestingMinExitFlagThreshold 0 + DataDirectory $dir RunAsDaemon 1 ConnLimit $connlimit @@ -7,6 +32,8 @@ ShutdownWaitLength 0 PidFile ${dir}/pid Log notice file ${dir}/notice.log Log info file ${dir}/info.log +# Turn this off to save space +#Log debug file ${dir}/debug.log ProtocolWarnings 1 SafeLogging 0 DisableDebuggerAttachment 0 diff --git a/torrc_templates/exit-v4.i b/torrc_templates/exit-v4.i index eca35e0..375164b 100644 --- a/torrc_templates/exit-v4.i +++ b/torrc_templates/exit-v4.i @@ -1,3 +1,17 @@
# An exit policy that allows exiting to IPv4 localhost -ExitPolicy accept 127.0.0.0/8:* +#ExitPolicy accept 127.0.0.0/8:* + +# An exit policy that allows exiting to the entire internet on HTTP(S) +# This may be required to work around #11264 with microdescriptors enabled +# "The core of this issue appears to be that the Exit flag code is +# optimistic (just needs a /8 and 2 ports), but the microdescriptor +# exit policy summary code is pessimistic (needs the entire internet)." +# An alternative is to disable microdescriptors and use regular +# descriptors, as they do not suffer from this issue. +#ExitPolicy accept *:80 +#ExitPolicy accept *:443 + +#ExitPolicy reject *:* +# OR +ExitPolicy accept *:* diff --git a/torrc_templates/exit-v6.i b/torrc_templates/exit-v6.i index 74232a5..5200f3e 100644 --- a/torrc_templates/exit-v6.i +++ b/torrc_templates/exit-v6.i @@ -1,4 +1,18 @@
# An exit policy that allows exiting to IPv6 localhost -ExitPolicy accept [::1]:* +#ExitPolicy accept6 [::1]:* IPv6Exit 1 + +# An exit policy that allows exiting to the entire internet on HTTP(S) +# This may be required to work around #11264 with microdescriptors enabled +# "The core of this issue appears to be that the Exit flag code is +# optimistic (just needs a /8 [IP6?] and 2 ports), but the microdescriptor +# exit policy summary code is pessimistic (needs the entire internet)." +# An alternative is to disable microdescriptors and use regular +# descriptors, as they do not suffer from this issue. +#ExitPolicy accept6 *:80 +#ExitPolicy accept6 *:443 + +#ExitPolicy reject6 *:* +# OR +ExitPolicy accept6 *:* diff --git a/torrc_templates/relay-non-exit.tmpl b/torrc_templates/relay-non-exit.tmpl index 2f4b7f1..bf870a6 100644 --- a/torrc_templates/relay-non-exit.tmpl +++ b/torrc_templates/relay-non-exit.tmpl @@ -3,7 +3,13 @@ SocksPort 0 OrPort $orport Address $ip DirPort $dirport + #NOTE: Setting TestingServerConsensusDownloadSchedule doesn't # help -- dl_stats.schedule is not DL_SCHED_CONSENSUS # at boostrap time. -TestingServerDownloadSchedule 10, 2, 2, 4, 4, 8, 13, 18, 25, 40, 60 +# Try to download after: +# the minimum initial consensus time to start with, +# a few eager fetches, +# then half the minimum testing consensus interval +TestingServerDownloadSchedule 0, 5 +TestingServerConsensusDownloadSchedule 0, 5