-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
Roger Dingledine:
On Thu, Aug 29, 2013 at 11:30:33PM -0400, krishna e bera wrote:
On 13-08-29 10:35 PM, Gordon Morehouse wrote:
What on earth is causing so many circuit creation requests in such a short timespan?
[snip]
As for the circuit create storm phenomenon... if this is in fact a botnet signing up the million new users, and they're connecting to a hidden service C&C site, then I would expect even fiercer create storms.
See also https://trac.torproject.org/projects/tor/ticket/9574
Hi Roger, and thanks for taking the time to respond. I've definitely seen an increase in the storms compared to the baseline I established on my Raspberry Pi after upgrading to 0.2.4.16-rc; but so far only one crash. There has been a ripple or two on my bigger VPS relays.
If I could bug you for a sec, I do have some questions about how circuit creation works in Tor. I hope you have a moment to answer.
The full message is at:
https://lists.torproject.org/pipermail/tor-relays/2013-August/002589.html
Here is the main set of questions (the "numbers" are in the full message):
My main question: How do circuit creation requests on one's Tor relay cause load on one's network infrastructure? Is it DNS requests? Is it TCP connection state entries? It's not bandwidth, we observed that above, and my router can handle far faster pipes than the one it's on currently. The DNS failing is a sign that the router is under severe stress. Back in the 0.2.3.x days, I often had to reboot the *router* after one of these storms, not just the Tor relay.
And again - do we really know what is causing this? Something seems seriously wrong with the kind of numbers I'm seeing coming in to a node with MaxAdvertisedBandwidth 250KB.
Thanks much, - -Gordon M.