Upgrade your relay to 0.2.4.17-rc?
Hi folks, I just released 0.2.4.17-rc. Hopefully there will be debs of it soon. It comes with a new feature: - Relays now process the new "NTor" circuit-level handshake requests with higher priority than the old "TAP" circuit-level handshake requests. We still process some TAP requests to not totally starve 0.2.3 clients when NTor becomes popular. A new consensus parameter "NumNTorsPerTAP" lets us tune the balance later if we need to. Implements ticket 9574. So the more relays that upgrade to 0.2.4.17-rc, the more stable and fast Tor will be for 0.2.4 users, despite the huge circuit overload that the network is seeing. Please consider upgrading. If you do, though, please also keep an eye on it -- it's possible we introduced some new bugs and the network will start dissolving once more relays move to the new version. In my spare time I'm also working on a blog post to explain what's going on and what measures we're taking to keep things afloat. Aren't distributed systems fun, --Roger
Roger Dingledine:
I just released 0.2.4.17-rc. Hopefully there will be debs of it soon.
For those in a hurry, automatically built packages are available by adding the following in your sources.list: deb http://deb.torproject.org/torproject.org/ tor-nightly-0.2.4.x-wheezy main You can replace wheezy by squeeze or sid for Debian; or by lucid, oneiric, precise, quantal or raring for Ubuntu. -- Lunar <lunar@torproject.org>
Upgraded to the nightlies this morning. Everything running peachy keen so far. Thanks! On 2013-09-05, at 7:12 AM, Lunar <lunar@torproject.org> wrote:
Roger Dingledine:
I just released 0.2.4.17-rc. Hopefully there will be debs of it soon.
For those in a hurry, automatically built packages are available by adding the following in your sources.list:
deb http://deb.torproject.org/torproject.org/ tor-nightly-0.2.4.x-wheezy main
You can replace wheezy by squeeze or sid for Debian; or by lucid, oneiric, precise, quantal or raring for Ubuntu.
-- Lunar <lunar@torproject.org> _______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
On Thu, Sep 5, 2013 at 7:12 PM, Lunar <lunar@torproject.org> wrote:
For those in a hurry, automatically built packages are available by adding the following in your sources.list:
I see the following messages, which I was not seeing earlier. It eventually completes bootstrapping, 100%: Sep 05 22:04:03.000 [notice] Bootstrapped 90%: Establishing a Tor circuit. Sep 05 22:04:06.000 [warn] Problem bootstrapping. Stuck at 90%: Establishing a Tor circuit. (DONE; DONE; count 10; recommendation warn ) Sep 05 22:04:06.000 [warn] 10 connections have failed: Sep 05 22:04:06.000 [warn] 7 connections died in state connect()ing with SSL state (No SSL object) Sep 05 22:04:06.000 [warn] 3 connections died in state handshaking (TLS) with SSL state unknown state in HANDSHAKE Sep 05 22:04:06.000 [warn] Problem bootstrapping. Stuck at 90%: Establishing a Tor circuit. (Connection refused; CONNECTREFUSED; count 11; recommendation warn) Sep 05 22:04:06.000 [warn] 10 connections have failed: Sep 05 22:04:06.000 [warn] 7 connections died in state connect()ing with SSL state (No SSL object) Sep 05 22:04:06.000 [warn] 3 connections died in state handshaking (TLS) with SSL state unknown state in HANDSHAKE Sep 05 22:04:07.000 [warn] Problem bootstrapping. Stuck at 90%: Establishing a Tor circuit. (Connection refused; CONNECTREFUSED; count 12; recommendation warn) Sep 05 22:04:07.000 [warn] 11 connections have failed: Sep 05 22:04:07.000 [warn] 8 connections died in state connect()ing with SSL state (No SSL object) Sep 05 22:04:07.000 [warn] 3 connections died in state handshaking (TLS) with SSL state unknown state in HANDSHAKE -- Sanjeev Gupta +65 98551208 http://www.linkedin.com/in/ghane
Don't know if this is update specific or just because of the new users in the network: 17:00:25 [WARN] Your Guard curiosity3 ($07AE80AA2F475282E3C08F589826C8FB19E8086B) is failing a very large amount of circuits. Most likely this means the Tor network is overloaded, but it could also mean an attack against you or potentially the guard itself. Success counts are 93/248. Use counts are 91/91. 95 circuits completed, 0 were unusable, 2 collapsed, and 46 timed out. For reference, your timeout cutoff is 60 seconds. On 09/05/2013 04:14 PM, Sanjeev Gupta wrote:
On Thu, Sep 5, 2013 at 7:12 PM, Lunar <lunar@torproject.org <mailto:lunar@torproject.org>> wrote:
For those in a hurry, automatically built packages are available by adding the following in your sources.list:
I see the following messages, which I was not seeing earlier. It eventually completes bootstrapping, 100%:
Sep 05 22:04:03.000 [notice] Bootstrapped 90%: Establishing a Tor circuit. Sep 05 22:04:06.000 [warn] Problem bootstrapping. Stuck at 90%: Establishing a Tor circuit. (DONE; DONE; count 10; recommendation warn ) Sep 05 22:04:06.000 [warn] 10 connections have failed: Sep 05 22:04:06.000 [warn] 7 connections died in state connect()ing with SSL state (No SSL object) Sep 05 22:04:06.000 [warn] 3 connections died in state handshaking (TLS) with SSL state unknown state in HANDSHAKE Sep 05 22:04:06.000 [warn] Problem bootstrapping. Stuck at 90%: Establishing a Tor circuit. (Connection refused; CONNECTREFUSED; count 11; recommendation warn) Sep 05 22:04:06.000 [warn] 10 connections have failed: Sep 05 22:04:06.000 [warn] 7 connections died in state connect()ing with SSL state (No SSL object) Sep 05 22:04:06.000 [warn] 3 connections died in state handshaking (TLS) with SSL state unknown state in HANDSHAKE Sep 05 22:04:07.000 [warn] Problem bootstrapping. Stuck at 90%: Establishing a Tor circuit. (Connection refused; CONNECTREFUSED; count 12; recommendation warn) Sep 05 22:04:07.000 [warn] 11 connections have failed: Sep 05 22:04:07.000 [warn] 8 connections died in state connect()ing with SSL state (No SSL object) Sep 05 22:04:07.000 [warn] 3 connections died in state handshaking (TLS) with SSL state unknown state in HANDSHAKE
-- Sanjeev Gupta +65 98551208 http://www.linkedin.com/in/ghane
_______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
-- Sam Grüneisen - President of FVDE Frënn vun der Ënn is an NPO fighting for human rights with the help of technology. www.enn.lu
On Thu, Sep 05, 2013 at 06:54:57AM -0400, Roger Dingledine wrote:
In my spare time I'm also working on a blog post to explain what's going on and what measures we're taking to keep things afloat.
https://blog.torproject.org/blog/how-to-handle-millions-new-tor-clients --Roger
On 09/05/2013 03:20 PM, Roger Dingledine wrote:
On Thu, Sep 05, 2013 at 06:54:57AM -0400, Roger Dingledine wrote:
In my spare time I'm also working on a blog post to explain what's going on and what measures we're taking to keep things afloat. https://blog.torproject.org/blog/how-to-handle-millions-new-tor-clients
--Roger
_______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
I updated one of our nodes to the newest version. Has this patch the nice side-effect of a better multicore handling? It's amazing that my 8 cores are now finally used. Greetings -- Sam Grüneisen - President of FVDE Frënn vun der Ënn is an NPO fighting for human rights with the help of technology. www.enn.lu
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Upgraded to 0.2.4.17-rc and almost immediately got the following in my syslog: debian kernel: [5000394.949751] TCP: Possible SYN flooding on port 443. Sending cookies. Check SNMP counters. No idea what it means. 443 is my or port. Tor is running fine and bandwidth usage is growing. 50mbit/s atm. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.21 (MingW32) iQEcBAEBAgAGBQJSKJ5vAAoJEJ4b+e/7JJoUgnkIAJryAwVtekZMvwtFdfOTzO9c sKE1gxcvxdWJxD44UGUrIv88s5G9ROwU0e37LCW+L5YNWCCA/k0KS4ueZh8CFVXL DBK8b8XD5IXwSa5o2tex9P0BADj+pTl4ShqfIS/diOJukWEDfICgKh/Xa86GaDvo dbvEtKd6WqT8HbiP7TtlkJonAYDgOIb6mNre7a1W7sNAmwb2GLDZFX2BoAM+0rQK Sdb+oOtylO/12z0GK/YYVNvmxgJXf+GrGB24axCTZEwYAXPga3MAJkr0M3RcMNKx 27ViTkwQZxafjVR2+JXBWb8Bn7RnxO40GMI9ZE8F+Pa2jR2cVrUcEv84+aCDjgk= =W3uU -----END PGP SIGNATURE-----
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Roger Dingledine:
Hi folks,
I just released 0.2.4.17-rc. Hopefully there will be debs of it soon.
I will get binary debs for Raspbian completed this evening, and this time sign them with my public key[1] for anyone who chooses to trust me. It's quite easy, so I'll post a README about building from deb-src for those who don't wish to trust my binaries. The instructions are already on the Tor Project web site though. Thanks * 1000000 for your work on this. [1] 1EEFFBA3 - also attached below for your convenience. Best, - -Gordon M. - -----BEGIN PGP PUBLIC KEY BLOCK----- mQENBFIIHWwBCADSkqB1JQtrMnHAigieI4uhOFE4klu6OSr1pMVkYdI5LMkTc9kG dG/MnFrixOCR3X8tD4cFkPKPT1coxRNzHjcazhpz+ztnUXVEMt1LARVreh+Msl02 b6VaONIjJT8aJFf+9ysS1Y/esP5dwrOW9NdPD8TwE7Po17ZrEiJQ8Sb2hNOAvnLe AuG3h9A7BCe3//RRqBUv7Jc0VIjhnG0deh5e7IF+FY+1llamKZtsPRJMriGhGcmw f9vSmILVocpie41wAS60rHFeoI0zQJKjo+3SZovlJI/OW7CPrUDN3aJ+hXRVGYm6 HrTgdYKSb4obcQ1yiB+UZoP//U+tUVxPIQBHABEBAAG0REdvcmRvbiBNb3JlaG91 c2UgKGh0dHA6Ly9nb3Jkb24ubW9yZWhvdXNlLm1lLykgPGdvcmRvbkBtb3JlaG91 c2UubWU+iQE+BBMBAgAoBQJSCB1sAhsDBQkDwmcABgsJCAcDAgYVCAIJCgsEFgID AQIeAQIXgAAKCRA/46UaHu/7o5d0B/0RyKF4SCi4s6VOV6XTE4RjPUhJtka7YnOj bjcHEvS976/2oSbcemV8zxJUnLzO0TqgI8nCdddOGS+37sBt7+CXXis8XVneoSly 1r7Fx8vOPY/2dZjDb85uMLpUMBXWyHMLrG32yIud1UduC+r2MqelZq0loflTpk9d ghiYexmY5iMdEDfegAsOXPh7KzNHipeG5bjF0ohrWJUF7F3utdGBrTuitvuyO59q EDKBmfqPEonl7z+2HHPViWyaa0bw9q9Ee8Eb5CYjWLp/8KbKX6edKsIaVsuN0R+T h2J0cB3Hq/+Z61Q8DvqukRrpqyCkyz32Z39IF3kKeU/yni7fREhwuQENBFIIHWwB CADXMjO1xsvN30Dkt8qL7C7VYw8xOTgoT+tfIpjOI2daB16QGSxL3hvOj20ZbfRg 4J3m+VuxMz76/PhwhzaeRB3lmnzAXUGdFaTuUehWh+WclU9EXS2mR9zPbP2OJ4QL uCtCa0XkHHoL8NhVH/57mXnsW4vsN/DSjPTUvCwnsbHhmTIYw1zV8x+R7YUb/0mN rToHHqGREYK9THt1jby/LRVKEe0ARrKHeMyY3E5vzhRK+M6Nv2m6BYhtc1Y3kcLT iQ58K5d3feAy28QUM9CC713D7czKtz083Apst9lpBFMJQ/arhuOFzK4a2BugwFq7 ih31Af53VWPGMRYDVCraczklABEBAAGJASUEGAECAA8FAlIIHWwCGwwFCQPCZwAA CgkQP+OlGh7v+6ORCAf+Ka11bi/HCxc136cSHI9F5k0kfFZgZFUirfdB4MpTvxUb MQfkL/HJv5UQdG7qKmf4pLnvu7D/2aFmttlCgNxQf4f01fQXZ14rqw9xrXC6+bg6 mzGv+rZz+UTxTn/saIX+TtZ9GP+AXM+aDgOgk7kUCZcreGQMdzX/rkxj5fi+AsM5 mKDsq29VImL45xGAp+7W7JF9xDTAdEC68yX1YU1rwiSUCRpHn6KlfRKcAXYZAiaG KP7R0WLdrOIx3urheYNgkgiPOe6pKMwq25FAiWIa/BGZuJWhM2VoQbLaY+n4R0qe D+CF7JLDj3HHMwMUb+soYhT07Td7vRyXK2ka2Oi7vw== =xWdW - -----END PGP PUBLIC KEY BLOCK----- -----BEGIN PGP SIGNATURE----- iQEcBAEBCgAGBQJSKLczAAoJED/jpRoe7/uj1F8IAKmEKEszzhaPjuVefoGMvcUX Yq0VVIXXYfB2PrWtfgY2T0VPe5AaFN3VZNgtNLSJOjGzrx+nJg6Oq2uVd/rKu+ML RYq9kmH0WiE8b9cu/SPBAu/7BgKGWUGHH9tOGrQPI1ghdOgM1YpvKTObve3mdhzz KaMOLb0OTTBjyCfuBM+AoY/EwwO0TaeNiOqnCAxWgcAvHUhDxYmBQcjrBUGlqvhw eAuZ9dRa89U/xW3dsRJXncRY7LJ79k4NXwanz4hR90nrEfNEZHTbLk0paoDd8IDK blN5gSE2Oalj6hWz5VywwcmFTMeZD8sXDCrF6S/y/1RDOJqhb4JX1ICcNEp28LQ= =Mqt5 -----END PGP SIGNATURE-----
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Nice, thank you :) Let's see, how Tor reacts on this :D Roger Dingledine <arma@mit.edu> schrieb:
Hi folks,
I just released 0.2.4.17-rc. Hopefully there will be debs of it soon.
It comes with a new feature: - Relays now process the new "NTor" circuit-level handshake requests with higher priority than the old "TAP" circuit-level handshake requests. We still process some TAP requests to not totally starve 0.2.3 clients when NTor becomes popular. A new consensus parameter "NumNTorsPerTAP" lets us tune the balance later if we need to. Implements ticket 9574.
So the more relays that upgrade to 0.2.4.17-rc, the more stable and fast Tor will be for 0.2.4 users, despite the huge circuit overload that the network is seeing.
Please consider upgrading. If you do, though, please also keep an eye on it -- it's possible we introduced some new bugs and the network will start dissolving once more relays move to the new version.
In my spare time I'm also working on a blog post to explain what's going on and what measures we're taking to keep things afloat.
Aren't distributed systems fun, --Roger
_______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
- -- We don't bubble you, we don't spoof you ;) Keep your data encrypted! Log you soon, your Admin elrippo@elrippoisland.net Encrypted messages are welcome. - -----BEGIN PGP PUBLIC KEY BLOCK----- Version: GnuPG v1.4.11 (GNU/Linux) mQINBFH797MBEAC0Y0NeI7lmDR9szTEcWuHuRe0r/WjSRC0Nr5nXsghuMcxpJ3Dd BOBimi4hdMMK4iqPVMwNw6GpKYR3A9LHHjbYRXHUKrJmB+BaJVyzJXN5H6XvxTTb UfX+DaXAGJW/G+3cBB3qm/QaU8QGkBKfXq0DLTaTGPkGKxEAldj/8onGZhawdJs+ B92JrW+S2HDh15pIuXzSqe7eCcIOdvvwfWe0fJi2AraA7LYGpxP6GcC/b9JJpbq5 Y6DfE2Aun9ZK3iHqURyrms0Whbv1CgmUahL2MVYCsTsXwe0GwlAxxKvjXAiXuo+R 9wO5wsXvVVSVNqsk9Yqi+wYzdPKndTU0GyxSApQHroF+cxaZ8Lk0xloj18+LdCSs e5IiTSXH0MMsDdWWdHlrgk+bgDG+0Gu3ne4vMwGdKO7AhYgQW/ueMy4RnkG/nsV9 jry5BO4gGAI1Ij8KvqUzEnvJFGE3ptJogU+zazWWDUWmL3ecKb3aDRlJFnZ3kJ5h q8GolZVjpk99V+4B5WVRPXdej/p5J19tXycK/jdNmr4oC8NyUhIpe8xHELnfoB4z +rxiTx+KMnW0rY8EQg8O2ixEYt5my90IwQkxcxIxextVrqjJjYn8extc2/v8yGzI KmTEJxdADB5v/Jx4HiLHNDSfBUb8gfONCkNSTYvTcSwTjWzHOkXeE/9ZbQARAQAB tD5lbHJpcHBvIChrZWVwIHlvdXIgZGF0YSBlbmNyeXB0ZWQpIDxlbHJpcHBvQGVs cmlwcG9pc2xhbmQubmV0PokCOAQTAQIAIgUCUfv3swIbLwYLCQgHAwIGFQgCCQoL BBYCAwECHgECF4AACgkQhN8ffmrgNkT8+BAAoAXBqu4/O2Cs5FSWWZpzgScNEgq7 uHhOKeYmRfgKlOUPoYlPB1DBqdOAXSKb9OvsmyOvpoGnqijB7aAJBoyQYW/OCQgd U8L4eTCf4yRZnfFLdgskcPfN1p0Rs/yinGEooBJFtYa7mT6J0UTW2JjCLZK2AFCW oF+KBu5JICXGBXigb2ZbX1jWjxP5H1RidQw6HF5z4z34SjLWAOOeZ8B/Xfz6Fs0s IAuLu2O4HE4DI8Qu196LhSVHHgr3uMTkvN1t5nKwyjrRQztwXXk9qIomII3ydNYb BYAGdWNNMfLb1kmDwC5wQHAFvSP1aiMF3aKAY+gl2wXSGO6JqM0SteJS3dytIljI kzu0atc9HuGs/HDQgdmpAS4WU2YefEr/WieltSiAKlwuC+3wg+CONJ6TE1vgNDU/ axerttb0jq7UQb/nAp05bsrB7XH1Vs+1ON9lUPEfWRmwQcrVK5JUrUWa/4tA/UeM XvFcPFtFluGTlLewgJIqcvjPXFwpbDZprXJsMkwew/A6B6n3+0sbgf7p3QSGkVbi dwQAymTbHdYqLnbcnKZhjto3Wjw1J5QB2wuiRYlpjV3i7AWTGlqoSTOWCCV+HamQ qeFYNYAWNFx3+J/oi7xDi8t9bHVNA205equ+y2sj3G5uGJ6LSHQ8AXp9uOipUUvU 1MJN0yLXr9PIwvi5Ag0EUfv3swEQAL0+MnxHGrTjSYdfdua4SBpmytDONM1EngeY s+WyaC/760MughKbaysI/nK2LB1vnwEY7f3NM4fxBx8u2T7VBm6Ez6Fs23Bb8Rkz f97bPSdxCmg64GPHfLA9uwTIXcYS+MpI86WOf6eWY0rRpf7Y9Nl7YoUNvzOyUPqc ggdcnHce8zYv7A/WS8flZDm8tVFPsHrQDEwNMws7ZhiNnHkeZeRJrvCuB7oEVich O/ROYoA5o6NozWYQbjxe1f6Yur4Q10qgVcxVnyLFJSbg6vZSzL7KYh3Z5iBOzPHt 7cwEDrW8W4Kl2Qj8rhJ4Wxs94CAtua7IXK44sVZWQbyHcOXRikgGMZKkEZzVCQa5 KD1u1ZrcBCyuMAir0hsmS3jhCUwpiE2c3SRk8O8CgixhTcBk0X/k9ZFu3Hbi1JMB FLzs/Nq3tYAYvVivhPloSxmYBPsafYHCZM83yBNNsralXh5zjB+di90G+AMXt2PN LTcdovZuWtC0s8/jrx+zv/AA4FAGYU9OVl+YL9ybFX8gSdMEcixyzQcKfiFBjpWv 5iFrwIuDlaXMcheyrhc9aGOxfx44OXc505+VjO/1Q/8EOWlJ6UwOi6GMkj5T+RFJ MDyP0UixS7dt6wTuD5t6PRuyWWxZswgrbL9hjwGFr154Z19TWeNWc23pWtUvQJos UCxl2nFHABEBAAGJBD4EGAECAAkFAlH797MCGy4CKQkQhN8ffmrgNkTBXSAEGQEC AAYFAlH797MACgkQJEPd69lQ0evA+Q/+M7lSFlrQWiRsFqDjh+kTJc+0OEBCvnfo N2KPyXXbfc//qup55PfEygE6C60zvrlv3WE33GZ5GS5MLuDMP82b+a5Yt16NQU7L WtAg1g0S0BvazW+28TgnfO8bhbGaFeE9ccw3xLmlbwZQ3f3LtMKdwFIROiG6hvAs 9U54QYti3tv9DowRYYWpdr0Ga8RqeGNtCKc0v2opy51MpzKWjwUW0i3XlSlyY8Lj 1KT8PyznNPw32nYpmDizz+0OUJNnn/kT+GnFoR3DJnFosTOrnxFJp+N+nejMp/gW r9NM0/E7H+P53IiytBOt5/0vsOaCFGdYGhKEjmJi3dHS4Xk1ObD1mjdD1YDOlWWU 3Md6BDHd4W7Q8gT7oQfTIMLd3HzV+WNPIdocPLBaeA/tRD8Pg5CCmncAmSub4F5T An7FlnACtSOv3cIWQ0TymS42DihDaJ5d1RvNzKw+zHYdPvf471JFZR3TDhkPbLIr 9czR7kbpnXRwchgwXQn306NVWf37TgA8wpbnFTazZ38iOeqcb9oKprqnbgEdr3PN OhKSlMTkzAqf3MEi2Fyua4BADMhS3oBwCRgDTlt6wquEytpNSlZaHnyiyIgOpekF Uy5K3w8NhHqeifRPrNb/UcCbXtXz+puqIEZHMenpv6FRlTTKpdoHoVXSkp1TPMGN /VaCiLbP4Z3xEw/9EbAJJkhmmx1Qw3ueoqc4h1MmhUtIdxSZ/oA9SjwlnY++zvaZ 6w1wTS4P+OUkETNDtItdpxXMJ9qfSy9voAQc2K43WMZCCmpPJYSdqaZZNPFj+Ne8 6FNtNKuUkXREybpHwlVAXnHzInmFOOM9RAmF70r3zEmKt77W1ztBLo2o9X79gPgL u9ThgrH6Oc2k46n+9nc3joccr7miiX/bp976DNWcWdOYThiSSOCb8Zw9/Zs935i1 wUVkYTj24tmBH4H5ov9ib7RPmU21ru458RbUKG0ONAqBtAHNyXHzUnXsrke+D4VW MI06YcXSk8YeYgQ8GxgHQc+W2bb8LIbKN1hEYJ0wzM62vKR2/Oiwuf8lXutIKTuz +v7Vj1PQd66DGHsxtWRaWnr1c54JTL2wICHJYKFH4grp7864+GL/uQ1O/Z/XxVku E1JQ/AnwBGU1M1S6otwWGWVRjzEzQtxsfcCEPvV/9td3FIFQAbGTPb+48XFU+TY9 8AlcXBlDzXq7c5f8Evn/oSIsZDt63K4HNTmMGqOTl/p1aA0e4eyX76LczY06rDP5 GMSNs+AHmYgZiS4RYhRUIvS9uLXMnnDAMYst0SDl2orDUUeHBTzu0rchyknBZMGP p5wQuWQ9CFlV+dj3UYbrBwC1lTkAMXRG2vlhA0V0TZqos7A5D4VHgSUQQjE= =otlL - -----END PGP PUBLIC KEY BLOCK----- -----BEGIN PGP SIGNATURE----- Version: APG v1.0.8 iQJcBAEBCABGBQJSKMbRPxxlbHJpcHBvIChrZWVwIHlvdXIgZGF0YSBlbmNyeXB0 ZWQpIDxlbHJpcHBvQGVscmlwcG9pc2xhbmQubmV0PgAKCRAkQ93r2VDR68qND/4p 8JxywXtMAue8jAHp4mdoCCWqUUuTRWgpOU2ZdXBDqzJHxDKAyam/iaYiVhUfy9xa rh2POhRPmAjRCwEQnE2vtMjeqo+ESZ7dP5FN1+T1SuhLt99J6RKJHOmTy4QhIVCJ 6EubbKyBU/VHRmjDjjy7qWBjIBhjxH4aPirBAAMT3u8+vuzYE4JO23MWsj4JX2VR ynUeSSMOJj13gjrazY7j2a2ROfbRWRdAMRlPSC1dWjsmMsBWx1Io/ovzXo6T+Ccr /McaqKvinVmN8LUFdiTtUzjwYGHkdMVuEmZ/AKlOK10pgZtN11EGBf61qTVSpD8J L+Kk/d9WJAcSXU0QBNoPJzQneuBBYYOOhPa3fxylMHXv7KOREfox2HxFepWkYtS7 6CXzmuDPeDwhmkMcjOFxtzK6rcl+DvB8HaktQ76uzjpgfxqu4EOUFCj0BI3qCWCM U0Dnkpcl1N7V4mrpr0c/5TT+Z7R2T+KoZTDeYIKc/jaAinaGrt+DUUP1y14BdK93 j8y6C8fYhT+EeU9LmhaRvbrXSyj/tQQYNHRx1EFJZVub5jpMoNCeWuSqKClTS52e 8IDGvU/38K6YvLA4yRNHI0eHI7ro5avJICDhPkesbEC/xvqK7UNVTGqlI2NmzEW2 QVRZHG1x3VzbjP6bFmXbnRUUFK6q4ppFdp+gk6er2A== =BUid -----END PGP SIGNATURE-----
On 2013-09-05, at 2:00 PM, Elrippo <elrippo@elrippoisland.net> wrote:
Nice, thank you :) Let's see, how Tor reacts on this :D
Just a quick note on my exit node's stats: 17:46:33 [NOTICE] Circuit handshake stats since last time: 25849/25857 TAP, 117/117 NTor. 16:46:33 [NOTICE] Circuit handshake stats since last time: 7809/7810 TAP, 65/65 NTor. That's one heck of a climb on the TAP side. Machine's performance and resource usage are all within allowed norms (in fact running better than the 2.3.x release). Consistently running bandwidth in the 3-4 Mb/sec range both up and down. If anyone wants to externally monitor via whatever existing means; my node's ID is: OneTorST8 and fingerprint ID: EE9D7103D6013885BBF767D3B4F51CD0B9E59976 running version 2.4.17-rc-dev. -- Kevin C. Krinke <kevin@krinke.ca> 851662D2 - 5216953E0CBA1767D6064AB2DAC1902A http://kevin.c.krinke.ca/851662D2.asc
On Sep 5, 2013, at 20:13 , Kevin C. Krinke wrote:
Machine's performance and resource usage are all within allowed norms (in fact running better than the 2.3.x release).
I concur with Kevin that this built is running smoothly: Sep 05 21:24:37.000 [notice] Circuit handshake stats since last time: 2138926/4064871 TAP, 22/22 NTor. Sep 05 22:24:37.000 [notice] Circuit handshake stats since last time: 1688832/2282251 TAP, 605/605 NTor. Cpu 16%, load 1.77, using 565 MB RAM. Average 5-6 MiB/s. // Yoriz On Sep 5, 2013, at 20:13 , Kevin C. Krinke wrote:
Just a quick note on my exit node's stats:
17:46:33 [NOTICE] Circuit handshake stats since last time: 25849/25857 TAP, 117/117 NTor. 16:46:33 [NOTICE] Circuit handshake stats since last time: 7809/7810 TAP, 65/65 NTor.
That's one heck of a climb on the TAP side. Machine's performance and resource usage are all within allowed norms (in fact running better than the 2.3.x release).
Consistently running bandwidth in the 3-4 Mb/sec range both up and down.
If anyone wants to externally monitor via whatever existing means; my node's ID is: OneTorST8 and fingerprint ID: EE9D7103D6013885BBF767D3B4F51CD0B9E59976 running version 2.4.17-rc-dev.
-- Kevin C. Krinke <kevin@krinke.ca> 851662D2 - 5216953E0CBA1767D6064AB2DAC1902A http://kevin.c.krinke.ca/851662D2.asc
_______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
On Thu, Sep 05, 2013 at 06:54:57AM -0400, Roger Dingledine wrote:
So the more relays that upgrade to 0.2.4.17-rc, the more stable and fast Tor will be for 0.2.4 users, despite the huge circuit overload that the network is seeing.
Please consider upgrading. If you do, though, please also keep an eye on it -- it's possible we introduced some new bugs and the network will start dissolving once more relays move to the new version.
I've upgraded noisetor to 17-rc. We were seeing memory consumption exceeding 2GB/daemon (leading to swap storms on our 4-daemon 8GB box), I'll keep an eye on it to see if we do better with 0.2.4. After 20 minutes of uptime with 17-rc I'm not seeing the CPU pegged like it was within minutes of restart with 0.2.3.25, even though we are pushing 220 Mbps already. According to "perf top" we're still spending a lot of time in circuit creation/teardown though: cycle% image symbol ------ ----- ------ 19.37% tor circuit_unlink_all_from_channel 11.56% libcrypto.so.1.0.0 bn_sqr4x_mont 5.74% tor circuit_get_by_rend_token_and_purpose.constprop.11 4.95% libcrypto.so.1.0.0 sha1_block_data_order_ssse3 3.56% libcrypto.so.1.0.0 bn_mul4x_mont_gather5 3.20% libcrypto.so.1.0.0 _vpaes_encrypt_core 2.03% libcrypto.so.1.0.0 _bsaes_encrypt8_bitslice 1.32% libssl.so.1.0.0 ssl3_cbc_digest_record -andy
On Thu, Sep 05, 2013 at 12:08:05PM -0700, Andy Isaacson wrote:
After 20 minutes of uptime with 17-rc I'm not seeing the CPU pegged like it was within minutes of restart with 0.2.3.25, even though we are pushing 220 Mbps already.
Here's stats from the last hourly: ==> /var/log/tor/notices1.log <== Sep 05 17:42:42.000 [notice] Heartbeat: Tor's uptime is 6:00 hours, with 40064 circuits open. I've sent 131.09 GB and received 123.79 GB. Sep 05 17:42:42.000 [notice] Average packaged cell fullness: 98.154% Sep 05 17:42:42.000 [notice] TLS write overhead: 5% Sep 05 17:42:43.000 [notice] Circuit handshake stats since last time: 548880/568491 TAP, 3002/3004 NTor. ==> /var/log/tor/notices2.log <== Sep 05 17:42:43.000 [notice] Heartbeat: Tor's uptime is 6:00 hours, with 40662 circuits open. I've sent 141.44 GB and received 133.70 GB. Sep 05 17:42:43.000 [notice] Average packaged cell fullness: 98.221% Sep 05 17:42:43.000 [notice] TLS write overhead: 5% Sep 05 17:42:43.000 [notice] Circuit handshake stats since last time: 609229/802888 TAP, 3409/3409 NTor. ==> /var/log/tor/notices3.log <== Sep 05 17:42:42.000 [notice] Heartbeat: Tor's uptime is 6:00 hours, with 26160 circuits open. I've sent 128.60 GB and received 121.47 GB. Sep 05 17:42:42.000 [notice] Average packaged cell fullness: 98.151% Sep 05 17:42:42.000 [notice] TLS write overhead: 5% Sep 05 17:42:43.000 [notice] Circuit handshake stats since last time: 410112/512056 TAP, 2393/2393 NTor. ==> /var/log/tor/notices4.log <== Sep 05 17:42:42.000 [notice] Heartbeat: Tor's uptime is 6:00 hours, with 33382 circuits open. I've sent 128.65 GB and received 121.24 GB. Sep 05 17:42:42.000 [notice] Average packaged cell fullness: 98.236% Sep 05 17:42:42.000 [notice] TLS write overhead: 5% Sep 05 17:42:43.000 [notice] Circuit handshake stats since last time: 534947/649379 TAP, 2535/2536 NTor. Looks like our memory usage is on the same slope as the previous reboot with 0.2.3. -andy
Updated torland family. Hope that the new version helps. One of the last messages before update to 0.2.4.17-rc: Sep 05 21:06:29.000 [warn] Your computer is too slow to handle this many circuit creation requests! Please consider using the MaxAdvertisedBandwidth config option or choosing a more restricted exit policy. [434930 similar message(s) suppressed in last 60 seconds] Because of this the number of exit connections dropped significantly to 300-400. Before this DDOS the exit numbers were around 7000-10000. Regards, Torland On Thursday 05 September 2013 06:54:57 Roger Dingledine wrote:
Hi folks,
I just released 0.2.4.17-rc. Hopefully there will be debs of it soon.
It comes with a new feature: - Relays now process the new "NTor" circuit-level handshake requests with higher priority than the old "TAP" circuit-level handshake requests. We still process some TAP requests to not totally starve 0.2.3 clients when NTor becomes popular. A new consensus parameter "NumNTorsPerTAP" lets us tune the balance later if we need to. Implements ticket 9574.
So the more relays that upgrade to 0.2.4.17-rc, the more stable and fast Tor will be for 0.2.4 users, despite the huge circuit overload that the network is seeing.
Please consider upgrading. If you do, though, please also keep an eye on it -- it's possible we introduced some new bugs and the network will start dissolving once more relays move to the new version.
In my spare time I'm also working on a blog post to explain what's going on and what measures we're taking to keep things afloat.
Aren't distributed systems fun, --Roger
_______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
On Thursday 05 September 2013 22:27:53 tor-admin wrote:
Updated torland family. Hope that the new version helps. One of the last messages before update to 0.2.4.17-rc:
Sep 05 21:06:29.000 [warn] Your computer is too slow to handle this many circuit creation requests! Please consider using the MaxAdvertisedBandwidth config option or choosing a more restricted exit policy. [434930 similar message(s) suppressed in last 60 seconds]
Because of this the number of exit connections dropped significantly to 300-400. Before this DDOS the exit numbers were around 7000-10000.
Just noticed that during bootstrap there are new warnings I never noticed before. Is this a known issue or should I file a ticket? Sep 05 21:56:12.000 [notice] Tor 0.2.4.17-rc (git-36eb3e0da4c3a821) opening log file. Sep 05 21:56:12.000 [notice] Parsing GEOIP IPv4 file /usr/share/tor/geoip. Sep 05 21:56:12.000 [notice] Parsing GEOIP IPv6 file /usr/share/tor/geoip6. Sep 05 21:56:12.000 [notice] Configured to measure statistics. Look for the *- stats files that will first be written to the data directory in 24 hours from now. Sep 05 21:56:12.000 [notice] Your Tor server's identity key fingerprint is 'TorLand2 332895D092C2524A3CDE8F6E1498FFE665EBFC34' Sep 05 21:56:14.000 [notice] We now have enough directory information to build circuits. Sep 05 21:56:14.000 [notice] Bootstrapped 80%: Connecting to the Tor network. Sep 05 21:56:14.000 [notice] Self-testing indicates your ORPort is reachable from the outside. Excellent. Publishing server descriptor. Sep 05 21:56:14.000 [notice] Bootstrapped 85%: Finishing handshake with first hop. Sep 05 21:56:15.000 [notice] Circuit handshake stats since last time: 599/782 TAP, 3/3 NTor. Sep 05 21:56:15.000 [warn] Problem bootstrapping. Stuck at 85%: Finishing handshake with first hop. (Connection refused; CONNECTREFUSED; count 10; recommendation warn) Sep 05 21:56:15.000 [warn] 9 connections have failed: Sep 05 21:56:15.000 [warn] 9 connections died in state connect()ing with SSL state (No SSL object) Sep 05 21:56:16.000 [warn] Problem bootstrapping. Stuck at 85%: Finishing handshake with first hop. (Connection refused; CONNECTREFUSED; count 11; recommendation warn) Sep 05 21:56:16.000 [warn] 10 connections have failed: Sep 05 21:56:16.000 [warn] 10 connections died in state connect()ing with SSL state (No SSL object) Sep 05 21:56:16.000 [warn] Problem bootstrapping. Stuck at 85%: Finishing handshake with first hop. (Connection refused; CONNECTREFUSED; count 12; recommendation warn) Sep 05 21:56:16.000 [warn] 11 connections have failed: Sep 05 21:56:16.000 [warn] 11 connections died in state connect()ing with SSL state (No SSL object) Sep 05 21:56:16.000 [warn] Problem bootstrapping. Stuck at 85%: Finishing handshake with first hop. (No route to host; NOROUTE; count 13; recommendation warn) Sep 05 21:56:16.000 [warn] 12 connections have failed: Sep 05 21:56:16.000 [warn] 12 connections died in state connect()ing with SSL state (No SSL object) Sep 05 21:56:16.000 [warn] Problem bootstrapping. Stuck at 85%: Finishing handshake with first hop. (Connection refused; CONNECTREFUSED; count 14; recommendation warn) Sep 05 21:56:16.000 [warn] 13 connections have failed: [..] Sep 05 21:56:21.000 [warn] Problem bootstrapping. Stuck at 90%: Establishing a Tor circuit. (Connection timed out; TIMEOUT; count 54; recommendation warn) Sep 05 21:56:21.000 [warn] 52 connections have failed: Sep 05 21:56:21.000 [warn] 51 connections died in state connect()ing with SSL state (No SSL object) Sep 05 21:56:21.000 [warn] 1 connections died in state handshaking (Tor, v3 handshake) with SSL state SSL negotiation finished successfully in OPEN Sep 05 21:56:21.000 [warn] Problem bootstrapping. Stuck at 90%: Establishing a Tor circuit. (Connection timed out; TIMEOUT; count 55; recommendation warn) Sep 05 21:56:21.000 [warn] 53 connections have failed: Sep 05 21:56:21.000 [warn] 52 connections died in state connect()ing with SSL state (No SSL object) Sep 05 21:56:21.000 [warn] 1 connections died in state handshaking (Tor, v3 handshake) with SSL state SSL negotiation finished successfully in OPEN Sep 05 21:56:21.000 [warn] Problem bootstrapping. Stuck at 90%: Establishing a Tor circuit. (Connection timed out; TIMEOUT; count 56; recommendation warn) Sep 05 21:56:21.000 [warn] 54 connections have failed: Sep 05 21:56:21.000 [warn] 53 connections died in state connect()ing with SSL state (No SSL object) Sep 05 21:56:21.000 [warn] 1 connections died in state handshaking (Tor, v3 handshake) with SSL state SSL negotiation finished successfully in OPEN Sep 05 21:56:21.000 [warn] Problem bootstrapping. Stuck at 90%: Establishing a Tor circuit. (Connection timed out; TIMEOUT; count 57; recommendation warn) Sep 05 21:56:21.000 [warn] 55 connections have failed: Sep 05 21:56:21.000 [warn] 54 connections died in state connect()ing with SSL state (No SSL object) Sep 05 21:56:21.000 [warn] 1 connections died in state handshaking (Tor, v3 handshake) with SSL state SSL negotiation finished successfully in OPEN Sep 05 21:56:21.000 [warn] Problem bootstrapping. Stuck at 90%: Establishing a Tor circuit. (Connection timed out; TIMEOUT; count 58; recommendation warn) Sep 05 21:56:21.000 [warn] 56 connections have failed: Sep 05 21:56:21.000 [warn] 55 connections died in state connect()ing with SSL state (No SSL object) Sep 05 21:56:21.000 [warn] 1 connections died in state handshaking (Tor, v3 handshake) with SSL state SSL negotiation finished successfully in OPEN Sep 05 21:56:21.000 [warn] Problem bootstrapping. Stuck at 90%: Establishing a Tor circuit. (Connection timed out; TIMEOUT; count 59; recommendation warn) Sep 05 21:56:21.000 [warn] 57 connections have failed: Sep 05 21:56:21.000 [warn] 56 connections died in state connect()ing with SSL state (No SSL object) Sep 05 21:56:21.000 [warn] 1 connections died in state handshaking (Tor, v3 handshake) with SSL state SSL negotiation finished successfully in OPEN Sep 05 21:56:21.000 [warn] Problem bootstrapping. Stuck at 90%: Establishing a Tor circuit. (Connection timed out; TIMEOUT; count 60; recommendation warn) Sep 05 21:56:21.000 [warn] 58 connections have failed: Sep 05 21:56:21.000 [warn] 57 connections died in state connect()ing with SSL state (No SSL object) Sep 05 21:56:21.000 [warn] 1 connections died in state handshaking (Tor, v3 handshake) with SSL state SSL negotiation finished successfully in OPEN Sep 05 21:56:21.000 [notice] Tor has successfully opened a circuit. Looks like client functionality is working. Sep 05 21:56:21.000 [notice] Bootstrapped 100%: Done. Sep 05 21:57:17.000 [notice] Self-testing indicates your DirPort is reachable from the outside. Excellent. Sep 05 21:58:31.000 [notice] New control connection opened. Sep 05 22:02:22.000 [notice] Performing bandwidth self-test...done.
On Thu, Sep 05, 2013 at 10:54:58PM +0200, tor-admin wrote:
Just noticed that during bootstrap there are new warnings I never noticed before. Is this a known issue or should I file a ticket?
Sep 05 21:56:15.000 [warn] Problem bootstrapping. Stuck at 85%: Finishing handshake with first hop. (Connection refused; CONNECTREFUSED; count 10; recommendation warn)
It's a known issue, but nobody's exploring it. I assume it's because of the overload on relays, including directory authorities. Things seem to work, so I'm not too worried. --Roger
On Thu, 5 Sep 2013 06:54:57 -0400 Roger Dingledine <arma@mit.edu> wrote:
Hi folks,
I just released 0.2.4.17-rc. Hopefully there will be debs of it soon.
It comes with a new feature: - Relays now process the new "NTor" circuit-level handshake requests with higher priority than the old "TAP" circuit-level handshake requests. We still process some TAP requests to not totally starve 0.2.3 clients when NTor becomes popular. A new consensus parameter "NumNTorsPerTAP" lets us tune the balance later if we need to. Implements ticket 9574.
So the more relays that upgrade to 0.2.4.17-rc, the more stable and fast Tor will be for 0.2.4 users, despite the huge circuit overload that the network is seeing.
Can we have a torrc option to make a relay NTor-only? Could help on some CPU-limited relays like the Raspberry Pi or (in my case) Intel Atom. With some mechanism to ensure that TAP-only clients do not even see or try to use that relay (so they don't experience any broken connections). -- With respect, Roman
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Roman Mamedov:
Can we have a torrc option to make a relay NTor-only?
Hi Roman, I currently have my 0.2.4.17-rc installations set to this: UseNTorHandshake auto Although I can't be positive it was related, I first tried a setting of 1 on that, and had to eventually reload the relay's configs after changing this to 'auto' because it was stalling at starting up - seems a lot of the relays it 'knows' to talk to (or whatever is going on) still don't do NTor. As soon as I did so, it started right up like normal. So, we need 0.2.4.17-rc and higher relays out there in much greater numbers first, I think.
Could help on some CPU-limited relays like the Raspberry Pi or (in my case) Intel Atom.
I think so, once it's viable :) Best, - -Gordon M. -----BEGIN PGP SIGNATURE----- iQEcBAEBCgAGBQJSK2YEAAoJED/jpRoe7/ujxvgIAJLuM/Jns4ndKnLojxtYsDdE lS3PaBzybjkVIIhhwCkzFOti080JwaNa6gAKqHZd7duHyoH2aJHPhhBhEUh/9TXh tADj4R0FU7PdZVmKX62L+GLDvTWVKLcRl7w+PlSSE+qC1fK9yHfoSKSNJPP0JAXf i1go+jqxU9RUm4VYE464fU/XYa0TGDw53Vgbct3Xr3INE/hMxyox8XEfxdSlUgGh IZUNQqBYbISOpq1O51ERiFmHir2G5l4htKmsfXEhwkAndXatCeWr0tFQ8moHu/0Q 88MNtCPwRbU+ixPTROinmFpr9LVUq17p/of8Wtp8EtaiJkUerjzXKmRlygXI5Yc= =Qmko -----END PGP SIGNATURE-----
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 I just edited one of my nodes to use UseNTorHandshake 1 See how it goes *thepopcornarewaiting* Gordon Morehouse <gordon@morehouse.me> schrieb:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
Roman Mamedov:
Can we have a torrc option to make a relay NTor-only?
Hi Roman,
I currently have my 0.2.4.17-rc installations set to this:
UseNTorHandshake auto
Although I can't be positive it was related, I first tried a setting of 1 on that, and had to eventually reload the relay's configs after changing this to 'auto' because it was stalling at starting up - seems a lot of the relays it 'knows' to talk to (or whatever is going on) still don't do NTor. As soon as I did so, it started right up like normal.
So, we need 0.2.4.17-rc and higher relays out there in much greater numbers first, I think.
Could help on some CPU-limited relays like the Raspberry Pi or (in my case) Intel Atom.
I think so, once it's viable :)
Best, - -Gordon M.
-----BEGIN PGP SIGNATURE-----
iQEcBAEBCgAGBQJSK2YEAAoJED/jpRoe7/ujxvgIAJLuM/Jns4ndKnLojxtYsDdE lS3PaBzybjkVIIhhwCkzFOti080JwaNa6gAKqHZd7duHyoH2aJHPhhBhEUh/9TXh tADj4R0FU7PdZVmKX62L+GLDvTWVKLcRl7w+PlSSE+qC1fK9yHfoSKSNJPP0JAXf i1go+jqxU9RUm4VYE464fU/XYa0TGDw53Vgbct3Xr3INE/hMxyox8XEfxdSlUgGh IZUNQqBYbISOpq1O51ERiFmHir2G5l4htKmsfXEhwkAndXatCeWr0tFQ8moHu/0Q 88MNtCPwRbU+ixPTROinmFpr9LVUq17p/of8Wtp8EtaiJkUerjzXKmRlygXI5Yc= =Qmko -----END PGP SIGNATURE----- _______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
- -- We don't bubble you, we don't spoof you ;) Keep your data encrypted! Log you soon, your Admin elrippo@elrippoisland.net Encrypted messages are welcome. - -----BEGIN PGP PUBLIC KEY BLOCK----- Version: GnuPG v1.4.11 (GNU/Linux) mQINBFH797MBEAC0Y0NeI7lmDR9szTEcWuHuRe0r/WjSRC0Nr5nXsghuMcxpJ3Dd BOBimi4hdMMK4iqPVMwNw6GpKYR3A9LHHjbYRXHUKrJmB+BaJVyzJXN5H6XvxTTb UfX+DaXAGJW/G+3cBB3qm/QaU8QGkBKfXq0DLTaTGPkGKxEAldj/8onGZhawdJs+ B92JrW+S2HDh15pIuXzSqe7eCcIOdvvwfWe0fJi2AraA7LYGpxP6GcC/b9JJpbq5 Y6DfE2Aun9ZK3iHqURyrms0Whbv1CgmUahL2MVYCsTsXwe0GwlAxxKvjXAiXuo+R 9wO5wsXvVVSVNqsk9Yqi+wYzdPKndTU0GyxSApQHroF+cxaZ8Lk0xloj18+LdCSs e5IiTSXH0MMsDdWWdHlrgk+bgDG+0Gu3ne4vMwGdKO7AhYgQW/ueMy4RnkG/nsV9 jry5BO4gGAI1Ij8KvqUzEnvJFGE3ptJogU+zazWWDUWmL3ecKb3aDRlJFnZ3kJ5h q8GolZVjpk99V+4B5WVRPXdej/p5J19tXycK/jdNmr4oC8NyUhIpe8xHELnfoB4z +rxiTx+KMnW0rY8EQg8O2ixEYt5my90IwQkxcxIxextVrqjJjYn8extc2/v8yGzI KmTEJxdADB5v/Jx4HiLHNDSfBUb8gfONCkNSTYvTcSwTjWzHOkXeE/9ZbQARAQAB tD5lbHJpcHBvIChrZWVwIHlvdXIgZGF0YSBlbmNyeXB0ZWQpIDxlbHJpcHBvQGVs cmlwcG9pc2xhbmQubmV0PokCOAQTAQIAIgUCUfv3swIbLwYLCQgHAwIGFQgCCQoL BBYCAwECHgECF4AACgkQhN8ffmrgNkT8+BAAoAXBqu4/O2Cs5FSWWZpzgScNEgq7 uHhOKeYmRfgKlOUPoYlPB1DBqdOAXSKb9OvsmyOvpoGnqijB7aAJBoyQYW/OCQgd U8L4eTCf4yRZnfFLdgskcPfN1p0Rs/yinGEooBJFtYa7mT6J0UTW2JjCLZK2AFCW oF+KBu5JICXGBXigb2ZbX1jWjxP5H1RidQw6HF5z4z34SjLWAOOeZ8B/Xfz6Fs0s IAuLu2O4HE4DI8Qu196LhSVHHgr3uMTkvN1t5nKwyjrRQztwXXk9qIomII3ydNYb BYAGdWNNMfLb1kmDwC5wQHAFvSP1aiMF3aKAY+gl2wXSGO6JqM0SteJS3dytIljI kzu0atc9HuGs/HDQgdmpAS4WU2YefEr/WieltSiAKlwuC+3wg+CONJ6TE1vgNDU/ axerttb0jq7UQb/nAp05bsrB7XH1Vs+1ON9lUPEfWRmwQcrVK5JUrUWa/4tA/UeM XvFcPFtFluGTlLewgJIqcvjPXFwpbDZprXJsMkwew/A6B6n3+0sbgf7p3QSGkVbi dwQAymTbHdYqLnbcnKZhjto3Wjw1J5QB2wuiRYlpjV3i7AWTGlqoSTOWCCV+HamQ qeFYNYAWNFx3+J/oi7xDi8t9bHVNA205equ+y2sj3G5uGJ6LSHQ8AXp9uOipUUvU 1MJN0yLXr9PIwvi5Ag0EUfv3swEQAL0+MnxHGrTjSYdfdua4SBpmytDONM1EngeY s+WyaC/760MughKbaysI/nK2LB1vnwEY7f3NM4fxBx8u2T7VBm6Ez6Fs23Bb8Rkz f97bPSdxCmg64GPHfLA9uwTIXcYS+MpI86WOf6eWY0rRpf7Y9Nl7YoUNvzOyUPqc ggdcnHce8zYv7A/WS8flZDm8tVFPsHrQDEwNMws7ZhiNnHkeZeRJrvCuB7oEVich O/ROYoA5o6NozWYQbjxe1f6Yur4Q10qgVcxVnyLFJSbg6vZSzL7KYh3Z5iBOzPHt 7cwEDrW8W4Kl2Qj8rhJ4Wxs94CAtua7IXK44sVZWQbyHcOXRikgGMZKkEZzVCQa5 KD1u1ZrcBCyuMAir0hsmS3jhCUwpiE2c3SRk8O8CgixhTcBk0X/k9ZFu3Hbi1JMB FLzs/Nq3tYAYvVivhPloSxmYBPsafYHCZM83yBNNsralXh5zjB+di90G+AMXt2PN LTcdovZuWtC0s8/jrx+zv/AA4FAGYU9OVl+YL9ybFX8gSdMEcixyzQcKfiFBjpWv 5iFrwIuDlaXMcheyrhc9aGOxfx44OXc505+VjO/1Q/8EOWlJ6UwOi6GMkj5T+RFJ MDyP0UixS7dt6wTuD5t6PRuyWWxZswgrbL9hjwGFr154Z19TWeNWc23pWtUvQJos UCxl2nFHABEBAAGJBD4EGAECAAkFAlH797MCGy4CKQkQhN8ffmrgNkTBXSAEGQEC AAYFAlH797MACgkQJEPd69lQ0evA+Q/+M7lSFlrQWiRsFqDjh+kTJc+0OEBCvnfo N2KPyXXbfc//qup55PfEygE6C60zvrlv3WE33GZ5GS5MLuDMP82b+a5Yt16NQU7L WtAg1g0S0BvazW+28TgnfO8bhbGaFeE9ccw3xLmlbwZQ3f3LtMKdwFIROiG6hvAs 9U54QYti3tv9DowRYYWpdr0Ga8RqeGNtCKc0v2opy51MpzKWjwUW0i3XlSlyY8Lj 1KT8PyznNPw32nYpmDizz+0OUJNnn/kT+GnFoR3DJnFosTOrnxFJp+N+nejMp/gW r9NM0/E7H+P53IiytBOt5/0vsOaCFGdYGhKEjmJi3dHS4Xk1ObD1mjdD1YDOlWWU 3Md6BDHd4W7Q8gT7oQfTIMLd3HzV+WNPIdocPLBaeA/tRD8Pg5CCmncAmSub4F5T An7FlnACtSOv3cIWQ0TymS42DihDaJ5d1RvNzKw+zHYdPvf471JFZR3TDhkPbLIr 9czR7kbpnXRwchgwXQn306NVWf37TgA8wpbnFTazZ38iOeqcb9oKprqnbgEdr3PN OhKSlMTkzAqf3MEi2Fyua4BADMhS3oBwCRgDTlt6wquEytpNSlZaHnyiyIgOpekF Uy5K3w8NhHqeifRPrNb/UcCbXtXz+puqIEZHMenpv6FRlTTKpdoHoVXSkp1TPMGN /VaCiLbP4Z3xEw/9EbAJJkhmmx1Qw3ueoqc4h1MmhUtIdxSZ/oA9SjwlnY++zvaZ 6w1wTS4P+OUkETNDtItdpxXMJ9qfSy9voAQc2K43WMZCCmpPJYSdqaZZNPFj+Ne8 6FNtNKuUkXREybpHwlVAXnHzInmFOOM9RAmF70r3zEmKt77W1ztBLo2o9X79gPgL u9ThgrH6Oc2k46n+9nc3joccr7miiX/bp976DNWcWdOYThiSSOCb8Zw9/Zs935i1 wUVkYTj24tmBH4H5ov9ib7RPmU21ru458RbUKG0ONAqBtAHNyXHzUnXsrke+D4VW MI06YcXSk8YeYgQ8GxgHQc+W2bb8LIbKN1hEYJ0wzM62vKR2/Oiwuf8lXutIKTuz +v7Vj1PQd66DGHsxtWRaWnr1c54JTL2wICHJYKFH4grp7864+GL/uQ1O/Z/XxVku E1JQ/AnwBGU1M1S6otwWGWVRjzEzQtxsfcCEPvV/9td3FIFQAbGTPb+48XFU+TY9 8AlcXBlDzXq7c5f8Evn/oSIsZDt63K4HNTmMGqOTl/p1aA0e4eyX76LczY06rDP5 GMSNs+AHmYgZiS4RYhRUIvS9uLXMnnDAMYst0SDl2orDUUeHBTzu0rchyknBZMGP p5wQuWQ9CFlV+dj3UYbrBwC1lTkAMXRG2vlhA0V0TZqos7A5D4VHgSUQQjE= =otlL - -----END PGP PUBLIC KEY BLOCK----- -----BEGIN PGP SIGNATURE----- Version: APG v1.0.8 iQJcBAEBCABGBQJSK3FJPxxlbHJpcHBvIChrZWVwIHlvdXIgZGF0YSBlbmNyeXB0 ZWQpIDxlbHJpcHBvQGVscmlwcG9pc2xhbmQubmV0PgAKCRAkQ93r2VDR6/gmD/99 KMFWjdDiUCOf0SM7zdAJB6GtMCPm+cxg6kRWUOBIHGp11/a538N0RIQY3S04iZzY 9qLH5PR7BrgQuaN9+QiDUVjLHxCnIlzgF6tMylSEkseiQBqPvKa63TGZmeqtSp+W vy5F9zvCr1CVXdabqK7jZInJDg4f5/5gwEyPGzN5cpZPbxiEb1ZStcbbd7wUdSlq 2HkFP8+nh14l9kQ0lBDXg1+1X6g8BhcudtI7Vobawfhx4MmoPjuvm1sRrODVZufX uI/VqXMFwnVy+7cgUoYDO8xWw8WIargiTc4S9qDif5fUXxvSsqBugqqujdhJno3L 4/un+PxJenId8kc0i/zFGDoq0qT2K5UrynZ/rzFaxCAu7o0TniGHSdYlU8nq/wu/ ciKe7iMkwZn9QWtgwXxpKCC5Yk5ZMN56YfJy876nMdviPXoa5s2P8qMlB4YiFYHG Rroi2oa7Q1wZcRyVBqgV19OamrEaUkrkr67ZXB+Odyi3lLc2yDNAyzvp6jblyAXq TWSgWdew5kfPgch24tVWrieOV0J9Qv6Qh2s36P3qWYSjTc1m2+KBaO/pCsjRG7Is oFq0CNJv/I+k2mLLlLk7jHcGVg9uojLXUH3IWHQZ68hXkNeabSq+6QvjlEJfdcCD TLeL/BNA9mKIhrLbZ5Od7ZHmFz2aSSl5LR/q05G1IA== =iSgf -----END PGP SIGNATURE-----
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Sat, 07 Sep 2013 10:44:38 -0700 Gordon Morehouse <gordon@morehouse.me> wrote:
I currently have my 0.2.4.17-rc installations set to this:
UseNTorHandshake auto
Although I can't be positive it was related, I first tried a setting of 1 on that, and had to eventually reload the relay's configs after changing this to 'auto' because it was stalling at starting up - seems a lot of the relays it 'knows' to talk to (or whatever is going on) still don't do NTor. As soon as I did so, it started right up like normal.
Hello, I do not think setting this to 1 changes anything at the moment. According to man page this is used to override the directory authorities' "suggestion" on whether or not to use NTor. In the current situation when they already say "yes please do", setting 1 does not change anything, NTor would have been enabled anyway, no matter if it's "1" or "auto". In either case, this does not disable handling of TAP, nor make the router invisible in the node list for older clients. - -- With respect, Roman -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iEYEARECAAYFAlIsPfsACgkQTLKSvz+PZwiDdQCcDqO+axOhQi5SYrQO2EyvoBbJ RmEAnip5/Ptydjy5FXnLxNUNQTt2ySqN =g127 -----END PGP SIGNATURE-----
Don't know if it's of interest but here's my log for the first 24 hours with 0.2.4.17-rc: Sep 05 17:23:59.000 [notice] Circuit handshake stats since last time: 435758/1722581 TAP, 1503/1503 NTor. Sep 05 18:23:59.000 [notice] Circuit handshake stats since last time: 167983/1616396 TAP, 1427/1427 NTor. Sep 05 19:23:59.000 [notice] Circuit handshake stats since last time: 155229/1908153 TAP, 1460/1460 NTor. Sep 05 20:23:59.000 [notice] Circuit handshake stats since last time: 149878/1098074 TAP, 892/893 NTor. Sep 05 21:23:59.000 [notice] Circuit handshake stats since last time: 52844/53765 TAP, 163/163 NTor. Sep 05 22:23:58.000 [notice] Heartbeat: Tor's uptime is 6:00 hours, with 41076 circuits open. I've sent 174.17 GB and received 173.63 GB. Sep 05 22:23:58.000 [notice] Average packaged cell fullness: 99.124% Sep 05 22:23:58.000 [notice] TLS write overhead: 8% Sep 05 22:23:59.000 [notice] Circuit handshake stats since last time: 160430/610010 TAP, 636/636 NTor. Sep 05 23:23:59.000 [notice] Circuit handshake stats since last time: 176536/1080440 TAP, 893/893 NTor. Sep 06 00:23:59.000 [notice] Circuit handshake stats since last time: 227181/471650 TAP, 497/497 NTor. Sep 06 01:23:59.000 [notice] Circuit handshake stats since last time: 13170/13170 TAP, 96/96 NTor. Sep 06 02:23:59.000 [notice] Circuit handshake stats since last time: 8569/8569 TAP, 54/54 NTor. Sep 06 03:23:59.000 [notice] Circuit handshake stats since last time: 9512/9512 TAP, 28/28 NTor. Sep 06 04:23:58.000 [notice] Heartbeat: Tor's uptime is 12:00 hours, with 29242 circuits open. I've sent 366.41 GB and received 367.47 GB. Sep 06 04:23:58.000 [notice] Average packaged cell fullness: 99.172% Sep 06 04:23:58.000 [notice] TLS write overhead: 7% Sep 06 04:23:59.000 [notice] Circuit handshake stats since last time: 18198/18198 TAP, 36/36 NTor. Sep 06 05:23:59.000 [notice] Circuit handshake stats since last time: 242477/242488 TAP, 211/211 NTor. Sep 06 06:23:59.000 [notice] Circuit handshake stats since last time: 500718/515154 TAP, 414/414 NTor. Sep 06 07:23:59.000 [notice] Circuit handshake stats since last time: 531879/710244 TAP, 493/493 NTor. Sep 06 08:23:59.000 [notice] Circuit handshake stats since last time: 383965/671463 TAP, 493/493 NTor. Sep 06 08:40:51.000 [notice] We stalled too much while trying to write 26 bytes to address [scrubbed]. If this happens a lot, either something is wrong with your network connection, or something is wrong with theirs. (fd 4456, type Control, state 1, marked at ../src/or/control.c:3199). Sep 06 09:23:59.000 [notice] Circuit handshake stats since last time: 265395/1064314 TAP, 795/795 NTor. Sep 06 10:23:58.000 [notice] Heartbeat: Tor's uptime is 18:00 hours, with 36700 circuits open. I've sent 583.44 GB and received 581.96 GB. Sep 06 10:23:58.000 [notice] Average packaged cell fullness: 99.056% Sep 06 10:23:58.000 [notice] TLS write overhead: 7% Sep 06 10:23:59.000 [notice] Circuit handshake stats since last time: 168102/1572079 TAP, 1122/1122 NTor. Sep 06 11:23:59.000 [notice] Circuit handshake stats since last time: 178546/1670183 TAP, 1164/1164 NTor. Sep 06 12:23:59.000 [notice] Circuit handshake stats since last time: 196819/1920708 TAP, 1075/1075 NTor. Sep 06 13:23:59.000 [notice] Circuit handshake stats since last time: 167932/2339171 TAP, 1231/1232 NTor. Sep 06 14:23:59.000 [notice] Circuit handshake stats since last time: 163987/2175009 TAP, 1317/1317 NTor. Sep 06 15:23:59.000 [notice] Circuit handshake stats since last time: 150523/2308715 TAP, 1378/1378 NTor. Sep 06 16:23:54.000 [notice] Circuit handshake stats since last time: 154256/2283175 TAP, 1316/1316 NTor. Sep 06 16:23:58.000 [notice] Heartbeat: Tor's uptime is 1 day 0:00 hours, with 39815 circuits open. I've sent 795.24 GB and received 787.22 GB. Sep 06 16:23:58.000 [notice] Average packaged cell fullness: 99.051% Sep 06 16:23:58.000 [notice] TLS write overhead: 7%
Hi. On Thu, Sep 05, 2013 at 06:54:57AM -0400, Roger Dingledine wrote:
Please consider upgrading. If you do, though, please also keep an eye on it -- it's possible we introduced some new bugs and the network will start dissolving once more relays move to the new version.
I upgraded and started experiencing segfaults: https://trac.torproject.org/projects/tor/ticket/9602 -- pyllyukko email: <pyllyukko@maimed.org> pgp: 0xA1F32EAA www: http://maimed.org/~pyllyukko/ twitter: https://twitter.com/pyllyukko
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Roger Dingledine:
Hi folks,
I just released 0.2.4.17-rc. Hopefully there will be debs of it soon. [snip] Please consider upgrading. If you do, though, please also keep an eye on it -- it's possible we introduced some new bugs and the network will start dissolving once more relays move to the new version.
Couple days now - Raspberry Pi (armhf/ARMv6) version showing minimal to no signs of strain, botnet or no. Also, number of NTor handshakes often in single digits, TAP handshakes in the mid four figures. Best, - -Gordon M. -----BEGIN PGP SIGNATURE----- iQEcBAEBCgAGBQJSMU3mAAoJED/jpRoe7/uj5SsH/2KjW1WeXHeVB0EAdEIXTx0K 3ACat1RCRocmjtSTuv1O/u2hZZiu9RP3LaePmXwc9DSURJ2dVesdRigzk+GOG4bI h0wEjKKWWsUsr+AAeYu3GEbdVB4F9StotOqLipGzGw5yywNvHeKzT3ZDyYJg1ex8 tq+h9I8COd+Y8cZFbBloyU2lXCHKcAsfL4BNWUWASB1yj/tvZDiWZUuZjHB5S+yk MO6TX211a+yNcNTQOct2acBqofF7NCUu66r/XZ5fYatMt5ofZvEQJHNEjE6vklxe phZXuYnur7OfFxB7MLFCV5Zpujhv2LPi7fTu7HTO3NuHNzHx8A1YUcVbvX1C0Y4= =kiOr -----END PGP SIGNATURE-----
participants (13)
-
Andy Isaacson -
Elrippo -
Gordon Morehouse -
Kevin C. Krinke -
Logforme -
Lunar -
pyllyukko -
Roger Dingledine -
Roman Mamedov -
Sanjeev Gupta -
tor-admin -
virii -
Yoriz