[tor-bugs] #296 [Tor Client]: clients potentially overwhelm circuits with new streams

Tor Bug Tracker & Wiki torproject-admin at torproject.org
Thu Nov 11 16:17:48 UTC 2010 

#296: clients potentially overwhelm circuits with new streams
--------------------------+-------------------------------------------------
  Reporter:  goodell      |       Owner:  arma        
      Type:  enhancement  |      Status:  closed      
  Priority:  trivial      |   Milestone:  post 0.2.1.x
 Component:  Tor Client   |     Version:              
Resolution:  not a bug    |    Keywords:              
    Parent:               |  
--------------------------+-------------------------------------------------
Changes (by nickm):

  * status:  assigned => closed
  * resolution:  None => not a bug


Old description:

> Well-behaved Tor clients SHOULD not attach a stream to a circuit
> if the circuit has more than N not-yet-connected streams on it.
> In particular, some exit nodes cannot handle so many new TCP
> connections to open, even if middleman nodes just see all of the
> traffic as cells to pass along.
>

> [Automatically added by flyspray2trac: Operating System: All]

New description:

 Well-behaved Tor clients SHOULD not attach a stream to a circuit
 if the circuit has more than N not-yet-connected streams on it.
 In particular, some exit nodes cannot handle so many new TCP
 connections to open, even if middleman nodes just see all of the
 traffic as cells to pass along.


 [Automatically added by flyspray2trac: Operating System: All]

--

Comment:

 I'm going to close this.  Any solution here needs to be at the exit-node
 level, since 1) relying on clients to be well-behaved is a DoS
 opportunity, and 2) even if clients are all very nice, the exit node will
 still run into any limits it has.

 That's the solution.  Is there a problem?   We've had 4 years to find out,
 and there doesn't seem to be a problem except with versions of windows
 that have an idiotic limit on the number of half-open connections.  (I'm
 sure that this really is an antivirus feature like they claim, and that
 nothing was further from their minds than forcing people to upgrade to
 Server.)  The limits are generally so low that trying to work within them
 is fairly pointless, and a much better answer is to use one of various
 tools to hack your windows libraries and remove the limit.

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/296#comment:3>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list