[tor-bugs] #6799 [Tor Relay]: Don't expire unused relay-to-relay TLS conns so quickly
Tor Bug Tracker & Wiki
torproject-admin at torproject.org
Mon Sep 10 01:55:08 UTC 2012
#6799: Don't expire unused relay-to-relay TLS conns so quickly
-----------------------+----------------------------------------------------
Reporter: arma | Owner:
Type: defect | Status: new
Priority: normal | Milestone:
Component: Tor Relay | Version:
Keywords: | Parent:
Points: | Actualpoints:
-----------------------+----------------------------------------------------
In git commit 67b38d506 we changed conn timeouts so relays would close
idle conns (that is, conns without any circs on them) after 3 minutes
rather than 15 minutes.
We made the change because of the "clients holding their dir-fetching
conns open for a long time, filling up descriptor lists and memory and
knocking over relays" fun:
http://archives.seul.org/tor/relays/Apr-2010/msg00073.html
But it would appear that we made worse the problem that Torscan exploits.
We don't need to be so aggressive about closing connections to/from other
relays (besides, they weren't the problem before).
There's a downside here, which is that we end up using more file
descriptors on relays. But if most links are used already, we don't use
many more. And if most links aren't used already, the Torscan problems are
worse.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/6799>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list