[tor-bugs] #4862 [Tor]: Consider disabling dynamic intro point formula (numerology)

Tor Bug Tracker & Wiki blackhole at torproject.org
Wed Apr 29 19:46:35 UTC 2015


#4862: Consider disabling dynamic intro point formula (numerology)
-------------------------+-------------------------------------------------
     Reporter:  hellais  |      Owner:
         Type:           |     Status:  assigned
  enhancement            |  Milestone:  Tor: 0.2.7.x-final
     Priority:  major    |    Version:  Tor: 0.2.7
    Component:  Tor      |   Keywords:  needs-proposal, tor-hs,
   Resolution:           |  027-triaged-1-in, SponsorR
Actual Points:           |  Parent ID:
       Points:           |
  medium/large           |
-------------------------+-------------------------------------------------

Comment (by dgoulet):

 Replying to [comment:22 arma]:
 >
 > I guess that question leads to a deeper question: is ten actually more
 scalable in any meaningful way than three?

 The assumption here would be yes. Lots of traffic on 3 IPs, changing to 6
 IPs means traffic is divided by two on those original 3. It also spread
 the load over the network instead of chocking it on 3 specific places.
 However, more IPs means more pipes to load the HS. If an IP chockes from a
 flood of requests, chances are that the HS will also chocke thus the IP is
 "kind" of a first line of defense. But if an extra IP is added which then
 offloads the others and make them work again, well the HS at that point
 could get chocked.

 HS scalability is an other question here but let's keep in mind that in
 the present situation (until we have crazy performance improvement or HS
 load balancing), adding IPs could mean "easier" DDoS.

 So I would go with *b* here.
 * Kill with fire the algorithm, in it's form right now it:
  * Leak popularity badly
  * Automatically increase your pipe to DDoS an HS.
 * Add a torrc option that enables an operator to specify a fix amount of
 IPs (#15746)
  * That could be quite useful for let say Facebook that have its HS on a
 *HUGE* machine/network and wants to maximize reachability.
 * 3 IPs by default period.

 I'm ready to work on the patch asap once we come up with a consensus.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/4862#comment:23>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tor-bugs mailing list