[tor-bugs] #15516 [Tor]: Consider dropping INTRODUCE2 cells when under load
Tor Bug Tracker & Wiki
blackhole at torproject.org
Mon Mar 30 20:39:49 UTC 2015
#15516: Consider dropping INTRODUCE2 cells when under load
-------------------------+---------------------
Reporter: special | Owner:
Type: enhancement | Status: new
Priority: normal | Milestone:
Component: Tor | Version:
Keywords: | Actual Points:
Parent ID: #15463 | Points:
-------------------------+---------------------
In #15463, we're seeing an effective denial of service against a HS with a
flood of introductions. The service falls apart trying to build rendezvous
circuits, resulting in 100% CPU usage, many failed circuits, and impact on
the guard.
We should consider dropping INTRODUCE2 cells when the HS is under too much
load to build rendezvous circuits successfully. It's much better if the HS
response in this situation is predictable, instead of hammering at the
guard until something falls down.
One option is to add a HSMaxConnectionRate(?) option defining the number
of INTRODUCE2 we would accept per 10(?) minutes, maybe with some bursting
behavior. It's unclear what a useful default value would be.
We could try to use a heuristic based on when rend circuits start failing,
but it's not obvious to me how that would work.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/15516>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list