[tor-bugs] #15463 [Tor]: Tor deals poorly with a very large number of incoming connection requests.
Tor Bug Tracker & Wiki
blackhole at torproject.org
Tue Mar 31 14:46:08 UTC 2015
#15463: Tor deals poorly with a very large number of incoming connection requests.
--------------------------+--------------------------------------
Reporter: alberto | Owner:
Type: defect | Status: new
Priority: critical | Milestone: Tor: 0.2.7.x-final
Component: Tor | Version: Tor: 0.2.5.11
Resolution: | Keywords: tor-hs SponsorR SponsorZ
Actual Points: | Parent ID:
Points: |
--------------------------+--------------------------------------
Comment (by yawning):
So we got profiler output and more logs and other things, and found out a
bunch of stuff:
* Reducing `MAX_REND_FAILURES` to `1` doesn't appear to help much if at
all.
* The profiler results matches dgoulet's #13739 results fairly closely,
with `smartlist_remove` consuming more cpu, due to extra calls due to more
`rend_service_relaunch_rendezvous`. The largest consumer of CPU is
Curve25519, so things like #13738 will help along with the precomputed key
generation trickery.
We still need mitigation (probably in the form of dropping INTRODUCE2
cells at the HS, INTRODUCE1 cells at the IP, or both), since no matter how
much faster we can make tor, it's easier for the adversary to increase
malicious traffic.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/15463#comment:13>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list