[tor-bugs] #17625 [Tor]: Reduce initial and ongoing RendPostPeriod for RSOS
Tor Bug Tracker & Wiki
blackhole at torproject.org
Tue Nov 17 14:02:33 UTC 2015
#17625: Reduce initial and ongoing RendPostPeriod for RSOS
-----------------------------+--------------------------------
Reporter: teor | Owner:
Type: enhancement | Status: new
Priority: Medium | Milestone: Tor: 0.2.8.x-final
Component: Tor | Version:
Severity: Normal | Keywords:
Actual Points: | Parent ID: #17178
Points: | Sponsor:
-----------------------------+--------------------------------
Initial descriptor uploads
Hidden services hide their start times by uploading their first descriptor
after:
`now + rendinitialpostdelay + crypto_rand_int(2*rendpostperiod);`
which is currently 30 + rand(2*600) seconds minimum.
A RSOS doesn't need to hide its startup time, but should avoid a
thundering herd. So we could change it to:
`now + rendinitialpostdelay + crypto_rand_int(1*rendpostperiod);`
(Or perhaps some fraction of RendPostPeriod, or perhaps a constant like 60
seconds.)
Ongoing descriptor uploads
If a RSOS site implements failover or high availability, it may need to
post descriptors more often than the current minimum RendPostPeriod of 10
minutes.
For example, if a RSOS goes down, and another instance should replace it
within 30 seconds, it would need:
600/30 = 20 redundant instances
Instead, if we want a small number of instances, say 4:
30 * 4 = 120 second RendPostPeriod.
(This also helps with the initial post period above.)
This is perhaps mitigated by multiple HSDirs, with some having descriptors
from one replica, and some from the other. (But this is not guaranteed -
one replica could have just uploaded all the HSDirs, then gone down.)
This also needs a proposal update.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/17625>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list