[tor-bugs] #18580 [Tor]: exit relay fails with 'unbound' DNS resolver when lots of requests time-out
Tor Bug Tracker & Wiki
blackhole at torproject.org
Wed Apr 13 09:26:25 UTC 2016
#18580: exit relay fails with 'unbound' DNS resolver when lots of requests time-out
----------------------+------------------------------
Reporter: Dhalgren | Owner:
Type: defect | Status: new
Priority: Medium | Milestone:
Component: Tor | Version: Tor: 0.2.7.6
Severity: Major | Resolution:
Keywords: | Actual Points:
Parent ID: | Points:
Reviewer: | Sponsor: None
----------------------+------------------------------
Comment (by Dhalgren):
A downside to max-inflight:16384 is potential performance degradation of
the primary Tor-process event loop due to linear queue searches for
completed requests. The
[https://github.com/libevent/libevent/blob/ea52d9fd8d12126643f21007f279ef2e03dfca1e/evdns.3
man(3)] page for `evdns` states
''Several algorithms require a full walk of the inflight queue and so
bounding its size keeps thing going nicely under huge (many thousands of
requests) loads.''
My perspective is that the in-flight queue would only grow large under
potential DOS scenarios such as the one described in this ticket and
paying the performance cost of linear list searches is acceptable (on
modern hardware) if it prevents exit relays from becoming unusable. An
unlimited size Red-Black indexed work queue would be ideal, but would
necessitate significant development effort to implement.
A mitigating factor is that when the in-flight queue grows large it will
predominantly consist of entries that will never receive a response and
will time-out in the order they appear on the queue.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/18580#comment:17>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list