[tor-bugs] #18580 [Tor]: exit relay fails with 'unbound' DNS resolver when lots of requests time-out

Wed Apr 13 09:26:25 UTC 2016

#18580: exit relay fails with 'unbound' DNS resolver when lots of requests time-out
----------------------+------------------------------
 Reporter:  Dhalgren  |          Owner:
     Type:  defect    |         Status:  new
 Priority:  Medium    |      Milestone:
Component:  Tor       |        Version:  Tor: 0.2.7.6
 Severity:  Major     |     Resolution:
 Keywords:            |  Actual Points:
Parent ID:            |         Points:
 Reviewer:            |        Sponsor:  None
----------------------+------------------------------

Comment (by Dhalgren):

 A downside to max-inflight:16384 is potential performance degradation of
 the primary Tor-process event loop due to linear queue searches for
 completed requests.  The
 [https://github.com/libevent/libevent/blob/ea52d9fd8d12126643f21007f279ef2e03dfca1e/evdns.3
 man(3)] page for `evdns` states

 ''Several algorithms require a full walk of the inflight queue and so
 bounding its size keeps thing going nicely under huge (many thousands of
 requests) loads.''

 My perspective is that the in-flight queue would only grow large under
 potential DOS scenarios such as the one described in this ticket and
 paying the performance cost of linear list searches is acceptable (on
 modern hardware) if it prevents exit relays from becoming unusable.  An
 unlimited size Red-Black indexed work queue would be ideal, but would
 necessitate significant development effort to implement.

 A mitigating factor is that when the in-flight queue grows large it will
 predominantly consist of entries that will never receive a response and
 will time-out in the order they appear on the queue.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/18580#comment:17>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online