[tor-bugs] #18859 [Core Tor]: A new SOCKS connection should use a pre-built circuit for its first stream

Tor Bug Tracker & Wiki blackhole at torproject.org
Thu Apr 21 17:59:09 UTC 2016 

#18859: A new SOCKS connection should use a pre-built circuit for its first stream
-----------------------------+---------------------
 Reporter:  arthuredelstein  |          Owner:
     Type:  defect           |         Status:  new
 Priority:  Medium           |      Milestone:
Component:  Core Tor         |        Version:
 Severity:  Normal           |     Resolution:
 Keywords:                   |  Actual Points:
Parent ID:                   |         Points:
 Reviewer:                   |        Sponsor:
-----------------------------+---------------------

Comment (by arthuredelstein):

 Replying to [comment:3 arma]:
 > Arthur: can you attach an event log (setevents circ stream) here to show
 the problem?

 Here's an example session:

 {{{
 setevents circ stream
 250 OK
 getinfo circuit-status
 250+circuit-status=
 1 BUILT $F1A7CE1B1D558DC24E39B6B30FF217ECCEECF141~Kings
 BUILD_FLAGS=ONEHOP_TUNNEL,IS_INTERNAL,NEED_CAPACITY PURPOSE=GENERAL
 TIME_CREATED=2016-04-21T17:43:03.769809
 2 BUILT
 $F1A7CE1B1D558DC24E39B6B30FF217ECCEECF141~Kings,$A47CF4F0B9AFD005C0A5B67A503158923202BE90~dragon1993,$EC116BCB80565A408CE67F8EC3FE3B0B02C3A065~orion
 BUILD_FLAGS=NEED_CAPACITY PURPOSE=GENERAL
 TIME_CREATED=2016-04-21T17:43:04.809515 SOCKS_USERNAME="--unknown--"
 SOCKS_PASSWORD="0"
 3 BUILT
 $F1A7CE1B1D558DC24E39B6B30FF217ECCEECF141~Kings,$EF29F69F49FF1C17CBDCFF8E11E10CD9F6B9DF95~raincat,$6207FC9DDE4EC78F45BB24C53C2EEE63DCC2E2B6~PrivacyRepublic
 BUILD_FLAGS=NEED_CAPACITY PURPOSE=GENERAL
 TIME_CREATED=2016-04-21T17:43:05.790793
 4 BUILT
 $F1A7CE1B1D558DC24E39B6B30FF217ECCEECF141~Kings,$385FE4D32D51C03766F3FBD24B108D6FB82C9E36~CDR,$2CF5110C8F31F45737F807F080ABA90A7AE50781~dragon1993
 BUILD_FLAGS=IS_INTERNAL,NEED_CAPACITY,NEED_UPTIME PURPOSE=GENERAL
 TIME_CREATED=2016-04-21T17:43:06.789676
 5 BUILT
 $F1A7CE1B1D558DC24E39B6B30FF217ECCEECF141~Kings,$F60E3B747FE017346005243058FFFE72AA7D59A2~torpoc666,$5937800DEB5B3FDF68BD3392F2AE3A084254FE5F~tor6kryptonit
 BUILD_FLAGS=IS_INTERNAL,NEED_CAPACITY,NEED_UPTIME PURPOSE=GENERAL
 TIME_CREATED=2016-04-21T17:43:07.790465
 .
 250 OK
 }}}
 Now I opened a new tab and entered "https://arthuredelstein.github.io" in
 the URL bar domain:
 {{{
 650 STREAM 14 NEW 0 arthuredelstein.github.io:443
 SOURCE_ADDR=127.0.0.1:52129 PURPOSE=USER
 650 STREAM 14 SENTCONNECT 3 arthuredelstein.github.io:443
 650 STREAM 14 REMAP 3 23.235.43.133:443 SOURCE=EXIT
 650 STREAM 14 SUCCEEDED 3 23.235.43.133:443
 }}}
 Then I waited a few seconds, and opened a new tab and entered
 "example.com":
 {{{
 650 STREAM 15 NEW 0 example.com:80 SOURCE_ADDR=127.0.0.1:52130
 PURPOSE=USER
 650 CIRC 6 LAUNCHED BUILD_FLAGS=NEED_CAPACITY PURPOSE=GENERAL
 TIME_CREATED=2016-04-21T17:43:55.108644
 650 CIRC 6 EXTENDED $F1A7CE1B1D558DC24E39B6B30FF217ECCEECF141~Kings
 BUILD_FLAGS=NEED_CAPACITY PURPOSE=GENERAL
 TIME_CREATED=2016-04-21T17:43:55.108644 SOCKS_USERNAME="example.com"
 SOCKS_PASSWORD="0"
 650 CIRC 6 EXTENDED
 $F1A7CE1B1D558DC24E39B6B30FF217ECCEECF141~Kings,$408807EE2ED6C87F921139ABE0C07E84203A8621~MysticOrb
 BUILD_FLAGS=NEED_CAPACITY PURPOSE=GENERAL
 TIME_CREATED=2016-04-21T17:43:55.108644 SOCKS_USERNAME="example.com"
 SOCKS_PASSWORD="0"
 650 CIRC 6 EXTENDED
 $F1A7CE1B1D558DC24E39B6B30FF217ECCEECF141~Kings,$408807EE2ED6C87F921139ABE0C07E84203A8621~MysticOrb,$B0964415A5380080570845E7CBFCADF87FDCCE5A~Necto7
 BUILD_FLAGS=NEED_CAPACITY PURPOSE=GENERAL
 TIME_CREATED=2016-04-21T17:43:55.108644 SOCKS_USERNAME="example.com"
 SOCKS_PASSWORD="0"
 650 CIRC 6 BUILT
 $F1A7CE1B1D558DC24E39B6B30FF217ECCEECF141~Kings,$408807EE2ED6C87F921139ABE0C07E84203A8621~MysticOrb,$B0964415A5380080570845E7CBFCADF87FDCCE5A~Necto7
 BUILD_FLAGS=NEED_CAPACITY PURPOSE=GENERAL
 TIME_CREATED=2016-04-21T17:43:55.108644 SOCKS_USERNAME="example.com"
 SOCKS_PASSWORD="0"
 650 STREAM 15 SENTCONNECT 6 example.com:80
 650 STREAM 15 REMAP 6 93.184.216.34:80 SOURCE=EXIT
 650 STREAM 15 SUCCEEDED 6 93.184.216.34:80
 [snipped more circuit and stream events]
 }}}
 Finally I inspected the list of open circuits again.
 {{{
 getinfo circuit-status
 250+circuit-status=
 1 BUILT $F1A7CE1B1D558DC24E39B6B30FF217ECCEECF141~Kings
 BUILD_FLAGS=ONEHOP_TUNNEL,IS_INTERNAL,NEED_CAPACITY PURPOSE=GENERAL
 TIME_CREATED=2016-04-21T17:43:03.769809
 2 BUILT
 $F1A7CE1B1D558DC24E39B6B30FF217ECCEECF141~Kings,$A47CF4F0B9AFD005C0A5B67A503158923202BE90~dragon1993,$EC116BCB80565A408CE67F8EC3FE3B0B02C3A065~orion
 BUILD_FLAGS=NEED_CAPACITY PURPOSE=GENERAL
 TIME_CREATED=2016-04-21T17:43:04.809515 SOCKS_USERNAME="--unknown--"
 SOCKS_PASSWORD="0"
 3 BUILT
 $F1A7CE1B1D558DC24E39B6B30FF217ECCEECF141~Kings,$EF29F69F49FF1C17CBDCFF8E11E10CD9F6B9DF95~raincat,$6207FC9DDE4EC78F45BB24C53C2EEE63DCC2E2B6~PrivacyRepublic
 BUILD_FLAGS=NEED_CAPACITY PURPOSE=GENERAL
 TIME_CREATED=2016-04-21T17:43:05.790793
 SOCKS_USERNAME="arthuredelstein.github.io" SOCKS_PASSWORD="0"
 4 BUILT
 $F1A7CE1B1D558DC24E39B6B30FF217ECCEECF141~Kings,$385FE4D32D51C03766F3FBD24B108D6FB82C9E36~CDR,$2CF5110C8F31F45737F807F080ABA90A7AE50781~dragon1993
 BUILD_FLAGS=IS_INTERNAL,NEED_CAPACITY,NEED_UPTIME PURPOSE=GENERAL
 TIME_CREATED=2016-04-21T17:43:06.789676
 5 BUILT
 $F1A7CE1B1D558DC24E39B6B30FF217ECCEECF141~Kings,$F60E3B747FE017346005243058FFFE72AA7D59A2~torpoc666,$5937800DEB5B3FDF68BD3392F2AE3A084254FE5F~tor6kryptonit
 BUILD_FLAGS=IS_INTERNAL,NEED_CAPACITY,NEED_UPTIME PURPOSE=GENERAL
 TIME_CREATED=2016-04-21T17:43:07.790465
 6 BUILT
 $F1A7CE1B1D558DC24E39B6B30FF217ECCEECF141~Kings,$408807EE2ED6C87F921139ABE0C07E84203A8621~MysticOrb,$B0964415A5380080570845E7CBFCADF87FDCCE5A~Necto7
 BUILD_FLAGS=NEED_CAPACITY PURPOSE=GENERAL
 TIME_CREATED=2016-04-21T17:43:55.108644 SOCKS_USERNAME="example.com"
 SOCKS_PASSWORD="0"
 7 BUILT $50586E25BE067FD1F739998550EDDCB1A14CA5B2~Jans
 BUILD_FLAGS=ONEHOP_TUNNEL,IS_INTERNAL,NEED_CAPACITY PURPOSE=GENERAL
 TIME_CREATED=2016-04-21T17:44:05.795443
 .
 250 OK
 }}}

 So my interpretation is that
  1. arthuredelstein.github.io used a pre-built circuit (3)
  2. example.com did not use a pre-built circuit, but instead a new circuit
 (6) was launched

 I tried browsing to a series of new domains, and my observation is that
 the majority of the time behavior 2 happens. I guess this could be that
 the rate of production of pre-built circuits is slower that the rate at
 which I was browsing to new sites in my tests. So I guess my question is,
 what determines the rate at which pre-built circuits are built, and could
 we make a noticeable impact on performance if we increased that rate?

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/18859#comment:4>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list