[tor-bugs] #22820 [Core Tor/Tor]: Give the Exit flag to Exits that use the secure IRC port 6697
Tor Bug Tracker & Wiki
blackhole at torproject.org
Wed Jul 5 04:41:00 UTC 2017
#22820: Give the Exit flag to Exits that use the secure IRC port 6697
----------------------------+----------------------------------
Reporter: teor | Owner:
Type: enhancement | Status: new
Priority: Medium | Milestone: Tor: unspecified
Component: Core Tor/Tor | Version:
Severity: Normal | Resolution:
Keywords: needs-proposal | Actual Points:
Parent ID: | Points: 3
Reviewer: | Sponsor:
----------------------------+----------------------------------
Comment (by arma):
The Exit flag serves two roles:
A) It allows people to build preemptive circuits, and end them at a relay
that has a good chance of being able to handle whatever future stream the
client receives. That is, we want to build a circuit *before* we know what
stream request is going to arrive, and we want to have a good chance that
the last hop on that circuit will be able to handle the request. So in
that sense the Exit flag signifies "is able to handle many of the likely
requests by users".
B) It allows clients to shift load away from relays that probably already
have a lot of load because they're being used as exits. That is, if your
relay has the Exit flag, then my client will avoid using it in the first
or second hops of my circuits, because for global load balancing it is
best to save its bandwidth for being an exit since exit capacity is
scarce.
For the first one, I want to know what *this particular client* is likely
to do, and build circuits that are going to be able to handle those
requests. That's part of what the "predicted ports" logic is for in
rephist.c -- see for example {{{rep_hist_note_used_port()}}}.
Whereas for the second one, I want to know what *most of the other
clients* are likely to do, so I can take the correct behavior to produce
the globally optimum load across all the relays.
Originally, I picked "80, 443, and 6667" as an indication that if you
accept those three, you probably accept a bunch of other ports too, so
you're likely to be an exit relay that gets used for exit traffic.
So as people try to squeeze down their exit policy while retaining the
Exit flag, they are pushing themselves farther from being the sort of
relay that is being used a lot for exit traffic.
If I were to make a change based on (my intuition of) traffic these days,
I would change it to simply "80 and 443".
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/22820#comment:4>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list