[tor-bugs] #24973 [Core Tor/Tor]: Tor should be more gentle when launching dozens of circuits at once

Tor Bug Tracker & Wiki blackhole at torproject.org
Mon Feb 5 20:46:32 UTC 2018 

#24973: Tor should be more gentle when launching dozens of circuits at once
----------------------------------------+----------------------------------
 Reporter:  asn                         |          Owner:  (none)
     Type:  defect                      |         Status:
                                        |  needs_information
 Priority:  Medium                      |      Milestone:  Tor:
                                        |  0.3.3.x-final
Component:  Core Tor/Tor                |        Version:  Tor: unspecified
 Severity:  Normal                      |     Resolution:
 Keywords:  tor-dos tor-hs performance  |  Actual Points:
Parent ID:                              |         Points:  3
 Reviewer:                              |        Sponsor:
----------------------------------------+----------------------------------
Changes (by dgoulet):

 * status:  new => needs_information


Comment:

 Replying to [comment:3 arma]:
 > Would it be totally crazy for clients to take a look at the
 dos_cc_circuit_max_count consensus param (or whatever we end up naming it)
 from #24902, and try to hold themselves under it when they have some
 control over their circuit load, like in this case?

 In general, I do think we want a mechanism in a tor *client* to never go
 above a circuit creation rate and sounds like a good logic to use the DoS
 mitigation rate as the upper limit (which can be a moving target over
 time). That makes client use a rate that they know they won't get
 blacklisted for that in theory. Although all this makes sense if our DoS
 mitigation starts being applied with a single TCP connection
 (`DoSCircuitCreationMinConnections 1`).

 This also has a side effect of effectively having a way to control the
 circuit creation rate of the entire network (for normal tor clients). Fun
 power to have (?).

 However, that might not play super well with busy hidden service opening
 rendezvous circuits at a much higher rate than a normal client would do.
 And also, I wouldn't probably do this differently with HS because it seems
 to me an easy way to provide a way to neutralize a service, keep opening
 circuits to reach that limit and the circuit effectively becomes
 unresponsive because it can't launch more RP circuits. Else, it would
 queue the requests and go FIFO with those while it respects the circuit
 rate.

 At first, I would go with circuit rate limiting tor clients (excluding
 HS). Is this something we want/can have in 033?

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/24973#comment:5>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list