[tor-bugs] #24902 [Core Tor/Tor]: Denial of Service mitigation subsystem

Tor Bug Tracker & Wiki blackhole at torproject.org
Tue Feb 13 13:36:07 UTC 2018 

#24902: Denial of Service mitigation subsystem
-------------------------------------------------+-------------------------
 Reporter:  dgoulet                              |          Owner:  dgoulet
     Type:  enhancement                          |         Status:
                                                 |  needs_revision
 Priority:  Very High                            |      Milestone:  Tor:
                                                 |  0.3.3.x-final
Component:  Core Tor/Tor                         |        Version:
 Severity:  Normal                               |     Resolution:
 Keywords:  ddos, tor-relay, review-group-30,    |  Actual Points:
  029-backport, 031-backport, 032-backport,      |
  review-group-31, SponsorV                      |
Parent ID:                                       |         Points:
 Reviewer:  arma                                 |        Sponsor:
-------------------------------------------------+-------------------------

Comment (by dgoulet):

 Replying to [comment:69 teor]:
 > My relay radia4 became unmeasured shortly after I disabled my firewall
 and started relying on the DDoS defences. And then a few hours later, it
 was measured again.
 >
 > I've checked that it's reachable on IPv4 and IPv6, and that the
 remaining firewall rules aren't blocking anything (unless the authorities
 are making *lots* of connections).
 >
 > Could the authorities (or the bandwidth authority clients) be triggering
 one of the defences?
 > Aren't authorities meant to be exempted as relays?

 For reachability test, authority opens a one-hop circuit to the relay and
 it is authenticated right? But anycase, there is no defense applied for
 known IPs and I assume dirauth are very known.

 > Perhaps the bandwidth authority clients are building too many circuits?

 If the bwauth is opening more than 3 concurrent connections and doing on
 them 90 circuits burst at a rate of 3 circuit/second, then yes that is
 *crazy* and would trigger the defense. Or if it is opening more than 100
 TCP connections in parallel, all the other connections would get refused.

 > Edit: it was re-measured, not down

 The defense would be up for 60 minutes + rand(1, 30) minutes so if it was
 re-measured somehow properly without triggering the defense, I think that
 either the bwauth is on the edge there or it is not that.

 If the bwauth aren't opening that many circuits, I would blame the network
 load or/and bwauth code?

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/24902#comment:70>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list