[tor-bugs] #24797 [Core Tor/Tor]: Add an option that makes Tor use fewer connections
Tor Bug Tracker & Wiki
blackhole at torproject.org
Thu Jan 4 21:19:51 UTC 2018
#24797: Add an option that makes Tor use fewer connections
------------------------------+----------------------------------------
Reporter: teor | Owner: (none)
Type: defect | Status: new
Priority: Medium | Milestone: Tor: 0.3.3.x-final
Component: Core Tor/Tor | Version:
Severity: Normal | Keywords: tor-relay, DDoS-resistance
Actual Points: | Parent ID:
Points: 1 | Reviewer:
Sponsor: |
------------------------------+----------------------------------------
Tor is willing all the file descriptors the OS tells it are available for
the current user.
So to enforce a connection limit, operators need to drop the user file
descriptor limit.
But if the OS is wrong, or there are multiple tor instances under the
user, tor can easily exceed this limit.
Or machine hits a kernel, RAM, or CPU limit first, then the user might
want to artificially limit connections.
Right now, we have ConnLimit, which looks like it limits connections, but
it's actually a minimum.
And we have the out of socket check, but DisableOOSCheck is the default.
Does enforcing a connection limit require us to set DisableOOSCheck 0?
Then we should move this ticket to 0.3.4, and open one to improve the out
of socket check.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/24797>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list