[tor-bugs] #24797 [Core Tor/Tor]: Add an option that makes Tor use fewer connections

Tor Bug Tracker & Wiki blackhole at torproject.org
Thu Nov 8 00:59:25 UTC 2018 

#24797: Add an option that makes Tor use fewer connections
-------------------------------------------------+-------------------------
 Reporter:  teor                                 |          Owner:  neel
     Type:  enhancement                          |         Status:
                                                 |  needs_revision
 Priority:  Medium                               |      Milestone:  Tor:
                                                 |  unspecified
Component:  Core Tor/Tor                         |        Version:
 Severity:  Normal                               |     Resolution:
 Keywords:  tor-relay, tor-dos,                  |  Actual Points:
  034-triage-20180328, 034-removed-20180328,     |
  035-removed-20180711                           |
Parent ID:                                       |         Points:  1
 Reviewer:                                       |        Sponsor:
-------------------------------------------------+-------------------------

Comment (by teor):

 Replying to [comment:16 teor]:
 > Hi,
 >
 > The MaxSockets default in the man page is incorrect:
 > {{{
 > (Default: 1000)
 > }}}
 > It should say "Default: unlimited" or something similar.
 >
 > I don't think we should fail if ConnLimit_ is lower than MaxSockets: why
 not just log a notice message, and use ConnLimit_?
 > MaxSockets is a maximum, not a minimum requirement.
 >
 > Please update the options unit tests to test the new option, and its
 interaction with DisableOOSCheck.


 Replying to [comment:18 arma]:
 > Replying to [comment:16 teor]:
 > > I don't think we should fail if ConnLimit_ is lower than MaxSockets:
 why not just log a notice message, and use ConnLimit_?
 >
 > Use ConnLimit for what? As the min or as the max?

 `ConnLimit_` (underscore) is the maximum number of file descriptors
 discovered from the OS. Tor doesn't go above this limit: it is a maximum.

 `ConnLimit` (no underscore) is the minimum required value of `ConnLimit_`
 for tor to start.

 So I suggest replacing `ConnLimit_` with `min(MaxSockets, ConnLimit_)`:

 > > > If you add another torrc option MaxSockets, then use min(MaxSockets,
 ConnLimit_) instead of ConnLimit_, all the rest of the code should just
 work.
 > > >
 > > > Using min(MaxSockets, ConnLimit_) allows us to override the OS when
 its limit is too high, and it makes sure we don't ever go over the OS
 limit.

 > I'm still thinking we shouldn't add this feature. We periodically have
 people who want this sort of thing, and if they set it and it gets
 triggered, they are being a bad relay. Why are we offering them a way to
 be a bad relay?

 Because they're about to hit their limit anyway, and they want to fail
 slightly less awfully using `DisableOOSCheck 0`.

 Some people want to be able to access their relays after tor hits its
 socket limit (#28367). And as neel said, others can't set ulimit on their
 machines.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/24797#comment:22>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list