[tor-bugs] #31425 [Circumvention/Snowflake]: Snowflake broker is sluggish and sometimes fails

Tor Bug Tracker & Wiki blackhole at torproject.org
Tue Sep 3 17:10:00 UTC 2019 

#31425: Snowflake broker is sluggish and sometimes fails
-------------------------------------+-----------------------------------
 Reporter:  cohosh                   |          Owner:  (none)
     Type:  defect                   |         Status:  needs_information
 Priority:  Low                      |      Milestone:
Component:  Circumvention/Snowflake  |        Version:
 Severity:  Normal                   |     Resolution:
 Keywords:  broker                   |  Actual Points:
Parent ID:                           |         Points:
 Reviewer:                           |        Sponsor:
-------------------------------------+-----------------------------------

Comment (by dcf):

 Replying to [comment:8 cohosh]:
 > To add to the information here, starting yesterday I've been getting
 notifications from sysmon that the snowflake broker becomes unreachable
 periodically (I received 3 notifications yesterday that unreachability
 lasted approximately 10-25 minutes.

 What reachability test does sysmon do? An HTTPS request?

 I also have been seeing lots of 504 timeouts on the client side.

 I wondered if there were some pathology in the in-memory data structures
 used to store active snowflakes and clients. But the set of snowflakes
 [https://gitweb.torproject.org/pluggable-
 transports/snowflake.git/tree/broker/snowflake-heap.go?h=webext-0.0.10
 uses a priority queue] and I don't see any obvious bugs. If the problem
 were an inefficient algorithm, I'd expect to see higher CPU usage anyway.

 netstat shows about 800 established connections. Compared to about 400
 proxies, with 2 sockets per proxy, that seems reasonable. 800 open sockets
 doesn't seem like it should cause problems in kernel I/O.
 {{{
 $ netstat -n | grep -c ESTABLISHED
 828
 }}}

 Replying to [comment:9 cohosh]:
 > I asked before if we hit a transfer limit, which is worth checking into
 but I'll need dcf for that.

 There is no such limit in place as far as I know. I tried downloading a
 Debian ISO and it went at 7.5 MB/s, so it doesn't look like bandwidth is
 being throttled.
 {{{
 $ wget https://cdimage.debian.org/debian-cd/current/amd64/iso-
 cd/debian-10.0.0-amd64-netinst.iso
 ...
 2019-09-03 16:48:54 (7.49 MB/s) - ‘debian-10.0.0-amd64-netinst.iso’ saved
 [350224384/350224384]
 }}}

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/31425#comment:10>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list