[tor-bugs] #33072 [Core Tor/Tor]: When under load, give 503 aggressively for dirport requests without compression

Tor Bug Tracker & Wiki blackhole at torproject.org
Wed Mar 18 13:16:23 UTC 2020 

#33072: When under load, give 503 aggressively for dirport requests without
compression
-------------------------------------------------+-------------------------
 Reporter:  nickm                                |          Owner:  dgoulet
     Type:  defect                               |         Status:
                                                 |  needs_revision
 Priority:  Medium                               |      Milestone:  Tor:
                                                 |  0.4.4.x-final
Component:  Core Tor/Tor                         |        Version:
 Severity:  Normal                               |     Resolution:
 Keywords:  network-health 043-should consider-  |  Actual Points:
  backport-after-0434 042-backport 043-backport  |
Parent ID:  #33018                               |         Points:
 Reviewer:  teor                                 |        Sponsor:
-------------------------------------------------+-------------------------

Comment (by dgoulet):

 Replying to [comment:20 teor]:
 > Sounds like it will solve our current problem with uncompressed
 requests.
 > So we could merge as it is.
 >
 > But what if the DoS switches to compressed requests?

 In that case, we serve everything. This ticket was meant to improve the
 current situation instead of finding a long term fix and thus yes if the
 DoS switches, we have another problem.

 >
 > When we are rejecting uncompressed requests, can we look at the write
 limit for compressed client requests?

 That would mean a specific write limit for compressed client requests? Is
 this what you mean? Or if uncompressed requests, we should only reject if
 limit is too low?

 Right now, this only looks at the global write bucket. It would require
 significant changes to have limits per "type" of requests (client vs
 relay, compressed vs uncompressed, ...).

 Another reason for this is that only very old clients will request
 uncompressed and thus this patch would refuse them access to directory
 documents. But could also create some thundering herd maybe?

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/33072#comment:21>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list