Two create_fast questions
Paul Syverson
syverson at itd.nrl.navy.mil
Thu Mar 1 04:31:38 UTC 2007
On Wed, Feb 28, 2007 at 10:54:04PM -0500, Paul Syverson wrote:
>
> I think this is all consistent with what I said (or perhaps was trying
> to say ;>) My thought is that Tor preemptively builds circuits. Since
> we use entry guards, those circuits will be through the same three
> first nodes, or two nodes e.g., when just one guard is down. So as
> long as the Tor client is active, it will be building circuits through
> the same few first nodes. They are thus likely to persistently have
> open circuits from the same client (though not the same open circuits
> persistently). Thus, it seems to me quite possible that the client
> will be maintaining the TLS connection to a node for a long time, even
> if it is expiring dirty circuits and even if TLS connections die
> without an open circuit on them for more than 5 minutes.
>
As a quick example, I fired up a Tor client about an hour ago. I did
not open any application connections through Tor, so circuits all
expired without getting dirty. For at least the last 45 minutes, all
circuits built went through one of two nodes for first hops. I believe
both of nodes will have the same open TLS connections as long as I
leave the client running and the Internet connection live, up to a
week apparently. (It won't be that long; I'm closing and going to
bed).
aloha,
Paul
More information about the tor-dev
mailing list