[tor-dev] Proposal 185: Directory caches without DirPort
arma at mit.edu
Thu Sep 22 22:41:34 UTC 2011
On Thu, Sep 22, 2011 at 10:49:04AM +0200, Karsten Loesing wrote:
> On 9/20/11 9:34 PM, Nick Mathewson wrote:
> > Configuration:
> > Add a new torrc option, "DirCache". Its values can be "0", "1",
> > and "auto". If it is 0, we never act as a directory cache, even
> > if DirPort is set.
> Do these relays set "dir-cache 0" in their router descriptors? Or do
> they just not include "dir-cache 1"? But if they set a non-zero
> DirPort, how will the directory authorities and clients know that the
> node doesn't want to act as a directory cache?
It seems like there are really two behaviors we want to control here.
Question 1: "do you fetch and cache directory info and answer questions
if somebody asks you questions?"
Question 2: "should you be identified in the consensus as a relay that
wants to answer questions?"
If the answer to #2 is yes, the answer to #1 must be yes also.
Every exit relay fetches and caches directory info already (see the last
check in directory_caches_dir_info()). So do bridges. I'd say our life
would get a lot easier if we just declare that anybody with an ORPort
set should say yes to #1. To be clear, the change in behavior there is
that non-exit non-dirport relays would now start fetching dir info from
authorities on the mirror schedule.
And at that point it's just a question of deciding how to answer #2.
See decide_to_advertise_dirport() in router.c for the complex set of
topics we consider now for answering #2.
One simple answer would be that if you're in the consensus and have
a new enough version, the answer to #2 is simply yes. Everybody is a
suitable choice for answering dir info. Hibernating relays aren't in the
consensus. Clients already weight their selection by capacity to shift
load to faster relays. Relays with set but unreachable dirports should
list "0" for their dirport, but still answer questions.
Variation A would be that clients entirely avoid relays under a certain
capacity (say, 50KB) when making their selection. If we want to get
super fancy, we could have authorities vote on a consensus param that
describes the capacity under which clients should choose not to ask a
relay about dir info.
Variation B would be to make a new relay status flag NoDirCache that
authorities set if you put a line in your descriptor asking for clients
to avoid you, for example if you have accounting set. But I think that's
probably more trouble than it's worth.
More information about the tor-dev