[tor-dev] Implications of switching to a single guard node: some conclusions

Mike Perry mikeperry at torproject.org
Wed Mar 26 00:08:46 UTC 2014


Roger Dingledine:
> On Tue, Mar 25, 2014 at 01:41:43PM -0700, Mike Perry wrote:
> > Nicholas Hopper:
> > >  I modified Aaron Johnson's TorPS simulator to
> > > simulate 50K clients
> 
> > ** The reason I ask is because I suspect there is actually an interplay
> > between the current circuit build timeout code and the pool of 3 guards.
> > The CBT cutoff will tend to cause you to avoid whichever of your guards
> > may be temporarily overloaded at a given time.
> 
> Does Aaron's TorPS implement the circuit-build-timeout behavior?
> 
> I wouldn't be surprised if it skipped over that, since (for example)
> where would you get the realistic data about network latencies and relay
> delays to be able to simulate it?

Oh, hrmm.. Well, it appears TorPS is just a tor controller, so I believe
that CBT should still time these circuits, but if this simulator runs on
a timer for extending hops on circuits (or even experiences delays while
servicing control port CIRC events), it will effectively destroy how CBT
behaves (and possibly alter the results in other ways).

This now makes concerned we may still not be fully evaluating the
effects of this change with real Tor client behavior. I suppose we need
to find out more about exactly how it builds circuits and what torrc
options it uses.


But in either case, we still need a controlled experiment between 3
guards vs 1 guard at the same cutoff, otherwise we're sort of just
sweeping any performance problems caused by the change under the rug.

-- 
Mike Perry
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: Digital signature
URL: <http://lists.torproject.org/pipermail/tor-dev/attachments/20140325/8face64d/attachment.sig>


More information about the tor-dev mailing list