[tor-relays] Botnet issues and upgrading to 0.2.4.x

Gordon Morehouse gordon at morehouse.me
Sun Oct 20 18:02:57 UTC 2013


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Chris Whittleston:
> Do you think it might help to restart tor every 24 hours or so
> using cron Dan - or would that adversely affect the network too
> much/not actually help?

Generally restarting a Tor relay is something you want to do as little
as possible.  I'm not sure if a quick graceful restart will ruin your
Stable flag, but if you do have a Stable flag, you're killing every
circuit through you when you restart.

So, try to keep tor up 24/7 rather than restarting it a lot.

Best,
- -Gordon M.


> On 14 Oct 2013 22:32, "Dan Staples" <danstaples at disman.tl> wrote:
> 
>> In my experience, setting the bandwidth advertising options does 
>> nothing to stop the "storms" of circuit creation requests. It
>> *will* affect the *average* bandwidth used by your relay, but
>> every once in a while, I'll still get circuit-creation storms
>> that completely overwhelm my RPi and knock it offline (I'm
>> talking continuous 3Mbps bandwidth use for several hours when
>> MaxAdvertisedBandwidth is 200 kbps). It seems from past
>> discussions on the mailing list, this is still an unresolved 
>> issue.
>> 
>> On Mon 14 Oct 2013 04:43:50 PM EDT, Chris Whittleston wrote:
>>> Thanks Logforme - yeah I was trying that before I sent the
>>> first email in this chain, but maybe I didn't go low enough
>>> with the advertised bandwidth. When the 0.2.4 compilation is
>>> done (it's still chugging along) I'll try going lower and see
>>> if it helps.
>>> 
>>> Chris
>>> 
>>> 
>>> On 14 October 2013 21:38, Logforme <m7527 at abc.se 
>>> <mailto:m7527 at abc.se>> wrote:
>>> 
>>> On 2013-10-14 22:01, Chris Whittleston wrote:
>>>> I see - so I'll probably still see the problem with a huge
>>>> number
>> of
>>>> circuits being created after I've finished building 0.2.4. Is
>>>> there any way to limit this, I'm guessing reducing the
>>>> bandwidth wouldn't actually help? I guess I'll look into how
>>>> much further I can
>>> overclock
>>>> the CPU...
>>> Only option that I know of is to reduce the bandwidth you
>>> advertise
>> to
>>> the network. The more bandwidth you advertise the more
>>> circuits the tor network will throw at your relay. The
>>> following flags in the torrc file can be used (with my current
>>> understanding of them): BandwidthRate : The max bandwidth you
>>> provide over a long period of time BandwidthBurst : The max
>>> bandwidth you provide over a short period of time 
>>> MaxAdvertisedBandwidth : The max bandwidth you tell the tor 
>>> network about So you can set BandwidthRate to the real max you
>>> want to provide and then set MaxAdvertisedBandwidth to a number
>>> low enough to prevent circuit overload.
>>> 

-----BEGIN PGP SIGNATURE-----

iQEcBAEBCgAGBQJSZBrOAAoJED/jpRoe7/ujnf0H/i+LnIirKcAaceALJOuBasQX
LczVJiuIG027mqEA6xid6lkiMMVyhIbYbLCL965RJiVm/P8OYfb6woxxUCaOG2s4
N+pzFDZpg5toZOYgp378oq84GDYpvXdeTxTwx+itATsoGBPg28bYA3YTXGfmTiJr
/K+cn7j+0QlJsJEgv2taTcnHVgpm4/pm0cfji7/Gg2sGJTuQmRH/V1QMy95fdLUR
9dklGpCHEFNOWcDR+MGRTqrks3qG3iMvxuw0HgQ6l5wJSGi1g1ovV3yI0JZNJKQq
vBAHIaZ+yqUHkGux0cd1FxUe+HOVbLfuKFFBNTuuu2riXdboMyI65aepezRqSQU=
=h+np
-----END PGP SIGNATURE-----


More information about the tor-relays mailing list