[tor-relays] Botnet issues and upgrading to 0.2.4.x

Sun Oct 20 19:43:46 UTC 2013

Thanks for the replies guys - I've not has a storm in the last few days,
but if/when my Pi gets knocked offline again, I'll dig into those
mitigation strategies. Think in the meantime I need to do a bit more
reading about how the network maintains stability etc

Best,

Chris

On 20 October 2013 19:02, Gordon Morehouse <gordon at morehouse.me> wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA512
>
> Chris Whittleston:
> > Do you think it might help to restart tor every 24 hours or so
> > using cron Dan - or would that adversely affect the network too
> > much/not actually help?
>
> Generally restarting a Tor relay is something you want to do as little
> as possible.  I'm not sure if a quick graceful restart will ruin your
> Stable flag, but if you do have a Stable flag, you're killing every
> circuit through you when you restart.
>
> So, try to keep tor up 24/7 rather than restarting it a lot.
>
> Best,
> - -Gordon M.
>
>
> > On 14 Oct 2013 22:32, "Dan Staples" <danstaples at disman.tl> wrote:
> >
> >> In my experience, setting the bandwidth advertising options does
> >> nothing to stop the "storms" of circuit creation requests. It
> >> *will* affect the *average* bandwidth used by your relay, but
> >> every once in a while, I'll still get circuit-creation storms
> >> that completely overwhelm my RPi and knock it offline (I'm
> >> talking continuous 3Mbps bandwidth use for several hours when
> >> MaxAdvertisedBandwidth is 200 kbps). It seems from past
> >> discussions on the mailing list, this is still an unresolved
> >> issue.
> >>
> >> On Mon 14 Oct 2013 04:43:50 PM EDT, Chris Whittleston wrote:
> >>> Thanks Logforme - yeah I was trying that before I sent the
> >>> first email in this chain, but maybe I didn't go low enough
> >>> with the advertised bandwidth. When the 0.2.4 compilation is
> >>> done (it's still chugging along) I'll try going lower and see
> >>> if it helps.
> >>>
> >>> Chris
> >>>
> >>>
> >>> On 14 October 2013 21:38, Logforme <m7527 at abc.se
> >>> <mailto:m7527 at abc.se>> wrote:
> >>>
> >>> On 2013-10-14 22:01, Chris Whittleston wrote:
> >>>> I see - so I'll probably still see the problem with a huge
> >>>> number
> >> of
> >>>> circuits being created after I've finished building 0.2.4. Is
> >>>> there any way to limit this, I'm guessing reducing the
> >>>> bandwidth wouldn't actually help? I guess I'll look into how
> >>>> much further I can
> >>> overclock
> >>>> the CPU...
> >>> Only option that I know of is to reduce the bandwidth you
> >>> advertise
> >> to
> >>> the network. The more bandwidth you advertise the more
> >>> circuits the tor network will throw at your relay. The
> >>> following flags in the torrc file can be used (with my current
> >>> understanding of them): BandwidthRate : The max bandwidth you
> >>> provide over a long period of time BandwidthBurst : The max
> >>> bandwidth you provide over a short period of time
> >>> MaxAdvertisedBandwidth : The max bandwidth you tell the tor
> >>> network about So you can set BandwidthRate to the real max you
> >>> want to provide and then set MaxAdvertisedBandwidth to a number
> >>> low enough to prevent circuit overload.
> >>>
>
> -----BEGIN PGP SIGNATURE-----
>
> iQEcBAEBCgAGBQJSZBrOAAoJED/jpRoe7/ujnf0H/i+LnIirKcAaceALJOuBasQX
> LczVJiuIG027mqEA6xid6lkiMMVyhIbYbLCL965RJiVm/P8OYfb6woxxUCaOG2s4
> N+pzFDZpg5toZOYgp378oq84GDYpvXdeTxTwx+itATsoGBPg28bYA3YTXGfmTiJr
> /K+cn7j+0QlJsJEgv2taTcnHVgpm4/pm0cfji7/Gg2sGJTuQmRH/V1QMy95fdLUR
> 9dklGpCHEFNOWcDR+MGRTqrks3qG3iMvxuw0HgQ6l5wJSGi1g1ovV3yI0JZNJKQq
> vBAHIaZ+yqUHkGux0cd1FxUe+HOVbLfuKFFBNTuuu2riXdboMyI65aepezRqSQU=
> =h+np
> -----END PGP SIGNATURE-----
> _______________________________________________
> tor-relays mailing list
> tor-relays at lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20131020/bf0c9a11/attachment.html>