[tor-relays] 0.2.4.17-rc on Pi, a couple weeks on

Gordon Morehouse gordon at morehouse.me
Wed Sep 18 13:50:46 UTC 2013 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Hey folks,

Here are my reports.  First the good news: it's WAY more stable.  Then
the bad news: it still gets OOM-killed once in a while, possibly
preventably.

THE GOOD (notes from September 14):

Here's my Pi relay since compilation of 0.2.4.17-rc:

Sep 14 11:50:59.000 [notice] Circuit handshake stats since last time:
13308/13324 TAP, 22/22 NTor.
Sep 14 11:51:51.000 [notice] Heartbeat: Tor's uptime is 7 days 18:00
hours, with 434 circuits open. I've sent 42.85 GB and received 34.05 GB.
Sep 14 11:51:51.000 [notice] Average packaged cell fullness: 98.369%
Sep 14 11:51:51.000 [notice] TLS write overhead: 9%


That low NTor number is depressing.  That high TAP number is scary.
TAP is the old way and the way the botnet is using.  NTor is
post-0.2.4.8, I think.

The replay has settled into a fairly steady state (after losing its
flags except Named) of sending 5-10KB more per sec than it gets.  I
have a feeling this is literally due to the TAP replies being bigger
than the TAP requests.  It's handling tens of thousands every 6 hours.
 Load average is steadyish at 0.7.  Unlike its predecessor, though,
it's not yet crashed under the new network conditions.

...By last night (18 Sept) it had settled in to no Stable flag, but
forwarding an essentially random amount of traffic that looked similar
minute-to-minute.  Load was between 0.9 and 1.1 with tor, top, and
nload being really the only active processes.  There is still room for
tuning with the Pi given that this load was attained relaying about
2Mbps when I looked.

THE BAD:

This morning:

Sep 18 04:50:59.000 [notice] Circuit handshake stats since last time:
34818/41100 TAP, 50/52 NTor.
Sep 18 05:30:43.000 [warn] Your system clock just jumped 101 seconds
forward; assuming established circuits no longer work.


The system clock thing is a Pi thing.  I'm pretty sure I need to get
much more aggressive with ntpd.  (Pis have no battery backup and tend
to have pretty bad clock drift.)

But then, 2 minutes later:


Sep 18 05:32:20 tulameen kernel: [2188444.188460] Out of memory: Kill
process 7544 (tor) score 148 or sacrifice child
Sep 18 05:32:20 tulameen kernel: [2188444.188475] Killed process 7544
(tor) total-vm:153352kB, anon-rss:115156kB, file-rss:36712kB


Coincidence?  Bug?  Smells like the latter.  Shouldn't Tor be shedding
memory if it closes all its circuits, not acquiring more?

Best,
- -Gordon M.
-----BEGIN PGP SIGNATURE-----

iQEcBAEBCgAGBQJSOa+yAAoJED/jpRoe7/ujs4UH/iXK4+hAAk06nYUptKChGRyx
boZxDxpNum4uEzkJNZlUdvUILuVLX2DXytN7kNJUKDYKGzwCwBhhcQ7tOyBFucz+
muVcbwgyjM8zDhMFexWX8wVh7lauJRpjcNxzE+5hVRkzMFrbGy7FLXZbTiNGT5Ez
cSfZAziu0Au3OKhxLQMUdYiZtfi/b/ReMIx72Xz4pBX4hPiagORG5NPgKpNzeBij
C+khy5up1WuE7qxGX8+zG1T6K0whAW6MFYKdIT63GlwVWzYAP7tZDbbQd3kB46Yd
e5I+ySBGL7VnOzH6CQl+2l1enu87JDyZ1Hw6zkZp3GQ6u8ThiHQQvmNQx9N3rxQ=
=sx6s
-----END PGP SIGNATURE-----

More information about the tor-relays mailing list