[tor-relays] Experimental DoS mitigation is in tor master

John Ricketts john at quintex.com
Wed Jan 31 10:47:14 UTC 2018

Woo, for sure!

> On Jan 31, 2018, at 03:16, Roger Dingledine <arma at mit.edu> wrote:
> Hi folks,
> Thanks for your patience with the relay overload issues.
> We've merged https://bugs.torproject.org/24902 into tor git master. We'll
> be putting out an release in not too long for wider testing,
> and eventually backporting it all the way back to 0.2.9, but if you're
> the sort who enjoys running code from git, now is a great time to try it
> and let us know of problems and/or successes.
> Here's the changelog stanza:
>  o Major features:
>    - Give relays some defenses against the recent network overload. We
>      start with three defenses (default parameters in parentheses).
>      First: if a single client address makes too many connections
>      (>100), hang up on further connections. Second: if a single client
>      address makes circuits too quickly (more than 3 per second, with
>      an allowed burst of 90) while also having too many connections open
>      (3), refuse new create cells for the next while (1-2 hours). Third:
>      if a client asks to establish a rendezvous point to you directly,
>      ignore the request. These defenses can be manually controlled
>      by new torrc options, but relays will also take guidance from
>      consensus parameters, so there's no need to configure anything
>      manually. Implements ticket 24902.
> To repeat that last part: there are a bunch of torrc options you can
> use to tweak stuff, but you can leave it all at the defaults and it will
> read its instructions out of the consensus parameters:
> https://consensus-health.torproject.org/#consensusparams
> Woo,
> --Roger
> _______________________________________________
> tor-relays mailing list
> tor-relays at lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

More information about the tor-relays mailing list