[tor-relays] List number of circuits per connection
Logforme
m7527 at abc.se
Wed Oct 19 12:47:03 UTC 2022
I run the relay 8F6A78B1EA917F2BF221E87D14361C050A70CCC3
Like most relays mine has been targeted by the DoS attack. Hundreds of
VPS IPs creating millions of IP connections. This I mitigated with rules
in my firewall. Looking at the firewall counters it looks like that
attack has now stopped.
However the relay is still overloaded from lots of circuit creations.
Normally my little relay reports around 100K circuits open in the log
file but since the overloading started it's closer to 1M circuits open.
All these circuit creations put a strain on the CPU, sometime pegging it
at 100% (4 core i5-4670K CPU @ 3.40GHz). Worse, it seems to eat memory.
Normally the tor process uses about 3GB (out of 8GB) but I have seen it
quickly shoot up to using all memory and all swap. I assume this is
because of the circuit creation DoS (it's new behavior) and what causes
the oom killer to kill the tor process at least once a day or so.
So, how do I mitigate the circuit creation DoS? My immediate thought is
to identify if there are a few IPs responsible for the majority and add
those to my firewall naughty list.
Is there a way to query the tor process about number of open circuits
mapped to IP addresses?
More information about the tor-relays
mailing list