MaxOnionsPending questions

Nick Mathewson nickm at freehaven.net
Sat Aug 16 15:34:38 UTC 2008


On Fri, Aug 15, 2008 at 04:58:48AM -0500, Scott Bennett wrote:
>      The tor man page says,
> 
> 	MaxOnionsPending NUM
> 	       If you have more than  this  number  of  onionskins  queued  for
> 	       decrypt, reject new ones. (Default: 100)
> 
> Does "onionskins" in this context mean cells or cell payloads?

Neither.  It means incoming CREATE request payloads.

(Why "onionskin"?  In the original Onion Routing designs, "onions"
were structures made with multiple nested PK encryption and used to
create circuits.  In Tor, circuits are built interactively, one hop at
a time, in order to get forward secrecy and (trivially) prevent replay
attacks.  Instead of sending an entire onion, we send one layer of the
onion --or onionskin-- at a time.)

>  What is a
> typical high water mark for the number of onionskins actually in a decryption
> queue at one time?  Under what circumstances?  How can one find out what the
> actual high water mark is for one's own tor server?  Is there a way to reset
> the current high water mark to 0, so that one could find out usage levels on
> a periodic basis?

These are all good questions!  Pending onionskin requests are managed
in the cpuworker.c file, but I don't think high-water marks are
tracked.  A patch to handle this better would be welcome.

-- 
Nick



More information about the tor-talk mailing list