[tor-talk] MaxMemInCellQueues questions

s7r at sky-ip.org s7r at sky-ip.org
Sun Mar 9 23:31:29 UTC 2014

Hash: SHA1

Hi Onions,

Reading the blog post with the DDoS possible attack to terminate
relays by making RAM memory scarce, I would like to ask the following:

In Tor versions > 2.4 a defense against these types of attacks was
deployed (MaxMemInCellQueues). MaxMemInCellQueues shall kill circuits
when RAM memory gets low based on cell lifetime (?oldest circuit(s)?).

The post says:
"There is likely not one single value
that makes sense here: if it is too high, then relays with lower memory
will not be protected; if it is too low, then there may be more false
positives resulting in honest circuits being killed."

- -- in this case, with the default install of Tor (from torproject.org
or repositories), without any editing of torrc file from user's side,
what is the MaxMemInCellQueues value set to? Or is it not set at all?
With an improper configuration for this value made by the users
running relays, won't this cause a penalty over the performance of Tor
network overall?

It could be confusing. How many of current admins are using
MaxMemInCellQueues and more important is it used correctly or are
honest circuits being killed? (I could add that since few weeks ago
circuits to OFTC irc server for example do not last more than 24 Hrs).

How can the MaxMemInCellQueues setting help regular non-advanced users
who are relays using Vidalia relay packages for Windows? How can this
category of users protect against this type of attack?

- -- 
PGP Public key: http://www.sky-ip.org/s7r@sky-ip.org.asc
Version: GnuPG v2.0.17 (MingW32)


More information about the tor-talk mailing list