Re: [tor-relays] DirPort

2022-03-08 Thread Roger Dingledine 
On Tue, Mar 08, 2022 at 11:25:00AM -0600, Thoughts wrote:
> Coming up on day 3 of my tor relay, "SpinnerDolphin1".  Per the metrics page
> is showing "Dir Address none", but I have a DirPort defined (as nyx
> reports), and opened.

Modern Tor relays don't advertise their DirPort anymore, because nothing
uses it.

More details here:
https://gitlab.torproject.org/tpo/network-health/metrics/relay-search/-/issues/40013

That is, you can set your DirPort to 0, or leave it as it is.

Thanks for running a relay!
--Roger

___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

[tor-relays] DirPort

2022-03-08 Thread Thoughts 

Good day all -

Coming up on day 3 of my tor relay, "SpinnerDolphin1".  Per the metrics 
page is showing "Dir Address none", but I have a DirPort defined (as nyx 
reports), and opened.


Is this just something that won't be activated until later in my spin-up 
cycle?


I have a 100/100 mbit connection, so suspect I can support a DirPort.  
Should be getting gigabit later this year when my ISP supports it.


Kevin

___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] DirPort DOS activity against Fallback Directories

2018-05-21 Thread teor 


On 22 May 2018, at 04:29, Logforme  wrote:

>> Just looked over a sample of FallBackDir relays in Relay Search and
>> it appears this excess-load abuse is directed at them in particular.
>> Some fall-back directories show more than a month of excess request
>> traffic, presumably on the DirPort.

Have you checked on a relay?

If it's from recent clients, it will be on the ORPort.

If it's from relays or descriptor parsing libraries like stem, it will probably
be on the DirPort.

>> Logs here indicate six weeks
>> of abuse escalating in increments.
> How can I find this information on my relay? 
> (855BC2DABE24C861CD887DB9B2E950424B49FC34)

You can look at your relay's bandwidth graphs on relay search.

> The only weird stuff I've noticed is that memory usage have doubled. From 
> 1.5GB to 3GB. Bandwidth is pegged at times, but not excessively so.

Then it might be harmless.

T
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] DirPort DOS activity against Fallback Directories

2018-05-21 Thread starlight . 2017q4 
At 18:29 5/21/2018 +, Logforme  wrote:
>
>How can I find this information on my relay? 
>(855BC2DABE24C861CD887DB9B2E950424B49FC34)
>

Is visible here

https://metrics.torproject.org/rs.html#details/855BC2DABE24C861CD887DB9B2E950424B49FC34

Click on the Bandwidth History "3-Month" tab.  Your relays
shows indications of excess load.  You can verify this on the
local system as follows:

>For those with DirPort configured, one can check for the
>problem by looking at the 'state' file with the command
>
>   egrep '^BWHistory.*WriteValues' state | tr ',' '\n'
>
>and calculating the percent BWHistoryDirWriteValues is
>relative to BWHistoryWriteValues for the same samples.
>Should be under 5%, more like 1-3%.  If 15% the attacker
>is harassing your relay.

The above was written for lower-bandwidth relays
of around 10MB/sec.  Faster relays show a smaller increase,
but if the absolute traffic level is on the order of
60MB or more attack is likely.  A more reasonable DirPort
traffic level is around 10M.

___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] DirPort DOS activity against Fallback Directories

2018-05-21 Thread Logforme 


Just looked over a sample of FallBackDir relays in Relay Search and
it appears this excess-load abuse is directed at them in particular.
Some fall-back directories show more than a month of excess request
traffic, presumably on the DirPort.  Logs here indicate six weeks
of abuse escalating in increments.
How can I find this information on my relay? 
(855BC2DABE24C861CD887DB9B2E950424B49FC34)


The only weird stuff I've noticed is that memory usage have doubled. 
From 1.5GB to 3GB. Bandwidth is pegged at times, but not excessively so.


___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

[tor-relays] DirPort DOS activity against Fallback Directories

2018-05-21 Thread starlight . 2017q4 
Recently I noticed excessive DirPort requests to my relay, where DirPort 
bandwidth reached 15% of ORPort bandwidth.  Normal DirPort load is around 2%.

https://lists.torproject.org/pipermail/tor-relays/2018-May/015253.html

Just looked over a sample of FallBackDir relays in Relay Search and
it appears this excess-load abuse is directed at them in particular.
Some fall-back directories show more than a month of excess request
traffic, presumably on the DirPort.  Logs here indicate six weeks
of abuse escalating in increments.  Possibly this foreshadows a major
increase in an effort to impair FallBackDir relay functionality.

Either an iptables connection-rate limit or disabling DirPort
resolves the problem.

___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays