Re: [tor-bugs] #24769 [Core Tor/Tor]: Increase client idle and connection timeouts to reduce network load

[Tor Bug Tracker & Wiki]

#24769: Increase client idle and connection timeouts to reduce network load
-+-
 Reporter:  teor |  Owner:
 |  mikeperry
 Type:  defect   | Status:  closed
 Priority:  High |  Milestone:  Tor:
 |  0.3.3.x-final
Component:  Core Tor/Tor |Version:  Tor:
 |  0.3.1.1-alpha
 Severity:  Normal   | Resolution:
 Keywords:  tor-client, dos-resistance,  |  implemented
  032-backport, 031-backport, 029-backport, 025  |  Actual Points:
  -backport-maybe, review-group-32, 033-must |
Parent ID:   | Points:  1
 Reviewer:  nickm|Sponsor:
-+-

Comment (by nickm):

 no problem; that's why we review ;)

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #24769 [Core Tor/Tor]: Increase client idle and connection timeouts to reduce network load

[Tor Bug Tracker & Wiki]

#24769: Increase client idle and connection timeouts to reduce network load
-+-
 Reporter:  teor |  Owner:
 |  mikeperry
 Type:  defect   | Status:  closed
 Priority:  High |  Milestone:  Tor:
 |  0.3.3.x-final
Component:  Core Tor/Tor |Version:  Tor:
 |  0.3.1.1-alpha
 Severity:  Normal   | Resolution:
 Keywords:  tor-client, dos-resistance,  |  implemented
  032-backport, 031-backport, 029-backport, 025  |  Actual Points:
  -backport-maybe, review-group-32, 033-must |
Parent ID:   | Points:  1
 Reviewer:  nickm|Sponsor:
-+-

Comment (by mikeperry):

 Ugh sorry for the sloppiness in the spec repo. I did that rather quickly.
 :/

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #24769 [Core Tor/Tor]: Increase client idle and connection timeouts to reduce network load

[Tor Bug Tracker & Wiki]

#24769: Increase client idle and connection timeouts to reduce network load
-+-
 Reporter:  teor |  Owner:
 |  mikeperry
 Type:  defect   | Status:  closed
 Priority:  High |  Milestone:  Tor:
 |  0.3.3.x-final
Component:  Core Tor/Tor |Version:  Tor:
 |  0.3.1.1-alpha
 Severity:  Normal   | Resolution:
 Keywords:  tor-client, dos-resistance,  |  implemented
  032-backport, 031-backport, 029-backport, 025  |  Actual Points:
  -backport-maybe, review-group-32, 033-must |
Parent ID:   | Points:  1
 Reviewer:  nickm|Sponsor:
-+-

Comment (by nickm):

 Oh!  These are incompatible:

 {{{
 +#define DFLT_IDLE_TIMEOUT_WHILE_LEARNING (3*60)
 }}}

 {{{
 +  cbtlearntimeout
 +Default: 360
 }}}

 I'll edit the spec to match the implementation.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #24769 [Core Tor/Tor]: Increase client idle and connection timeouts to reduce network load

[Tor Bug Tracker & Wiki]

#24769: Increase client idle and connection timeouts to reduce network load
-+-
 Reporter:  teor |  Owner:
 |  mikeperry
 Type:  defect   | Status:  closed
 Priority:  High |  Milestone:  Tor:
 |  0.3.3.x-final
Component:  Core Tor/Tor |Version:  Tor:
 |  0.3.1.1-alpha
 Severity:  Normal   | Resolution:
 Keywords:  tor-client, dos-resistance,  |  implemented
  032-backport, 031-backport, 029-backport, 025  |  Actual Points:
  -backport-maybe, review-group-32, 033-must |
Parent ID:   | Points:  1
 Reviewer:  nickm|Sponsor:
-+-

Comment (by nickm):

 (Your torspec branch had some other stuff in it -- make sure your master
 is clean?  I cherry-picked the relevant commit there.)

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #24769 [Core Tor/Tor]: Increase client idle and connection timeouts to reduce network load

[Tor Bug Tracker & Wiki]

#24769: Increase client idle and connection timeouts to reduce network load
-+-
 Reporter:  teor |  Owner:
 |  mikeperry
 Type:  defect   | Status:  closed
 Priority:  High |  Milestone:  Tor:
 |  0.3.3.x-final
Component:  Core Tor/Tor |Version:  Tor:
 |  0.3.1.1-alpha
 Severity:  Normal   | Resolution:
 Keywords:  tor-client, dos-resistance,  |  implemented
  032-backport, 031-backport, 029-backport, 025  |  Actual Points:
  -backport-maybe, review-group-32, 033-must |
Parent ID:   | Points:  1
 Reviewer:  nickm|Sponsor:
-+-
Changes (by nickm):

 * status:  needs_review => closed
 * resolution:   => implemented


Comment:

 The code looks safe enough to me, and the defaults don't seem
 unreasonable.

 My only worry would be that maybe networkstatus_get_param() might get
 called too often, but I don't think that will be the case in these
 contexts.

 Merging to master!

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #24769 [Core Tor/Tor]: Increase client idle and connection timeouts to reduce network load

[Tor Bug Tracker & Wiki]

#24769: Increase client idle and connection timeouts to reduce network load
-+-
 Reporter:  teor |  Owner:
 |  mikeperry
 Type:  defect   | Status:
 |  needs_review
 Priority:  High |  Milestone:  Tor:
 |  0.3.3.x-final
Component:  Core Tor/Tor |Version:  Tor:
 |  0.3.1.1-alpha
 Severity:  Normal   | Resolution:
 Keywords:  tor-client, dos-resistance,  |  Actual Points:
  032-backport, 031-backport, 029-backport, 025  |
  -backport-maybe, review-group-32, 033-must |
Parent ID:   | Points:  1
 Reviewer:  nickm|Sponsor:
-+-
Changes (by nickm):

 * reviewer:   => nickm


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #24769 [Core Tor/Tor]: Increase client idle and connection timeouts to reduce network load

[Tor Bug Tracker & Wiki]

#24769: Increase client idle and connection timeouts to reduce network load
-+-
 Reporter:  teor |  Owner:
 |  mikeperry
 Type:  defect   | Status:
 |  needs_review
 Priority:  High |  Milestone:  Tor:
 |  0.3.3.x-final
Component:  Core Tor/Tor |Version:  Tor:
 |  0.3.1.1-alpha
 Severity:  Normal   | Resolution:
 Keywords:  tor-client, dos-resistance,  |  Actual Points:
  032-backport, 031-backport, 029-backport, 025  |
  -backport-maybe, review-group-32, 033-must |
Parent ID:   | Points:  1
 Reviewer:   |Sponsor:
-+-
Changes (by teor):

 * milestone:  Tor: 0.3.4.x-final => Tor: 0.3.3.x-final


Comment:

 We really do want to fix this in 033

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #24769 [Core Tor/Tor]: Increase client idle and connection timeouts to reduce network load

[Tor Bug Tracker & Wiki]

#24769: Increase client idle and connection timeouts to reduce network load
-+-
 Reporter:  teor |  Owner:
 |  mikeperry
 Type:  defect   | Status:
 |  needs_review
 Priority:  High |  Milestone:  Tor:
 |  0.3.4.x-final
Component:  Core Tor/Tor |Version:  Tor:
 |  0.3.1.1-alpha
 Severity:  Normal   | Resolution:
 Keywords:  must-fix-before-033-stable, tor- |  Actual Points:
  client, dos-resistance, 032-backport,  |
  031-backport, 029-backport, 025-backport-  |
  maybe  |
Parent ID:   | Points:  1
 Reviewer:   |Sponsor:
-+-
Changes (by mikeperry):

 * status:  assigned => needs_review


Comment:

 Patches are in mikeperry/bug24769. I also have spec updates in bug24769 of
 my tor-spec remote.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #24769 [Core Tor/Tor]: Increase client idle and connection timeouts to reduce network load

[Tor Bug Tracker & Wiki]

#24769: Increase client idle and connection timeouts to reduce network load
-+-
 Reporter:  teor |  Owner:
 |  mikeperry
 Type:  defect   | Status:
 |  assigned
 Priority:  High |  Milestone:  Tor:
 |  0.3.3.x-final
Component:  Core Tor/Tor |Version:  Tor:
 |  0.3.1.1-alpha
 Severity:  Normal   | Resolution:
 Keywords:  must-fix-before-033-stable, tor- |  Actual Points:
  client, dos-resistance, 032-backport,  |
  031-backport, 029-backport, 025-backport-  |
  maybe  |
Parent ID:   | Points:  1
 Reviewer:   |Sponsor:
-+-
Changes (by mikeperry):

 * status:  new => assigned
 * owner:  (none) => mikeperry


Comment:

 This also came up in #24228, where we found that Tor was creating a new
 circuit about every 6 seconds with this timeout.

 The goal is to learn a circuit build timeout within 30 minutes, so that
 unused orconn connections aren't padded by the netflow padidng for too
 long while we learn this timeout (which wastes bandwidth for clients that
 want less padding). In #24228, it looked like we may actually learn it
 within 10. So we could make this default 3X slower.

 I will look at this and work on a patch to change the default and make it
 a consensus param.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #24769 [Core Tor/Tor]: Increase client idle and connection timeouts to reduce network load

[Tor Bug Tracker & Wiki]

#24769: Increase client idle and connection timeouts to reduce network load
-+-
 Reporter:  teor |  Owner:  (none)
 Type:  defect   | Status:  new
 Priority:  High |  Milestone:  Tor:
 |  0.3.3.x-final
Component:  Core Tor/Tor |Version:  Tor:
 |  0.3.1.1-alpha
 Severity:  Normal   | Resolution:
 Keywords:  must-fix-before-033-stable, tor- |  Actual Points:
  client, dos-resistance, 032-backport,  |
  031-backport, 029-backport, 025-backport-  |
  maybe  |
Parent ID:   | Points:  1
 Reviewer:   |Sponsor:
-+-
Changes (by teor):

 * parent:  #24716 =>


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #24769 [Core Tor/Tor]: Increase client idle and connection timeouts to reduce network load

[Tor Bug Tracker & Wiki]

#24769: Increase client idle and connection timeouts to reduce network load
-+-
 Reporter:  teor |  Owner:  (none)
 Type:  defect   | Status:  new
 Priority:  High |  Milestone:  Tor:
 |  0.3.3.x-final
Component:  Core Tor/Tor |Version:  Tor:
 |  0.3.1.1-alpha
 Severity:  Normal   | Resolution:
 Keywords:  must-fix-before-033-stable, tor- |  Actual Points:
  client, dos-resistance, 032-backport,  |
  031-backport, 029-backport, 025-backport-  |
  maybe  |
Parent ID:  #24716   | Points:  1
 Reviewer:   |Sponsor:
-+-
Changes (by teor):

 * keywords:
 tor-client, dos-resistance, 032-backport, 031-backport, 029-backport,
 025-backport-maybe
 =>
 must-fix-before-033-stable, tor-client, dos-resistance, 032-backport,
 031-backport, 029-backport, 025-backport-maybe
 * priority:  Medium => High
 * milestone:  Tor: 0.3.2.x-final => Tor: 0.3.3.x-final


Comment:

 We have tags for that,

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #24769 [Core Tor/Tor]: Increase client idle and connection timeouts to reduce network load

[Tor Bug Tracker & Wiki]

#24769: Increase client idle and connection timeouts to reduce network load
-+-
 Reporter:  teor |  Owner:  (none)
 Type:  defect   | Status:  new
 Priority:  Medium   |  Milestone:  Tor:
 |  0.3.2.x-final
Component:  Core Tor/Tor |Version:  Tor:
 |  0.3.1.1-alpha
 Severity:  Normal   | Resolution:
 Keywords:  tor-client, dos-resistance,  |  Actual Points:
  032-backport, 031-backport, 029-backport, 025  |
  -backport-maybe|
Parent ID:  #24716   | Points:  1
 Reviewer:   |Sponsor:
-+-

Comment (by arma):

 This one is important, and we shouldn't forget about it.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #24769 [Core Tor/Tor]: Increase client idle and connection timeouts to reduce network load

[Tor Bug Tracker & Wiki]

#24769: Increase client idle and connection timeouts to reduce network load
-+-
 Reporter:  teor |  Owner:  (none)
 Type:  defect   | Status:  new
 Priority:  Medium   |  Milestone:  Tor:
 |  0.3.2.x-final
Component:  Core Tor/Tor |Version:  Tor:
 |  0.3.1.1-alpha
 Severity:  Normal   | Resolution:
 Keywords:  tor-client, dos-resistance,  |  Actual Points:
  032-backport, 031-backport, 029-backport, 025  |
  -backport-maybe|
Parent ID:  #24716   | Points:  1
 Reviewer:   |Sponsor:
-+-
Changes (by dgoulet):

 * cc: mikeperry (added)


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #24769 [Core Tor/Tor]: Increase client idle and connection timeouts to reduce network load

[Tor Bug Tracker & Wiki]

#24769: Increase client idle and connection timeouts to reduce network load
-+-
 Reporter:  teor |  Owner:  (none)
 Type:  defect   | Status:  new
 Priority:  Medium   |  Milestone:  Tor:
 |  0.3.2.x-final
Component:  Core Tor/Tor |Version:  Tor:
 |  0.3.1.1-alpha
 Severity:  Normal   | Resolution:
 Keywords:  tor-client, dos-resistance,  |  Actual Points:
  032-backport, 031-backport, 029-backport, 025  |
  -backport-maybe|
Parent ID:  #24716   | Points:  1
 Reviewer:   |Sponsor:
-+-
Changes (by teor):

 * keywords:  tor-client, dos-resistance =>
 tor-client, dos-resistance, 032-backport, 031-backport, 029-backport,
 025-backport-maybe


Comment:

 Replying to [comment:1 arma]:
 > Woah. Yeah. So, right now we close circuits 60 seconds after making
 them, even if we opt to make testing circuits much less frequently? That
 is, when we have any predicted ports, we're going to end up churning
 through all our circuits every minute, anyway? That's crummy. It seems
 like the idle-timeout-while-learning should be a function of the
 cbttestfreq?

 Yes, I think we need to make it configurable, and possibly backport the
 change.
 (But not to 0.2.8, because it's not supported as of 1 January 2018.)

 I'm not sure what to do about the regular connection timeout. We should
 check what it was before, and maybe see if it needs to be longer.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #24769 [Core Tor/Tor]: Increase client idle and connection timeouts to reduce network load

[Tor Bug Tracker & Wiki]

#24769: Increase client idle and connection timeouts to reduce network load
+--
 Reporter:  teor|  Owner:  (none)
 Type:  defect  | Status:  new
 Priority:  Medium  |  Milestone:  Tor:
|  0.3.2.x-final
Component:  Core Tor/Tor|Version:  Tor:
|  0.3.1.1-alpha
 Severity:  Normal  | Resolution:
 Keywords:  tor-client, dos-resistance  |  Actual Points:
Parent ID:  #24716  | Points:  1
 Reviewer:  |Sponsor:
+--

Comment (by arma):

 Woah. Yeah. So, right now we close circuits 60 seconds after making them,
 even if we opt to make testing circuits much less frequently? That is,
 when we have any predicted ports, we're going to end up churning through
 all our circuits every minute, anyway? That's crummy. It seems like the
 idle-timeout-while-learning should be a function of the cbttestfreq?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #24769 [Core Tor/Tor]: Increase client idle and connection timeouts to reduce network load

[Tor Bug Tracker & Wiki]

#24769: Increase client idle and connection timeouts to reduce network load
--+
 Reporter:  teor  |  Owner:  (none)
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:  Tor: 0.3.2.x-final
Component:  Core Tor/Tor  |Version:  Tor: 0.3.1.1-alpha
 Severity:  Normal|   Keywords:  tor-client, dos-resistance
Actual Points:|  Parent ID:  #24716
   Points:  1 |   Reviewer:
  Sponsor:|
--+
 These changes were introduced in d5a151a in 0.3.1.1.

 Maybe we should:
 * revert the changes, or increase the values
 * make consensus parameters for them

 {{{
 +/** If we haven't yet decided on a good timeout value for circuit
 + * building, we close idle circuits aggressively so we can get more
 + * data points. */
 +#define IDLE_TIMEOUT_WHILE_LEARNING (1*60)
 }}}
 {{{
 -/** If we haven't yet decided on a good timeout value for circuit
 - * building, we close idles circuits aggressively so we can get more
 - * data points. */
 -#define IDLE_TIMEOUT_WHILE_LEARNING (10*60)
 }}}

 {{{
 +#define CONNTIMEOUT_CLIENTS_BASE 180 // 3 to 4.5 min
 +timeout = CONNTIMEOUT_CLIENTS_BASE
 ++ crypto_rand_int(CONNTIMEOUT_CLIENTS_BASE/2);
 }}}

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs