> How much worse?

During the Montreal tor dev meeting I counted 1947 circuit build failures.

> And where did you scan *from*?

I scaned from a server in the Netherlands.

> (It's hard to interpret the results without the latency and quality of your
> client connection.)

I can record latency. What do you mean by quality? I mean... I'm not using these
circuits to actually send and receive stuff.

> Also, we have just deployed defences to exactly this kind of rapid circuit
> or connection building by a single client. I wonder if your client triggered
> those defences. The circuit defences would likely cause timeouts, and
> the connection defences would likely cause failures.

aha! That might explain the terrible results, hopefully it's not that network
health has gotten worse in the last six months.

> I also wonder if your client triggered custom defences on some relays.

I doubt it. I am not making sequential circuits to the same relays. The
relays choosen for each circuit builds are generated from a shuffle.
> You might get better results if you scan more slowly.
> Try to stay under 1 circuit every 3 seconds to each relay from

OK. I will try this. The scan will take longer but hopefully produce
more accurate and useful results.

> your IP address. Try to stay under 50 connections to the same
> relay from your IP address.

hmm OK. I can limit the number of concurrenct circuits that are being
built but I do not believe that txtorcon let's me control the number
of "connections" that little-t tor makes.

> I'm going from memory, check the Tor man page, dir-spec, and
> the consensus for the latest DDoS parameter values.

Attachment: signature.asc
Description: PGP signature

tor-dev mailing list

Reply via email to