I don't quite understand the last calculation. "if all 65535 connections on an IP were open" => I'm guessing you mean ports "the biggest Tor Guard has 0.91% Guard probability" => percentage of all entries into the network handled by this guard
=> 0.91% of all user connections but how many user connections are there at a time? and then don't understand how probability and ports availability can be combined? Please elaborate. Thanks On Mon, 18 Dec 2017 at 23:11 teor <[email protected]> wrote: > > > On 19 Dec 2017, at 08:38, Toralf Förster <[email protected]> wrote: > > > > On 12/17/2017 10:24 PM, teor wrote: > >> Using 256 per IP is probably reasonable. > > > > Is this a rather arbitrary limit or does this limit fit the use of NATed > addresses entirely ? > > That's an arbitrary safe upper bound. > > The number of active connections that can be NATed per IP address is > limited by the number of ports: 65535. (Technically, it's 65535 per > remote IP address and port, but most NATs don't have that much RAM > or bandwidth.) > > Also, genuine users behind a NAT would likely have multiple Tor and > non-Tor connections open. And spare ports are needed for NAT to manage > port churn and the TCP delay wait state on connection close. > > To be more precise: > * if all 65535 connections on an IP were open to the Tor network, and > * the biggest Tor Guard has 0.91% Guard probability[0], then > * it would expect to see 597 connections. > > Feel free to do the sums for your own guard's probability. > > (We are aware of the issue, and we are working on a more permanent fix.) > > [0]: > https://atlas.torproject.org/#details/9844B981A80B3E4B50897098E2D65167E6AEF127 > > > T > > -- > Tim Wilson-Brown (teor) > > teor2345 at gmail dot com > PGP C855 6CED 5D90 A0C5 29F6 4D43 450C BA7F 968F 094B > ricochet:ekmygaiu4rzgsk6n > xmpp: teor at torproject dot org > ------------------------------------------------------------------------ > > > > _______________________________________________ > tor-relays mailing list > [email protected] > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays >
_______________________________________________ tor-relays mailing list [email protected] https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
