diff options
Diffstat (limited to 'doc')
-rw-r--r-- | doc/man/tor.1.txt | 44 |
1 files changed, 37 insertions, 7 deletions
diff --git a/doc/man/tor.1.txt b/doc/man/tor.1.txt index 755cdfee5c..f1fac2214c 100644 --- a/doc/man/tor.1.txt +++ b/doc/man/tor.1.txt @@ -3021,14 +3021,14 @@ Denial of Service mitigation subsystem described above. (Default: auto) -As for onion services, only one possible mitigation exists. It was intended to -protect the network first and thus do not help the service availability or -reachability. +For onion services, mitigations are a work in progress and multiple options +are currently available. -The mitigation we put in place is a rate limit of the amount of introduction -that happens at the introduction point for a service. In other words, it rates -limit the number of clients that are attempting to reach the service at the -introduction point instead of at the service itself. +The introduction point defense is a rate limit on the number of introduction +requests that will be forwarded to a service by each of its honest +introduction point routers. This can prevent some types of overwhelming floods +from reaching the service, but it will also prevent legitimate clients from +establishing new connections. The following options are per onion service: @@ -3082,6 +3082,36 @@ The bottom line is that this protects the network by preventing an onion service to flood the network with new rendezvous circuits that is reducing load on the network. +A secondary mitigation is available, based on prioritized dispatch of rendezvous +circuits for new connections. The queue is ordered based on effort a client +chooses to spend at computing a proof-of-work function. + +The following options are per onion service: + +[[HiddenServicePoWDefensesEnabled]] **HiddenServicePoWDefensesEnabled** **0**|**1**:: + + Enable proof-of-work based service DoS mitigation. If set to 1 (enabled), + tor will include parameters for an optional client puzzle in the encrypted + portion of this hidden service's descriptor. Incoming rendezvous requests + will be prioritized based on the amount of effort a client chooses to make + when computing a solution to the puzzle. The service will periodically update + a suggested amount of effort, based on attack load, and disable the puzzle + entirely when the service is not overloaded. + (Default: 0) + +[[HiddenServicePoWQueueRate]] **HiddenServicePoWQueueRate** __NUM__:: + + The sustained rate of rendezvous requests to dispatch per second from + the priority queue. Has no effect when proof-of-work is disabled. + If this is set to 0 there's no explicit limit and we will process + requests as quickly as possible. + (Default: 250) + +[[HiddenServicePoWQueueBurst]] **HiddenServicePoWQueueBurst** __NUM__:: + + The maximum burst size for rendezvous requests handled from the + priority queue at once. (Default: 2500) + == DIRECTORY AUTHORITY SERVER OPTIONS |