From 813a0f8c40d57390412ce9dc52ef503d80e1f474 Mon Sep 17 00:00:00 2001 From: Nick Mathewson Date: Fri, 18 Jan 2013 13:24:14 -0500 Subject: Compute whether we're ready to build circuits based on fraction of paths Previously we did this based on the fraction of descriptors we had. But really, we should be going based on what fraction of paths we're able to build based on weighted bandwidth, since otherwise a directory guard or two could make us behave quite oddly. Implementation for feature 5956 --- changes/feature5956 | 6 ++++++ 1 file changed, 6 insertions(+) create mode 100644 changes/feature5956 (limited to 'changes') diff --git a/changes/feature5956 b/changes/feature5956 new file mode 100644 index 0000000000..dbc6a1ef80 --- /dev/null +++ b/changes/feature5956 @@ -0,0 +1,6 @@ + o Major features: + - When deciding whether we have enough descriptors to build circuits, + instead of looking at raw circuit counts, look at which fraction of + (bandwidth-weighted) paths we're able to build. This approach keeps + clients from building circuits if their paths are likely to stand out + statistically. Fixes issue 5956. -- cgit v1.2.3-54-g00ecf From 02c320916e025eca63d0ae23aa4f610095c7857c Mon Sep 17 00:00:00 2001 From: Nick Mathewson Date: Tue, 29 Jan 2013 11:05:13 -0500 Subject: Parameterize FRAC_USABLE_NEEDED for fraction of circuits Instead of hardcoding the minimum fraction of possible paths to 0.6, we take it from the user, and failing that from the consensus, and failing that we fall back to 0.6. --- changes/feature5956 | 4 +++- doc/tor.1.txt | 12 ++++++++++++ src/or/config.c | 13 +++++++++++++ src/or/nodelist.c | 21 +++++++++++++++++---- src/or/or.h | 3 +++ 5 files changed, 48 insertions(+), 5 deletions(-) (limited to 'changes') diff --git a/changes/feature5956 b/changes/feature5956 index dbc6a1ef80..2e18810588 100644 --- a/changes/feature5956 +++ b/changes/feature5956 @@ -3,4 +3,6 @@ instead of looking at raw circuit counts, look at which fraction of (bandwidth-weighted) paths we're able to build. This approach keeps clients from building circuits if their paths are likely to stand out - statistically. Fixes issue 5956. + statistically. The default fraction of paths needed is taken from the + consensus directory; you can override it with the new + PathsNeededToBuildCircuits option. Fixes issue 5956. diff --git a/doc/tor.1.txt b/doc/tor.1.txt index 40cf66dbc4..2b616bd26c 100644 --- a/doc/tor.1.txt +++ b/doc/tor.1.txt @@ -1282,6 +1282,18 @@ The following options are useful only for clients (that is, if things may influence the choice. This option breaks a tie to the favor of IPv6. (Default: 0) +**PathsNeededToBuildCircuits** __NUM__:: + Tor clients don't build circuits for user traffic until they know + about enough of the network so that they could potentially construct + enough of the possible paths through the network. If this option + is set to a fraction between 0.25 and 0.95, Tor won't build circuits + until it has enough descriptors or microdescriptors to construct + that fraction of possible paths. Note that setting this option too low + can make your Tor client less anonymous, and setting it too high can + prevent your Tor client from bootstrapping. If this option is negative, + Tor will use a default value chosen by the directory + authorities. (Default: -1.) + SERVER OPTIONS -------------- diff --git a/src/or/config.c b/src/or/config.c index 4349b670b0..e503645468 100644 --- a/src/or/config.c +++ b/src/or/config.c @@ -325,6 +325,7 @@ static config_var_t option_vars_[] = { V(PathBiasDropGuards, AUTOBOOL, "0"), V(PathBiasUseCloseCounts, AUTOBOOL, "1"), + V(PathsNeededToBuildCircuits, DOUBLE, "-1"), OBSOLETE("PathlenCoinWeight"), V(PerConnBWBurst, MEMUNIT, "0"), V(PerConnBWRate, MEMUNIT, "0"), @@ -2386,6 +2387,18 @@ options_validate(or_options_t *old_options, or_options_t *options, return -1; } + if (options->PathsNeededToBuildCircuits >= 0.0) { + if (options->PathsNeededToBuildCircuits < 0.25) { + log_warn(LD_CONFIG, "PathsNeededToBuildCircuits is too low. Increasing " + "to 0.25"); + options->PathsNeededToBuildCircuits = 0.25; + } else if (options->PathsNeededToBuildCircuits < 0.95) { + log_warn(LD_CONFIG, "PathsNeededToBuildCircuits is too high. Decreasing " + "to 0.95"); + options->PathsNeededToBuildCircuits = 0.95; + } + } + if (options->MaxClientCircuitsPending <= 0 || options->MaxClientCircuitsPending > MAX_MAX_CLIENT_CIRCUITS_PENDING) { tor_asprintf(msg, diff --git a/src/or/nodelist.c b/src/or/nodelist.c index 77e4ae0fed..4d7395b047 100644 --- a/src/or/nodelist.c +++ b/src/or/nodelist.c @@ -1387,6 +1387,22 @@ count_loading_descriptors_progress(void) BOOTSTRAP_STATUS_LOADING_DESCRIPTORS)); } +/** Return the fraction of paths needed before we're willing to build + * circuits, as configured in options, or in the consensus ns. */ +static double +get_frac_paths_needed_for_circs(const or_options_t *options, + const networkstatus_t *ns) +{ +#define DFLT_PCT_USABLE_NEEDED 60 + if (options->PathsNeededToBuildCircuits >= 1.0) { + return options->PathsNeededToBuildCircuits; + } else { + return networkstatus_get_param(ns, "min_paths_for_circs_pct", + DFLT_PCT_USABLE_NEEDED, + 25, 95)/100.0; + } +} + /** Change the value of have_min_dir_info, setting it true iff we have enough * network and router information to build circuits. Clear the value of * need_to_update_have_min_dir_info. */ @@ -1428,10 +1444,7 @@ update_router_have_minimum_dir_info(void) &num_present, &num_usable, &status); -/* What fraction of desired paths do we need before we will build circuits? */ -#define FRAC_USABLE_NEEDED .6 - - if (paths < FRAC_USABLE_NEEDED) { + if (paths < get_frac_paths_needed_for_circs(options,consensus)) { tor_snprintf(dir_info_status, sizeof(dir_info_status), "We need more %sdescriptors: we have %d/%d, and " "can only build %02d%% of likely paths. (We have %s.)", diff --git a/src/or/or.h b/src/or/or.h index a6f3d3e88a..4c76adf98f 100644 --- a/src/or/or.h +++ b/src/or/or.h @@ -3918,6 +3918,9 @@ typedef struct { /** Autobool: should we use the ntor handshake if we can? */ int UseNTorHandshake; + + /** Fraction: */ + double PathsNeededToBuildCircuits; } or_options_t; /** Persistent state for an onion router, as saved to disk. */ -- cgit v1.2.3-54-g00ecf