From fbedb32ee11706b990bc3c2e5ef3e969a8866c8d Mon Sep 17 00:00:00 2001 From: Nick Mathewson Date: Tue, 20 Sep 2005 19:31:34 +0000 Subject: Add a temporary section to dir-spec reflecting what we actually do now. svn:r5097 --- doc/dir-spec.txt | 64 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 64 insertions(+) (limited to 'doc') diff --git a/doc/dir-spec.txt b/doc/dir-spec.txt index 7e331b3fe4..19c2e8485b 100644 --- a/doc/dir-spec.txt +++ b/doc/dir-spec.txt @@ -270,6 +270,70 @@ $Id$ It uses the last-mapped identity value, unless all of the "binding" network status documents bind the name to some other identity. +5.3. Notes on what we do now. + + THIS SECTION SHOULD BE FOLDED INTO THE EARLIER SECTIONS; THEY ARE WRONG; + THIS IS RIGHT. + + All downloaded networkstatuses are discarded once they are 10 days old (by + published date). + + Authdirs download each others' networkstatus every + AUTHORITY_NS_CACHE_INTERVAL minutes (currently 10). + + Directory caches download authorities' networkstatus every + NONAUTHORITY_NS_CACHE_INTERVAL minutes (currently 10). + + Clients always try to replace any networkstatus received over + NETWORKSTATUS_MAX_VALIDITY ago (currently 2 days). Also, when the most + recently received networkstatus is more than + NETWORKSTATUS_CLIENT_DL_INTERVAL (30 minutes) old, and we do not have any + open directory connections fetching a networkstatus, clients try to + download the networkstatus on their list after the most recently received + networkstatus, skipping failed networkstatuses. A networkstatus is + "failed" if NETWORKSTATUS_N_ALLOWABLE_FAILURES (3) attempts in a row have + all failed. + + We do not update router statuses if we have less than half of the + networkstatuses. + + A networkstatus is "live" if it is the most recent we have received signed + by a given trusted authority. + + A networkstatus is "recent" if it is "live" and: + - it was received in the last DEFAULT_RUNNING_INTERVAL (currently 60 + minutes) + OR - it was one of the MIN_TO_INFLUENCE_RUNNING (3) most recently received + networkstatuses. + + Authorities always believe their own opinion as to a router's status. For + other tors: + - a router is valid if more than half of the live networkstatuses think + it's valid. + - a router is named if more than half of the live networkstatuses from + naming authorities think it's named, and they all think it has the + same name. + - a router is running if more than half of the recent networkstatuses + think it's running. + + Everyone downloads router descriptors as follows: + + - If any networkstatus lists a more recently published routerdesc with a + different descriptor digest, and no more than + MAX_ROUTERDESC_DOWNLOAD_FAILURES attempts to retrieve that routerdesc + have failed, then that routerdesc is "downloadable". + + - Every DirFetchInterval, or whenever a request for routerdescs returns + no routerdescs, we launch a set of requests for all downloadable + routerdescs. We divide the downloadable routerdescs into groups of no + more than DL_PER_REQUEST, and send a request for each group to + directory servers chosen independently. + + - We also launch a request as above when a request for routerdescs + fails and we have no directory connections fetching routerdescs. + + + 6. Remaining issues Client-knowledge partitioning is worrisome. Most versions of this don't -- cgit v1.2.3-54-g00ecf