blob: 4dddf9f61e0fdc7d3e660d52c39b5a77b8436901 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
|
<a id="tor-spec.txt-8"></a>
# Handling resource exhaustion
<a id="tor-spec.txt-8.1"></a>
## Memory exhaustion
(See also ["Denial-of-service prevention mechanisms in Tor"](../dos-spec.md).)
If RAM becomes low, an OR should begin destroying circuits until
more memory is free again. We recommend the following algorithm:
- Set a threshold amount of RAM to recover at 10% of the total RAM.
- Sort the circuits by their 'staleness', defined as the age of the
oldest data queued on the circuit. This data can be:
* Bytes that are waiting to flush to or from a stream on that
circuit.
* Bytes that are waiting to flush from a connection created with
BEGIN_DIR.
* Cells that are waiting to flush or be processed.
- While we have not yet recovered enough RAM:
* Free all memory held by the most stale circuit, and send DESTROY
cells in both directions on that circuit. Count the amount of
memory we recovered towards the total.
|
