Opened 10 years ago

Closed 9 years ago

Last modified 7 years ago

#1356 closed defect (fixed)

Number of connections increases rapidly.

Reported by: mfo Owned by:
Priority: Low Milestone:
Component: Core Tor/Tor Version: 0.2.1.25
Severity: Keywords:
Cc: mfo, Sebastian, nickm, arma Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description (last modified by arma)

After upgrading CentOS (RedHat) OpenSSL to version
0.9.8e-12.el5_4.6.i686 (backported) my relay stopped working (see
weeek 13 in attached month graph) with no signs of problem in the log.

Then after help from #tor, one authority server administrator saw a
problem in my connection attempts. I downgraded my OpenSSL to version
0.9.8e-12.el5_4.1.i686. As a result I got the descriptor published and
it seemed to work ok.

Since then the connections has grown and grown to the limits of the
relays virtual server capacity leaving it unresponsive (see week 14).
Then after restart it regained a too large number of connections very
rapid (see attached day graph).

After consulting #tor again (thanks for great help and kindness!) I
become aware of that I have lost the stable flag and should try to
shut down the relay for a day and then restart configured with
'MaxAdvertisedBandwith to 20KBytes' for a while to regain the
stable-flag.

(Tor-relay version 0.2.1.25 (torproject rpm) on Cent-OS 5 in OpenVZ
virtual container. Configured bandwitdth 100KB and 200KB burst.)

I will report back if or if not this solves the problem.

[Automatically added by flyspray2trac: Operating System: Redhat/CentOS Linux]

Child Tickets

Attachments (4)

tor-netstat-day.png (22.5 KB) - added by mfo 10 years ago.
Day graph.
tor-netstat-month.png (25.2 KB) - added by mfo 10 years ago.
Month graph.
tor-netstat-day-second-try.png (21.8 KB) - added by mfo 10 years ago.
Decreasing after one day rest and DirPort of.
tor-netstat-day-solved.png (24.3 KB) - added by mfo 10 years ago.

Download all attachments as: .zip

Change History (11)

Changed 10 years ago by mfo

Attachment: tor-netstat-day.png added

Day graph.

Changed 10 years ago by mfo

Attachment: tor-netstat-month.png added

Month graph.

comment:1 Changed 10 years ago by arma

Interesting. Nothing springs to mind immediately.

If it were the guard flag you were getting or losing, I'd have a theory (since
a totally different set of Tors connect to you depending on whether you have that
flag).

My guess is that getting or losing the Stable flag is a coincidence.

If you try turning your DirPort off, does that help things?

comment:2 Changed 10 years ago by mfo

Update:

I started tor again after one day off.

Now with MaxAdvertisedBandwith to 20KBytes.
The number of connections started to grow rapidly again.

So I restarted with DirPort off and without MaxAdvertisedBandwith option.
The connections started to grow rapidly again.

I thougt oh well, strange but then after a while now the connections are starting to drop so maybe it will get stable gain, I have to follow up.

I try to attach a new graph tor-netstat-day-second-try.png to this task.

Thanks for your help.

Cheers!

Changed 10 years ago by mfo

Decreasing after one day rest and DirPort of.

comment:3 Changed 10 years ago by mfo

After reading message

http://archives.seul.org/or/talk/Apr-2010/msg00186.html

about ssl issue probably solved in alpha on or-talk I now tried to upgrade to

Tor 0.2.2.12-alpha (git-3d8879a04da79b01)

and upgraded openssl to official centos version 0.9.8e-12.el5_4.6 again.

I looks like it is working as it should because I get traffic and connections as normal in munin so far and nothing strange in the log.

But I still run with DirPort off because of the huge number of connections (I am following the thread in or-talk).

Recently I have got my virtual server limits increased and will experiment with enabling the directory server again later...

Changed 10 years ago by mfo

Attachment: tor-netstat-day-solved.png added

comment:4 Changed 10 years ago by mfo

With new tor 0.2.2.13-alpha the connection problem is solved. I can
now run directory server without any for me visible problems. Thanks!

I attach file tor-netstat-day-solved.png to show how little the
connections invreased from running 0.2.2.11-alpha without directory
server and now with directory server at 100KBytes (200KBytes burst)
bandwith throttle.

comment:5 in reply to:  4 Changed 10 years ago by mfo

Replying to mfo:

connections invreased from running 0.2.2.11-alpha without directory

Spellcheck: invreased = increased and the version I upgraded from was 0.2.2.12-alpha.

comment:6 in reply to:  4 Changed 9 years ago by arma

Description: modified (diff)
Resolution: Nonefixed
Status: newclosed

Replying to mfo:

With new tor 0.2.2.13-alpha the connection problem is solved. I can
now run directory server without any for me visible problems. Thanks!

Sounds great. I'm going to close this one as fixed then. Thanks!

comment:7 Changed 7 years ago by nickm

Component: Tor RelayTor
Note: See TracTickets for help on using tickets.