Opened 10 years ago

Closed 10 years ago

Last modified 7 years ago

#1373 closed defect (fixed)

Deadly decreasing traffic to 6-15 Kbyte/s after 2 hours tor-server work

Reported by: aynvudo Owned by: phobos
Priority: Medium Milestone:
Component: Core Tor/Tor Version: Tor: 0.2.1.25
Severity: Keywords: RNG Failing entropy connections traffic ulimit
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

Before the fallowing messages occur
the unlimited traffic was about 1Mbyte/s (limited only by ISP),
the number of connections was 1500-2000 and permanently increased.

Apr 25 04:56:08.500 [Warning] Failing because we have 4063 connections already. Please raise your ulimit -n.
Apr 25 07:02:30.031 [Warning] Cannot seed RNG -- no entropy source found.
Apr 25 09:02:31.562 [Warning] Cannot seed RNG -- no entropy source found.
Apr 25 10:02:32.781 [Warning] Cannot seed RNG -- no entropy source found.
Apr 25 10:56:09.296 [Warning] Failing because we have 4063 connections already. Please raise your ulimit -n.
Apr 25 12:02:34.734 [Warning] Cannot seed RNG -- no entropy source found.
Apr 25 13:02:36.046 [Warning] Cannot seed RNG -- no entropy source found.
Apr 25 14:02:36.968 [Warning] Cannot seed RNG -- no entropy source found.

But according to only one, "common/crypto.c", line 1826: log_warn(LD_CRYPTO, "Cannot seed RNG -- no entropy source found.");
and the block before that

static const char *filenames[] = {

"/dev/srandom", "/dev/urandom", "/dev/random", NULL

};

there is a /dev/random:
# ls -1l /dev/random
# crw-r--r-- 1 root root 1, 8 Aug 31 2002 /dev/random

There are two OpenSSL installations: the original from RHL distribution and in the /usr/local/ssl (OpenSSL 0.9.8l 5 Nov 2009).

After the messages above and 2 working hours the traffic became about 6-15 Kbyte/s, the number of connections became about 4078.
This behavior I see last two months. But before this months the tor-server 0.2.1.21 works fine and now I built on RHL tor 0.2.1.25 that has the same symptom.

Also take into account lowering of number of Tor-servers from 1800-1900 in January and 1200-1400 now. I think, the problem above could lead to this.

The some last contents of /usr/local/var/log/tor/notices.log

Apr 23 03:04:01.070 [notice] Tor 0.2.1.25 opening log file.
Apr 23 03:04:01.074 [notice] Parsing GEOIP file.
Apr 23 03:04:01.701 [notice] OpenSSL OpenSSL 0.9.8l 5 Nov 2009 looks like version 0.9.8l; I will try SSL3_FLAGS to enable renegotation.
Apr 23 03:04:04.325 [notice] We now have enough directory information to build circuits.
Apr 23 03:04:04.325 [notice] Bootstrapped 80%: Connecting to the Tor network.
Apr 23 03:04:04.449 [notice] Bootstrapped 85%: Finishing handshake with first hop.
Apr 23 03:04:04.966 [notice] Bootstrapped 90%: Establishing a Tor circuit.
Apr 23 03:04:07.896 [notice] Tor has successfully opened a circuit. Looks like client functionality is working.
Apr 23 03:04:07.896 [notice] Bootstrapped 100%: Done.
Apr 23 03:04:12.329 [notice] Self-testing indicates your ORPort is reachable from the outside. Excellent. Publishing server descriptor.
Apr 23 03:04:50.256 [notice] Self-testing indicates your DirPort is reachable from the outside. Excellent.
Apr 23 03:05:09.624 [notice] Performing bandwidth self-test...done.
Apr 23 08:45:42.214 [warn] Failing because we have 8159 connections already. Please raise your ulimit -n.
Apr 23 14:45:43.224 [warn] Failing because we have 8179 connections already. Please raise your ulimit -n.
Apr 23 18:04:19.638 [warn] Cannot seed RNG -- no entropy source found.
Apr 23 19:04:20.699 [warn] Cannot seed RNG -- no entropy source found.
Apr 23 20:04:22.022 [warn] Cannot seed RNG -- no entropy source found.
Apr 23 20:45:44.027 [warn] Failing because we have 8180 connections already. Please raise your ulimit -n.
Apr 23 21:04:23.100 [warn] Cannot seed RNG -- no entropy source found.
Apr 24 00:04:26.831 [warn] Cannot seed RNG -- no entropy source found.
Apr 24 02:45:57.676 [warn] Failing because we have 8161 connections already. Please raise your ulimit -n.
Apr 24 20:47:45.654 [warn] Failing because we have 8159 connections already. Please raise your ulimit -n.
Apr 24 22:04:48.278 [warn] Cannot seed RNG -- no entropy source found.
Apr 24 23:04:49.623 [warn] Cannot seed RNG -- no entropy source found.
Apr 25 01:04:51.865 [warn] Cannot seed RNG -- no entropy source found.
Apr 25 02:47:47.053 [warn] Failing because we have 8181 connections already. Please raise your ulimit -n.
Apr 25 03:04:53.733 [warn] Cannot seed RNG -- no entropy source found.
Apr 25 03:53:40.586 [notice] Interrupt: will shut down in 30 seconds. Interrupt again to exit now.
Apr 25 03:54:10.605 [notice] Clean shutdown finished. Exiting.
Apr 25 03:58:54.261 [notice] Tor 0.2.1.25 opening log file.
Apr 25 03:58:54.313 [notice] Parsing GEOIP file.
Apr 25 03:58:55.038 [notice] OpenSSL OpenSSL 0.9.8l 5 Nov 2009 looks like version 0.9.8l; I will try SSL3_FLAGS to enable renegotation.
Apr 25 03:59:03.156 [notice] We now have enough directory information to build circuits.
Apr 25 03:59:03.156 [notice] Bootstrapped 80%: Connecting to the Tor network.
Apr 25 03:59:03.318 [notice] Bootstrapped 85%: Finishing handshake with first hop.
Apr 25 03:59:03.941 [notice] Self-testing indicates your ORPort is reachable from the outside. Excellent. Publishing server descriptor.
Apr 25 03:59:04.548 [notice] Bootstrapped 90%: Establishing a Tor circuit.
Apr 25 03:59:08.890 [notice] Tor has successfully opened a circuit. Looks like client functionality is working.
Apr 25 03:59:08.890 [notice] Bootstrapped 100%: Done.
Apr 25 04:00:09.977 [notice] Self-testing indicates your DirPort is reachable from the outside. Excellent.
Apr 25 04:00:10.770 [notice] Performing bandwidth self-test...done.
Apr 25 04:52:44.677 [warn] Failing because we have 4063 connections already. Please raise your ulimit -n.
Apr 25 06:59:06.377 [warn] Cannot seed RNG -- no entropy source found.
Apr 25 08:59:08.079 [warn] Cannot seed RNG -- no entropy source found.
Apr 25 09:59:09.377 [warn] Cannot seed RNG -- no entropy source found.
Apr 25 10:52:45.995 [warn] Failing because we have 4063 connections already. Please raise your ulimit -n.
Apr 25 11:59:11.488 [warn] Cannot seed RNG -- no entropy source found.
Apr 25 12:59:12.760 [warn] Cannot seed RNG -- no entropy source found.
Apr 25 13:59:13.896 [warn] Cannot seed RNG -- no entropy source found.
Apr 25 16:52:46.955 [warn] Failing because we have 4085 connections already. Please raise your ulimit -n.

Child Tickets

Change History (5)

comment:1 Changed 10 years ago by phobos

Milestone: Tor: 0.2.1.26
Owner: set to phobos
Priority: blockernormal
Status: newaccepted

comment:2 Changed 10 years ago by phobos

You're seeing a combination of two problems. The latest 0.2.1.26/0.2.2.13-alpha fixes the connection flooding problem. You should upgrade and this problem should go away.

comment:3 Changed 10 years ago by aynvudo

Resolution: fixed
Status: acceptedclosed

Yes, these are the two problems composing third.
0.2.1.26 fixes connection flooding problem and Tor-server works with 800-1000 connections and adequate traffic. I can't check if the second problem is fixed. But now there are no messages "Cannot seed RNG" after two weeks Tor-server running.

comment:4 Changed 8 years ago by karsten

Milestone: Tor: 0.2.1.26

Removing the milestone. This use of milestones ("Major bug in X, must fix in X+1!") isn't how milestones are supposed to work. The idea should be that we're collecting tickets that are blocking, e.g., a stable release of a major version. Then we can see how much work remains before calling the version stable.

Also, I'm preparing to delete that milestone and this is the last remaining ticket in it.

comment:5 Changed 7 years ago by nickm

Component: Tor RelayTor
Note: See TracTickets for help on using tickets.