#22309 closed task (implemented)

How many relays change IP addresses a lot and also get the Guard flag?

Reported by: arma Owned by: metrics-team
Priority: Medium Milestone:
Component: Metrics/Analysis Version:
Severity: Normal Keywords:
Cc: karsten Actual Points:
Parent ID: #22308 Points:
Reviewer: Sponsor:

Description

In #22308 I suggest resetting the stability tracking of relays when they change IP addresses, to better tolerate having identity keys seized from guards.

The upside is clear, but the cost is less clear. Do we have a lot of relays right now who change IP addresses and also get the Guard flag? If so, are they big guards?

This sounds like a job for the metrics team! :)

Child Tickets

Change History (8)

comment:1 Changed 14 months ago by cypherpunks

I looked at one month of data (2017-03) and found 77 guard-only relays which changed their IP at least once.

More detailed data:
https://gist.github.com/nusenu/bebbc230de7cab6a89f122d2d02c6ab6

I hope you are not punishing guards for changing their IP by reseting their reputation, because:

  • attackers can keep the same IP address (making this safeguard ineffective)
  • this would negate the protection operators get by running in OfflineMasterKey mode
Last edited 14 months ago by cypherpunks (previous) (diff)

comment:2 Changed 14 months ago by cypherpunks

Also note: that table on gist only shows unique IP addresses per guard-only relay, if a relay used only two public IP addresses but changed them every hour the counter still says 2 only.

Last edited 14 months ago by cypherpunks (previous) (diff)

comment:3 Changed 14 months ago by arma

Can you do up a version of the table that has a "consensus weight" column and a "relay bandwidth" column?

And even better, compare this set of guards to the entire set of guards? That is, is it 1% of the guards by consensus weight or by relay bandwidth?

comment:4 in reply to:  1 Changed 14 months ago by arma

Replying to cypherpunks:

I hope you are not punishing guards for changing their IP by reseting their reputation

That is indeed the question at hand.

I answer the rest of your question over on #22308, so we can keep the discussions straight.

comment:5 in reply to:  3 Changed 14 months ago by cypherpunks

Replying to arma:

Can you do up a version of the table that has a "consensus weight" column and a "relay bandwidth" column?

Which bw would you like? (bandwidth_rate, observed_bandwidth, advertised_bandwidth)
https://onionoo.torproject.org/#details

Last edited 14 months ago by cypherpunks (previous) (diff)

comment:6 in reply to:  3 Changed 14 months ago by cypherpunks

ok, ignore the bw question.

Replying to arma:

And even better, compare this set of guards to the entire set of guards? That is, is it 1% of the guards by consensus weight or by relay bandwidth?

I think what you actually care about is guard_probability, so I'll add that and ignore the rest.

comment:7 in reply to:  3 Changed 14 months ago by nusenu

Replying to arma:

Can you do up a version of the table that has a "consensus weight" column and a "relay bandwidth" column?

I added a table with a guard_probability column.
https://gist.github.com/nusenu/bebbc230de7cab6a89f122d2d02c6ab6

And even better, compare this set of guards to the entire set of guards? That is, is it 1% of the guards by consensus weight or by relay bandwidth?

Worst-case (sum of their monthly max. guard_probability): 3.25% (not necessarily happened at the same point in time)

Last edited 14 months ago by nusenu (previous) (diff)

comment:8 Changed 13 months ago by arma

Resolution: implemented
Status: newclosed

Ok. So the conclusion is "most relays that get the Guard flag have their IP address for many weeks." Great.

Note: See TracTickets for help on using tickets.