Opened 2 years ago

Closed 2 weeks ago

#24768 closed defect (wontfix)

Increase nf_conntimeout_clients to 5 hours

Reported by: teor Owned by:
Priority: Medium Milestone:
Component: Core Tor/DirAuth Version:
Severity: Normal Keywords:
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

Maybe we should experiment with making the client circuit timeout higher.

It defaults to 30 minutes. It's new in 0.3.1.

+#define CIRCTIMEOUT_CLIENTS_DFLT (30*60) // 30 minutes
+#define CIRCTIMEOUT_CLIENTS_MIN 60
+#define CIRCTIMEOUT_CLIENTS_MAX (24*60*60) // 24 hours
+    timeout = networkstatus_get_param(NULL, "nf_conntimeout_clients",
+        CIRCTIMEOUT_CLIENTS_DFLT,
+        CIRCTIMEOUT_CLIENTS_MIN,
+        CIRCTIMEOUT_CLIENTS_MAX);

Child Tickets

Change History (7)

comment:1 Changed 2 years ago by mikeperry

What is the theory that makes you think this is a good idea? Raising this value to 5 hours will mean that clients keep otherwise unused circuits opened for 5 hours, which means more memory use at relays for these open circuits. Additionally, it means that the OR connections to the relays will also be held open and padded for 5 hours, resulting in bandwidth overhead and higher overall connection counts. As I see it, this could make things much, much worse.

comment:2 Changed 2 years ago by teor

The theory is that these new clients are building a lot of circuits, then closing them immediately, so we should make them wait longer. But you're right, increasing this parameter won't help with that.

Do you think we should reduce it to try and free up more circuit RAM?

comment:3 Changed 2 years ago by teor

Status: newneeds_information

comment:4 Changed 2 years ago by arma

I think we should close this one as wontfix.

Unless we were waiting for different information than that? :)

comment:5 Changed 2 years ago by teor

This is the question I'm waiting to see answered:

Does anyone think we should reduce nf_conntimeout_clients from 1800 to 900 to try and free up more circuit file descriptors and RAM?

comment:6 Changed 2 years ago by teor

Parent ID: #24716

comment:7 Changed 2 weeks ago by dgoulet

Resolution: wontfix
Status: needs_informationclosed

Does anyone think we should reduce nf_conntimeout_clients from 1800 to 900 to try and free up more circuit file descriptors and RAM?

I would say today that relays are not under heavy resources pressure unless a big DDoS happens but we improved quite a bit tor in the last years on that front.

So I would say *no*.

Closing here since it has been 2 years and no consensus. We can re-open once we see a good reason to do so.

Note: See TracTickets for help on using tickets.