Opened 6 years ago

Last modified 12 months ago

#6772 new enhancement

Fall back to alternative OR or Dir port if the current fails

Reported by: ln5 Owned by:
Priority: Medium Milestone: Tor: unspecified
Component: Core Tor/Tor Version:
Severity: Normal Keywords: ipv6 tor-client tor-hs single-onion robustness address-handling
Cc: Actual Points:
Parent ID: #17835 Points: 1
Reviewer: Sponsor: SponsorV-can

Description

When a client (or relay, when that time comes(*)) fails to connect to
an OR port it should try using another OR port for the relay it's
trying to connect to, if there is one.

(*) relay to relay as well as relay to authority connections

Child Tickets

Change History (9)

comment:1 Changed 6 years ago by nickm

Keywords: tor-client added

comment:2 Changed 6 years ago by nickm

Component: Tor ClientTor

comment:3 Changed 6 years ago by nickm

Milestone: Tor: 0.2.4.x-finalTor: unspecified

comment:4 Changed 4 years ago by teor

Parent ID: #15228

Make #15228 the parent to collect all fallback directory tickets in one place

comment:5 Changed 3 years ago by teor

Parent ID: #15228#17811
Severity: Normal

comment:6 Changed 3 years ago by teor

Fortunately, this ticket is not as necessary as it used to be, because Tor picks a small set of guards / directory guards that it can connect to and sticks with them. Many OR (and some Dir) destinations are actually tunneled via tor, so only the guards' ORPorts actually matter.

One design for this is like #4483:

  • try to connect to the preferred ORPort (address/port)
  • when the connection fails, or if it hasn't succeeded after N seconds, try to connect to the other ORPort (if any)
  • Close all other connection attempts to the same server when the first connects

We might need to do this for some DirPort connections as well.

I think it's OK for us to just try another directory server on failure as we typically do. But if we had reasons to pick that specific server, and we were making a direct connection to it (do we ever do this?), then using the alternate DirPort (address) would be good.

comment:7 Changed 3 years ago by teor

Summary: Fall back to alternative OR port if the current failsFall back to alternative OR or Dir port if the current fails

We discovered in #18348 that we'll definitely need to do this for DirPorts as well. As it's the same code, and some DirPort connections are tunneled, it's best handled in the same place.

comment:8 Changed 18 months ago by nickm

Keywords: robustness address-handling added
Priority: MediumLow

comment:9 Changed 12 months ago by teor

Keywords: tor-hs single-onion added
Parent ID: #17811#17835
Points: 1
Priority: LowMedium
Sponsor: SponsorV-can

Existing client guard code already implements this feature by trying another guard if one fails.
#24403 will make relays retry IPv4 and IPv6 when an EXTEND has both addresses.
#17835 should do the same for client connections to entry nodes.
(If a specific entry node is required (single onion services only?), we should choose an available address at random. If not, we should do what the existing guard code does, and choose another entry node at random - because we are more likely to succeed than a retry.)

Note: See TracTickets for help on using tickets.