Opened 7 years ago

Closed 4 years ago

#9646 closed enhancement (implemented)

Feature request: add torrc option to specify max physical RAM to use

Reported by: gmorehouse Owned by:
Priority: Medium Milestone: Tor: unspecified
Component: Core Tor/Tor Version: Tor: unspecified
Severity: Normal Keywords: tor-relay, 025-deferrable, needs-design, tor-03-unspecified-201612
Cc: anong Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

It would be quite helpful for low-resource relays to be able to specify a "you shall not pass" parameter in terms of physical RAM that Tor is allowed to use. I'm not sure, if Tor runs out, how it should deal with this (refuse all new circuit creation requests until usage declines?) because I don't know the Tor internals. But this would be helpful keeping low-resource nodes more reliable, especially during DDOS conditions.

Child Tickets

Change History (11)

comment:1 Changed 7 years ago by nickm

Keywords: tor-relay 025-deferrable needs-design added
Milestone: Tor: 0.2.5.x-final

I'd love to have one of these, but it's going to be a lot of work. We have a start already in the OOM killer that starts eliminating circuits once the number of cells allocated is too high, but making it cover all the RAM in tor is going to be a challenge. Probably we'd get some benefit from having it cover only the greediest memory-users in the code?

comment:2 Changed 7 years ago by gmorehouse

Out of curiosity, and please redirect me to the mailing list if this is a poor place to ask this, but how do you tell that the number of allocated cells is getting too high?

I think even if the option were something like this...

PhysicalMemoryMaxHint = 400MB

...which would be viewed as a 'soft cap' which tor might exceed, it may very well be useful on low-resource machines like the Raspberry Pi. tor could use it as an 'advisory parameter' and increase the aggressiveness of its OOM killer (or something else, or multiple somethings) when it saw it was nearing that limit.

Last edited 7 years ago by gmorehouse (previous) (diff)

comment:3 in reply to:  2 Changed 7 years ago by nickm

Replying to gmorehouse:

Out of curiosity, and please redirect me to the mailing list if this is a poor place to ask this, but how do you tell that the number of allocated cells is getting too high?

Not sure if this answers your question, but the magic option here is "MaxMemInCellQueues."

comment:4 Changed 7 years ago by gmorehouse

If MaxMemInCellQueues is not set, is it then unlimited?

Do cell queues typically consume the lion's share of memory in a stable Tor relay that's been up for a few weeks and is forwarding a few Mbps of traffic?

Maybe setting this can help to some degree for now on low-RAM relays. It's brand new, not even in stable (as the changelog I found told me), so it's not documented in the online manual yet.

comment:5 Changed 7 years ago by gmorehouse

Aha! I tried to set this to 384MB on my Raspberry Pi:

Starting tor daemon...Sep 04 10:07:03.628 [warn] MaxMemInCellQueues must be at least 500 MB for now. Ideally, have it as large as you can afford. done.

The Pi, as I have it configured, only has 485MB RAM free at the first prompt after booting. Should I open a separate ticket about that or just leave the observation in this one?

comment:6 Changed 7 years ago by gmorehouse

I opened #9686 about the too-high minimum for MaxMemInCellQueues issue.

I think this particular issue is different (a global maximum RAM usage limit) and should be considered due to the utility on single-board computers, which could be a cheap way to greatly increase the capacity of the Tor network.

comment:7 Changed 7 years ago by anong

Cc: anong added

comment:8 Changed 7 years ago by nickm

Milestone: Tor: 0.2.5.x-finalTor: 0.2.???

comment:9 Changed 4 years ago by teor

Milestone: Tor: 0.2.???Tor: 0.3.???

Milestone renamed

comment:10 Changed 4 years ago by nickm

Keywords: tor-03-unspecified-201612 added
Milestone: Tor: 0.3.???Tor: unspecified

Finally admitting that 0.3.??? was a euphemism for Tor: unspecified all along.

comment:11 Changed 4 years ago by nickm

Resolution: implemented
Severity: Normal
Status: newclosed

MaxMemInQueues is now an all-purpose memory limiter option, though it should get renamed.

Note: See TracTickets for help on using tickets.