On Wed, Sep 28, 2022 at 09:40:37AM -0600, David Fifield wrote:
No, not really. The problem is not the total number of 127.0.0.1 four-tuples in use — there are ≈2^32 of those — it's when one end has a fixed port number. The bottleneck in this case is the link between snowflake-server and haproxy (see diagram): https://gitlab.torproject.org/tpo/anti-censorship/team/-/wikis/Survival-Guid...
My analysis here was incomplete. It is true that when counting distinct four-tuples the total number of sockets does not really matter. But there's another constraint to consider, which is the limited number of ephemeral ports to use in source addresses in localhost connections. We have actually been running into into this problem the past 2 days ("cannot assign requested address"):
https://bugs.torproject.org/tpo/anti-censorship/pluggable-transports/snowfla...
I'm planning to mitigate it by having localhost communication use different IP addresses (e.g. 127.0.0.2) as source addresses when possible.