Alec Muffett alecm@fb.com writes:
typo:
alecm: and this persists for up to 24h, even though the outage was only 10 minutes
Also, I neglected to observe that linear polling of A-E seeking a descriptor suggests A will be hammered whilst J is nearly idle.
Some entropy in IP selection would be a good thing.
Please see rend_client_get_random_intro_impl(). Clients will pick a random intro point from the descriptor which seems to be the proper behavior here.
I can see how a TTL might be useful in high availability scenarios like the one you described. However, it does seem like something with potential security implications (like, set TTL to 1 second for all your descriptors, and now you have your clients keep on making directory circuits to fetch your descs).
For this reason I'd be interested to see this specified in a formal Tor proposal (or even as a patch to prop224). It shouldn't be too big! :)
Cheers!