On 9 Sep 2016, at 09:35, Jesse V kernelcorn@riseup.net wrote:
Tor clients can only build circuits once they know enough about the network. This "know enough" threshold is determined by the PathsNeededToBuildCircuits setting. From reading Tor's manual, it seems that a setting of X tells Tor clients to wait until they have enough descriptors/microdescriptors such that they have X percentage of consensus weight. By default PathsNeededToBuildCircuits is determined by the directory authorities.
No, that's not quite right: Tor waits until it has that fraction of *paths*, not that fraction of [micro]descriptors.
So, in an ordinary Tor network, when a client has descriptors containing half the total consensus weight, this is: 0.5 guards * 0.5 middles * 0.5 exits = 0.125 of paths
See compute_frac_paths_available: https://gitweb.torproject.org/tor.git/tree/src/or/nodelist.c#n1799
There's a slightly different calculation used in recent Tor versions with small networks with no Exits, which are typically hidden-service only test networks. The example above would be: 0.5 guards * 0.5 middles * no exits in consensus (1.0) = 0.25 of paths
See: https://gitweb.torproject.org/tor.git/tree/src/or/nodelist.c#n1794
I'm curious, how is PathsNeededToBuildCircuits set? I don't see that value in the microdescriptor documents, it doesn't seem to be documented in tor-spec, and I don't see much about it online, but maybe I missed something. What is the typical value?
min_paths_for_circs_pct is not set in the consensus: https://consensus-health.torproject.org/consensus-health.html
So the default is used: #define DFLT_PCT_USABLE_NEEDED 60 Unless the client specifies a value for PathsNeededToBuildCircuits.
See get_frac_paths_needed_for_circs for details: https://gitweb.torproject.org/tor.git/tree/src/or/nodelist.c#n1846
Thanks for reporting this, I've updated the PathsNeededToBuildCircuits tor manual page entry: https://trac.torproject.org/projects/tor/ticket/20117
I see that 0.95 is the cutoff, but how high will prevent a client from bootstrapping?
It really depends on how many descriptors the client can retrieve, which depends on how many directory servers it can access, and how many descriptors they have retrieved. Almost all directory mirrors should have 100% of the descriptors in recent consensuses. So it really depends on how well the client can retrieve them - on its network connectivity and speed.
0.95 is fine in the current network with a decent client connection: tor DataDirectory `mktemp -d` PathsNeededToBuildCircuits 0.95
So I disabled the PathsNeededToBuildCircuits maximum and rebuilt master:
src/or/tor DataDirectory `mktemp -d` PathsNeededToBuildCircuits 1.0 At this level, Tor failed to bootstrap once, but seems to succeed most times. But it takes about twice as long to load relay descriptors (10s vs 20s).
Tim
-- Jesse V
tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
Tim Wilson-Brown (teor)
teor2345 at gmail dot com PGP C855 6CED 5D90 A0C5 29F6 4D43 450C BA7F 968F 094B ricochet:ekmygaiu4rzgsk6n xmpp: teor at torproject dot org