On Thu, Sep 22, 2011 at 10:49:04AM +0200, Karsten Loesing wrote:
On 9/20/11 9:34 PM, Nick Mathewson wrote:
Configuration:
Add a new torrc option, "DirCache". Its values can be "0", "1", and "auto". If it is 0, we never act as a directory cache, even if DirPort is set.
Do these relays set "dir-cache 0" in their router descriptors? Or do they just not include "dir-cache 1"? But if they set a non-zero DirPort, how will the directory authorities and clients know that the node doesn't want to act as a directory cache?
It seems like there are really two behaviors we want to control here. Question 1: "do you fetch and cache directory info and answer questions if somebody asks you questions?" Question 2: "should you be identified in the consensus as a relay that wants to answer questions?"
If the answer to #2 is yes, the answer to #1 must be yes also.
Every exit relay fetches and caches directory info already (see the last check in directory_caches_dir_info()). So do bridges. I'd say our life would get a lot easier if we just declare that anybody with an ORPort set should say yes to #1. To be clear, the change in behavior there is that non-exit non-dirport relays would now start fetching dir info from authorities on the mirror schedule.
And at that point it's just a question of deciding how to answer #2.
See decide_to_advertise_dirport() in router.c for the complex set of topics we consider now for answering #2.
One simple answer would be that if you're in the consensus and have a new enough version, the answer to #2 is simply yes. Everybody is a suitable choice for answering dir info. Hibernating relays aren't in the consensus. Clients already weight their selection by capacity to shift load to faster relays. Relays with set but unreachable dirports should list "0" for their dirport, but still answer questions.
Variation A would be that clients entirely avoid relays under a certain capacity (say, 50KB) when making their selection. If we want to get super fancy, we could have authorities vote on a consensus param that describes the capacity under which clients should choose not to ask a relay about dir info.
Variation B would be to make a new relay status flag NoDirCache that authorities set if you put a line in your descriptor asking for clients to avoid you, for example if you have accounting set. But I think that's probably more trouble than it's worth.
--Roger