On Fri, Jun 6, 2014 at 10:07 AM, George Kadianakis desnacked@riseup.net wrote:
That made me curious to learn how many guard nodes are not directory servers. Apparently, out of all 5393 routers, we have 2149 guards, and 1458 guards that are directory servers. So there are about 700 guards that are _not_ directory servers (I wonder what their bandwidth weight is).
I wrote a script to compute this when Nickm first raised the question: $ python guard_dir_check.py ~/.tor/cached-microdesc-consensus 0 Total guard BW: 7083153.3967 Non-V2Dir guard BW: 1093535.0598
So, by weight it's a little lower - there's around 15% chance to choose a guard that's not a directory mirror atm. If you raise the advertised bandwidth threshold for guard relays to 2000, the answer stays about the same:
$ python guard_dir_check.py ~/.tor/cached-microdesc-consensus 2000 Total guard BW: 6750465.194 Non-V2Dir guard BW: 967363.393
Apparently, this happens because the DirPort torrc option is required to be a directory server, and some relay operators just don't have it. Maybe we should consider again making all relays (or guards) to be directory servers. AFAIK, this idea was discarded in the past because it's not polite to open more ports (DirPort) on people's computers; but nowadays with BEGIN_DIR, we don't even need that extra port, right?
I think this is right.
Or maybe the reason is that directory documents take hard disk space? But how much space do they take? Probably not that much.
The relay needs to have all of these documents in any case, right?
At the very least, maybe we should add a log message saying "You are a guard but not a directory server. You can increase the security of your clients by enabling the DirPort option.".
This would make sense, but note that nothing in the config file tells a relay that it's a guard. So it won't notice this without looking for its entry in the network status.