The config page at torservers.net advises increasing the TX Queue Length from the default 1,000 to 20,000. For a differing opinion see the assertion that this increases latencies and hampers network congestion recovery ("bufferbloat"):
http://www.cyberciti.biz/faq/gentoo-centos-rhel-debian-fedora-increasing-txq...
I'm running an exit node on a 100Mbps network (multi-core CPU on RHEL5), and typically have 600 - 800 connections at any given time. TorStatus usually reports my throughput at 700KB to 800KB per second.
I suspect that the 20,000 recommendation pertains to Gbit Ethernet. Still, though, is the default of 1,000 adequate for my Tor traffic?
More generally, I haven't tweaked my networking (system network buffer sizes, etc.) because it is unclear to me what recommendations are appropriate for exit nodes running contemporary versions (v0.2.2.30+) of Tor. Reliable benchmarking can't be done because the system load varies with traffic at any given time. Is there a way to prove empirically that this or that adjustment to the system configuration really has an effect on the performance of a Tor relay node?
Thanks.
Hi Steve,
Good question. We used that setting previously and it apparently did not hurt. We are not using any of those tweaks apart from the updated sysctl.conf at the moment.
Let me know about your findings!
Hi everyone,
as far as I gather tor is unusable from behind gfw.. a while back I suggested that some sort of 'bridge-to-bridge' mechanism might be useful so that users within gfw can help each other to get around censorship.. are there any plans to introduce/improve anti-censorship features in tor? I've waited a while but if anything the situation is worse than ever with tor from behind gfw. Seems that the jondo project has working anti-censorship features..
Personally, I think there is a bigger demand for anti-censorship than high-level anonymity.. although both together would be best of course.
Best, Loz
On Friday, August 26, 2011 00:22:35 Lorenz Kirchner wrote:
as far as I gather tor is unusable from behind gfw.. a while back I suggested that some sort of 'bridge-to-bridge' mechanism might be useful so that users within gfw can help each other to get around censorship.. are there any plans to introduce/improve anti-censorship features in tor? I've waited a while but if anything the situation is worse than ever with tor from behind gfw. Seems that the jondo project has working anti-censorship features..
Tor works fine from China, you just need bridges. The censors in China are actively attacking most software that can be used for circumvention, this includes vpns, ssh forwarding, etc. China didn't pay attention to us for years, now they have teams of people working to block and break the various circumvention tools. Tor is working on a number of new items which will both protect anonymity and work well to circumvent censorship. One can find these in the Tor Specfication git repository, https://gitweb.torproject.org/torspec.git
There are a few thousand daily connections coming from China through bridges. See https://metrics.torproject.org/users.html?graph=bridge- users&start=2011-05-28&end=2011-08-26&country=cn&dpi=72#bridge-users
However, having talked to a number of Chinese people from all over the country earlier this year, if something doesn't work right away, with zero configuration, they move on to something else. Making users have to do extra steps is a necessity right now, but greatly limits the adoption of Tor in many countries. It doesn't matter how easy it is, anything more than two clicks, "download tor and run tor" has tremendous drop-off rates.
For a few weeks earlier this year, it seemed China was experimenting with AS- level throttling. If you were trying to send encrypted traffic outside of the various ASes in China, connections were slowed dramatically. As soon as we started to gather data, the people reporting it said it stopped happening.
Personally, I think there is a bigger demand for anti-censorship than high-level anonymity.. although both together would be best of course.
There is both. Many people simply want to circumvent censorship to keep up with the latest news about entertainment, world affairs, or other mundane topics. Many people live in a culture of fear and demonstrated violence against those that do not think the right way, therefore Tor helps them protect their circumvented activities. They worry about how viewing the BBC, CNN, or Dilbert can be used against them some day.
Increasingly, in the 'western world' people are not so much concerned with censorship, but with their data being collected, collated, bought, and sold to everyone. If you look at the top 10 countries from where tor connections originate, https://metrics.torproject.org/users.html?table=direct- users&start=2011-05-28&end=2011-08-26#direct-users-table, you'll see many of them are considered 'free' countries.
tor-relays@lists.torproject.org
-
Andrew Lewman -
Lorenz Kirchner -
Moritz Bartl -
Steve Snyder