Re: [or-talk] where are the exit nodes gone?
On Tue, 13 Apr 2010 08:43:21 +0200 Olaf Selke wrote: >Scott Bennett schrieb: >> In any case, your Xeon(s) ought to be able to benefit considerably from >> running your gargantuan tor process in 4 MB pages instead of 4 KB pages. > >the old blutmagie exit running in 2007-2009 which serves my tns pages is >equipped with two Xeon cpus from the old P4 Prestonia architecture. The >exit node anonymizer2.blutmagie.de has one c2d E8600 cpu. Cause tor >process basically spends all cpu time within one thread, a slower >clocked quad/multicore wouldn't speed up anything. > Either I forgot (probable) or you didn't mention before (less probable) that you had moved it to a newer machine. Whatever you're running it on, superpages or LINUX's "huge" pages ought to speed tor up considerably by drastically reducing TLB misses. (I wasn't suggesting that you revert to older hardware. I was thinking that you were still running tor on the Xeon- based machine.) Scott Bennett, Comm. ASMELG, CFIAG ** * Internet: bennett at cs.niu.edu * ** * "A well regulated and disciplined militia, is at all times a good * * objection to the introduction of that bane of all free governments * * -- a standing army." * *-- Gov. John Hancock, New York Journal, 28 January 1790 * ** *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: [or-talk] where are the exit nodes gone?
Scott Bennett schrieb: > In any case, your Xeon(s) ought to be able to benefit considerably from > running your gargantuan tor process in 4 MB pages instead of 4 KB pages. the old blutmagie exit running in 2007-2009 which serves my tns pages is equipped with two Xeon cpus from the old P4 Prestonia architecture. The exit node anonymizer2.blutmagie.de has one c2d E8600 cpu. Cause tor process basically spends all cpu time within one thread, a slower clocked quad/multicore wouldn't speed up anything. regards Olaf *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: [or-talk] where are the exit nodes gone?
Kasimir Gabert wrote: > On Sun, Apr 11, 2010 at 9:01 AM, Scott Bennett wrote: >> On Sun, 11 Apr 2010 15:23:16 +0200 Olaf Selke >> wrote: > [snipped] >>> maybe I take your advice and add php code at blutmagie tns to sum up the >>> extra-info average rate data and print the so calculated bandwidth >>> instead of max observed one. >> You might communicate with Kasimir Gabert about that. I think he said >> some months ago that he was going to do that for his torstatus stuff, so >> what you want might already be written. > > I've been really busy these past numerous months, but that code is > written. You can find it in the trunk version of TorStatus. fyi bandwidth bar for torstatus.blutmagie.de now calculates according Kasimir's new code evaluating the more realistic daily average from extra-info instead of the observed peak bandwidth. regards Olaf *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: Polipo and dnsUseGethostbyname - what is the best option and does it matter?
I'm not sure whether either of these bugs are fixed at present (ugh). So I'd recommend sticking with yes (or true, I guess it's called now). If "yes" is the same as "true" then this is a setting the Polipo manual strongly advises against. "Finally, if dnsUseGethostbyname is true, Polipo never tries to speak DNS itself and uses the system resolver straight away (this is not recommended)." - Given those, and since polipo shouldn't be doing any dns resolves anyway when it's using a socks5 proxy, I figured I'd go for the choice that exposed less surface area. My fundamental question is this: If the config file says "yes" to dnsUseGethostbyname then Tor does the DNS resolution. If however the config file says something else e.g. "reluctantly" (The manual says "if it is reluctantly (the default), Polipo tries to speak DNS and falls back to the system resolver if a name server could not be contacted.") then does Polipo do its own DNS resolution and then pass this on to Tor therefore leaking? Or, are you saying, that "since polipo shouldn't be doing any dns resolves anyway when it's using a socks5 proxy" the value of dnsUseGethostbyname is not relevant when using Polipo with Tor since Tor will ALWAYS do DNS resolution because of socksParentProxy = "localhost:9050" and socksProxyType = socks5. If yes then my first question is moot. This is what is confusing me the most - whether changing dnsUseGethostbyname means Polipo (not Tor) now does the DNS resolution. --Roger *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/ *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
no traffic but still a lot of open tcp sessions
Hi list, for some unknown reason my exit stopped publishing its descriptor. Bandwidth dropped to below 3 MBit/s and the number of new tcp connections dropped to less than 10 per second. Both seems to be reasonable. Good! But the tor process still owns about 8000(!) open tcp sessions in established state. I don't have a good explanation what these sessions are used for? Cause kernel tcp timeout parameters like tcp_timeout_established are set to rather small values, the sessions must be really alive. Since the pictures are small I dare to attach graphs for cpu load, new tcp conn/s, and open tcp sessions to this mail. regards Olaf <><><>
