Re: [tor-relays] Tor node was doing more traffic than its bandwidth is configured for
On Sat, Sep 07, 2013 at 10:16:51PM -0400, t...@t-3.net wrote: I updated our node to the RC version some days ago. Earlier today, it started to do a traffic amount that was higher than it had been configured to do in torrc. Torrc was configured for 35M use and 40M burst, but today it went to 50M and stayed there for an hour. Killing it HUP didn't help. I did a service restart on it to bring it back down. Are you sure you didn't confuse bits and bytes? Tor counts in bytes. (The arm monitor, if that's what you're using, counts in bits by default.) --Roger ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Tor node was doing more traffic than its bandwidth is configured for
On 9/8/13, Roger Dingledine a...@mit.edu wrote: Are you sure you didn't confuse bits and bytes? Tor counts in bytes. (The arm monitor, if that's what you're using, counts in bits by default.) As with real networks and operators, if this is so, then big thank you to arm people for correctly counting network bandwidth in bps. No thanks on webhosters and isp's who convert their upstrream bandwidth contracts into transfer bytes and pass that on to their customers for their apache logs, thereby spoofing hosted network *bandwidth* apps like Tor into feeling some silly need to count bytes. Do wish Tor would speak properly in bits by default. ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Tor node was doing more traffic than its bandwidthis configured for
On Sun, 08 Sep 2013 05:49:09 -0400 t...@t-3.net wrote: Yeah, this must be wrong, then. I put this in the torrc: RelayBandwidthRate 35 MB RelayBandwidthBurst 40 MB and I was looking to limit it to 35-40 M as shown in Cacti, which would be MBits. Always remember: MB (capital B) = Megabyte https://en.wikipedia.org/wiki/Megabyte Mb (small b) = Megabit https://en.wikipedia.org/wiki/Megabit But torrc does not support specifying rate limits in megabits anyway. -- With respect, Roman signature.asc Description: PGP signature ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Guard failing large amount of circuits
On 08.09.2013 05:23, I wrote: An exit relay that has just been updated to 0.2.4.17-rc produced this message Sep 07 19:59:30.996 [Warning] Your Guard maisterikaarna ($C3B7CC79FD4E302AF8956A7B02F0FC7AAB4A6AF8) is failing a very large amount of circuits. Most likely this means the Tor network is overloaded, but it could also mean an attack against you or potentially the guard itself. Success counts are 52/151. Use counts are 0/0. 52 circuits completed, 0 were unusable, 0 collapsed, and 1 timed out. For reference, your timeout cutoff is 142 seconds. I guess the part about the Tor network being overloaded is/was true, because my non-exit relay got a similar message at that time. Strange thing though: my relay only used about half of it's bandwidth at the time. -Stephan ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Guard failing large amount of circuits
Hello Tor-Relays members, I'm new to running a relay. (I've read the last 2 months archives of this list.) Started about a week ago, and have run 4 versions. Now on 0.2.4.17-rc. Running on a low power CPU, so I'm keeping a fairly close watch on it, trying to figure out what 'normal' behavior/footprint is, which is difficult since as I understand the network is in 'normal' condition. Anyway, regarding failing circuits, I don't know if this is related, but it is still an anomaly: (timestamps are CET) Sep 07 08:59:13.000 [notice] Circuit handshake stats since last time: 26723/26724 TAP, 21/21 NTor. Sep 07 09:59:14.000 [notice] Circuit handshake stats since last time: 30658/30662 TAP, 26/26 NTor. Sep 07 10:59:13.000 [notice] Circuit handshake stats since last time: 35406/35409 TAP, 24/24 NTor. Sep 07 11:59:12.000 [notice] Heartbeat: Tor's uptime is 18:00 hours, with 1264 circuits open. I've sent 6.62 GB and received 6.01 GB. Sep 07 11:59:12.000 [notice] Average packaged cell fullness: 94.903% Sep 07 11:59:12.000 [notice] TLS write overhead: 10% Sep 07 11:59:13.000 [notice] Circuit handshake stats since last time: 46946/46963 TAP, 42/42 NTor. Sep 07 12:59:13.000 [notice] Circuit handshake stats since last time: 51780/51789 TAP, 29/29 NTor. Sep 07 13:59:13.000 [notice] Circuit handshake stats since last time: 56358/56440 TAP, 30/30 NTor. Sep 07 14:59:13.000 [notice] Circuit handshake stats since last time: 62342/62364 TAP, 35/35 NTor. Sep 07 15:59:13.000 [notice] Circuit handshake stats since last time: 85768/175799 TAP, 48/48 NTor. Sep 07 16:59:13.000 [notice] Circuit handshake stats since last time: 82761/92208 TAP, 42/42 NTor. Sep 07 17:51:28.000 [notice] Tor 0.2.4.17-rc (git-00fb525b23cf070f) opening log file. Sep 07 17:58:48.000 [notice] Circuit handshake stats since last time: 59959/60002 TAP, 63/63 NTor. For all of those entries, where it says X/Y TAP, X is between 99% and 100% of Y. Except for 15:59 (only 48%) and 16:59 (89%). During that same period, I also have a dramatic spike in CPU usage. After that it goes back to almost 100%. -Job On Sep 8, 2013, at 05:23 , I wrote: An exit relay that has just been updated to 0.2.4.17-rc produced this message Sep 07 19:59:30.996 [Warning] Your Guard maisterikaarna ($C3B7CC79FD4E302AF8956A7B02F0FC7AAB4A6AF8) is failing a very large amount of circuits. Most likely this means the Tor network is overloaded, but it could also mean an attack against you or potentially the guard itself. Success counts are 52/151. Use counts are 0/0. 52 circuits completed, 0 were unusable, 0 collapsed, and 1 timed out. For reference, your timeout cutoff is 142 seconds. Are there any recommendations? Robert Free 3D Marine Aquarium Screensaver Watch dolphins, sharks orcas on your desktop! Check it out at www.inbox.com/marineaquarium ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Tor node was doing more traffic than its bandwidthis configured for
On Sun, Sep 08, 2013 at 04:00:08PM +0600, Roman Mamedov wrote: MB (capital B) = Megabyte https://en.wikipedia.org/wiki/Megabyte Mb (small b) = Megabit https://en.wikipedia.org/wiki/Megabit But torrc does not support specifying rate limits in megabits anyway. In 0.2.5 (aka git master branch) it does. Specifically, you can say kbits (or kilobits), or mbits or megabits, or gbits or gigabits, or tbits or terabits. I also recommend writing 40MB as 40MBytes so you know what you're saying. All the config files (and man page entries) should be changed over now (in 0.2.5) -- let me know if I missed any. --Roger ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Running Bind locally
On Sep 7, 2013, at 20:55 , Peter Palfrader wrote: Running a local bind or unbound is probably a smart thing to do, and if you put 127.0.0.1 into /etc/resolv.conf tor will use that. I now have a local Bind9 running, but I still get a lot of these: Sep 08 22:11:27.000 [warn] eventdns: All nameservers have failed Sep 08 22:11:27.000 [notice] eventdns: Nameserver 127.0.0.1:53 is back up Sep 08 22:15:39.000 [warn] eventdns: All nameservers have failed Sep 08 22:15:39.000 [notice] eventdns: Nameserver 127.0.0.1:53 is back up Sep 08 22:16:46.000 [warn] eventdns: All nameservers have failed Sep 08 22:16:46.000 [notice] eventdns: Nameserver 127.0.0.1:53 is back up The /var/log/syslog contains a lot of these, but timestamps don't match with the outages reported by Tor (hostnames and IP addresses changed): Sep 8 22:13:59 tor-exit named[11467]: lame server resolving 'www.example.hk' (in 'example.hk'?): 123.123.123.123#53 Sep 8 22:14:17 tor-exit named[11467]: error (connection refused) resolving 'www.example.com/A/IN': 123.123.123.123#53 Sep 8 22:14:18 tor-exit named[11467]: validating @0x123456789abc: www.example.com A: no valid signature found Sep 8 22:14:32 tor-exit named[11467]: error (unexpected RCODE REFUSED) resolving 'www.example.de/A/IN': 123.123.123.123#53 Any suggestions? // Yoriz signature.asc Description: Message signed with OpenPGP using GPGMail ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
[tor-relays] Fwd: New tor node not acting as an exit server?
I scrapped my previous exit node and set up a new one on a different machine. It's been running for 6 and a half hours, but does not have the exit flag. The logs say both my ORPort and DirPort are reachable from the outside, and using arm from a different machine shows two circuits open. From the config file: ExitPolicy reject 192.168.0.0/16:*,accept *:80,accept *:443,reject *:* Anyone know why my new node isn't being used or recognized as an exit node? Did I forget a config option? Fingerprint: 1e598cdb9bbc751d753146d880b326952886d73b ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Fwd: New tor node not acting as an exit server?
On Sun, Sep 08, 2013 at 05:23:12PM -0400, Niles Rogoff wrote: I scrapped my previous exit node and set up a new one on a different machine. It's been running for 6 and a half hours, but does not have the exit flag. The logs say both my ORPort and DirPort are reachable from the outside, and using arm from a different machine shows two circuits open. From the config file: ExitPolicy reject 192.168.0.0/16:*,accept *:80,accept *:443,reject *:* Anyone know why my new node isn't being used or recognized as an exit node? Did I forget a config option? Fingerprint: 1e598cdb9bbc751d753146d880b326952886d73b Looks like it's working as you expected: https://atlas.torproject.org/#details/1E598CDB9BBC751D753146D880B326952886D73B (Six and a half hours is a short time to wait.) --Roger ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
