logs archiveIRC Archive / Oftc / #tor / 2010 / April / 19 / 1
SwissTorExit
arma: it started again and have pasted all test and performance, i keep it running now
arma: i have a new message in terminal: ==22335== More than 10000000 total errors detected. I'm not reporting any more.
==22335== Final error counts will be inaccurate. Go fix your program!
==22335== Rerun with --error-limit=no to disable this cutoff. Note
==22335== that errors may occur in your program without prior warning from
==22335== Valgrind, because errors are no longer being displayed.
==22335==
oups never mind was so longh
it is ok to kill now ?
seem that yes, i must kill while too much errors if i understand correctly
Sebastian
SwissTorExit: in reality, you'll want to run it with the command I gave you earlier
SwissTorExit
ok, so i must restart it again, i will kill and paste the output and start yours now :D
that's the new link with arma command but complete this time http://tor.pastebin.com/rUXqYFrj, i have started with yours Sebastian
Sebastian: their no warn, just the standard info about test passed for the moement
Sebastian
that's good
SwissTorExit
yeah so far :P
ah yes one warm: Apr 18 23:27:39.760 [warn] router_orport_found_reachable(): Bug: ORPort found reachable, but I have no routerinfo yet. Failing to inform controller of success.
but i thik that's will the controller are not working and set in toorc
torrc* , so it's good
you think that i must kill it or keep it running ?
Sebastian
just keep it running for a bit. arma might tell you to kill it.
SwissTorExit
okydoky :D
nsa
or: erinn committed revision 22206 (/website/trunk/include): bump tbb linux version
SwissTorExit
arma: i must go sleeping, would you i run it like that to tomorow ?
their always no messages so far
         

arma
if it's at 100% cpu, best to kill it and restart without valgrind
if it's not at 100% cpu, leave it running
SwissTorExit
well no, only 16 to 18 %
arma
great. lucky you. you have a good cpu. :)
SwissTorExit
it's run with 4 cores and i ser NUMCPU 4
:P
so i keep it working without problem to tomorow
ok, cya tomorow, good night :D
BarkerJr
Apr 19 00:00:00.413 [notice] Configured hibernation. This interval began at 2010-04-19 00:00:00; the scheduled wake-up time is 2010-04-19 00:44:50; we expect to exhaust our quota for this interval around 2010-04-19 22:16:50; the next interval begins at 2010-04-20 00:00:00 (all times local)
would it be a good rule of thumb that if your accountinting estimates 24 hours, then you have a fast enough connection you shouldn't be using accounting?
atagar
Don't follow - what does having a fast connection have to do with if accounting should be set or not? It just restricts the max data transmitted over a given period (having a fast connection just mean you'll exhaust it faster).
or do you mean slow enough instead? (that would make sense)
BarkerJr
Sebastian said that you shouldn't use accounting if you have enough throughput for a fast connection
atagar
Hu? Don't follow what he meant - accounting is for instances like Comcast who cuts off Internet service if you run over a certain quota.
BarkerJr
right, but you sacrifice nore stability
there's gotta be a point where you should set a bandwidth rate rather than accounting
atagar
not really - it's preferable to have a short term fast relay than long term slow one
BarkerJr
so every relay on a host with a monthly GB limit should ideally use accounting
atagar
yup - see the last paragraph of: http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ#HowcanIlimitthetotalamountofbandwidthusedbymyTorrelay.3F
oops, wrong spot (where did I see that...)
could have sworn I saw somewhere it's preferable to restricting BandwidthRate... oh well
BarkerJr
the man page? :P
anyway, we need to promote it more
too few people use accounting
we need to get it in vidalia
atagar
doh, of course (thanks)
BarkerJr
maybe most relays run on flat-rate bandwidth
atagar
probably - it's kinda odd the relay setup instructions don't make any mention that accounting is preferable (likely it's not a terribly big whoop one way or the other...)
ln5
looks like lots of relays lost their named flag tonight at ~3 UTC
echelon
hi
oftc's hidden service hostname is 37lnq2veifl4kar7.onion, right?
Sebastian
sounds about right, yup
echelon
it doesn't work
         

Sebastian
atagar: I think they don't because for people with reasonable amounts of bandwidth, it's much better not to use accounting.
atagar: For example, I have a 3TB quota on a gigabit link. Now either I use accounting and don't limit my relay in any other way, meaning it will not run for a whole month, and when it runs, it will attract massive attention.
Or I limit it to 500kB/s, make it run as a stable guard, and don't come close saturating my pipe at any point during the month.
imnsho the latter is preferable.
of course, the worst I could possibly do is to use daily accounting, so that my relay will run for a bit of every day of the month, reducing its stability even more
If I, on the other hand, have a quota of 100GB/month, it makes perfect sense to use accounting to provide a reasonably fast (let's say 100kB/s) relay for a part of the month.
echelon: hm
keb
yeah i get [00:56] SOCKS Proxy failed to connect to host (error 4).
Sebastian
echelon: I don't know who operates that hs, and if it is still supposed to be available. Maybe ask in #oftc?
echelon
it
it's worked within the last month
Sebastian
ah, ok. Might still want to ask around, maybe it's a known problem
keb
maybe they didnt update their openssl and are off the tor grid now
katmagic
echelon: I'm pretty sure it's not official.
keb
When Mozilla added a Chinese company, China Internet Network Information Center, as a trusted Certificate Authority in Firefox this year, it set off a firestorm of debate, sparked by concerns that the Chinese government could convince the company to issue fake certificates to aid government surveillance.
atagar
Sebastian: if the official position now is that restricting the BandwidthRate is preferable to accounting then we should revise the tor man page (which currently says the exact opposite)
Sebastian
Well, it kind of doesn't.
it also kind of does.
atagar
under the accounting entry (doesn't it?)
Sebastian
"is preferable to setting a low bandwidth"
katmagic
Hopefully that China certificate thing will get SSL abandoned in favor of a web of trust model.
It's doubtful though, 'backwards compatibility', and all.
Sebastian
atagar: I treat that sentence like it entirely supports my argument
keb
aye. i will try phobos' recipe when i get a couple hours to figure it out
and remove all the default CAs from firefox
atagar
hmmm, I see what you're getting at (personally I agree since the tor use cases I'm more interested in desire availability over speed, but could understand arguments the other way...)
katmagic
How would one go about verifying the authenticity of certificates without a wide implementation of such a system, though? I know some people remove the default CAs, but what do you use instead?
I tried Perspectives, but it is somewhat lacking.
keb
dunno. phobos claims he calls the operator of important SSL sites and checks the fingerprint
how many can there be
Sebastian
atagar: See stuff like PerConnBWRate. I declare that anyone wanting more than 20kB/s is wanting more than they can reasonable get in an overloaded network
katmagic
'What about unimportant ones, though? And how can you make sure that you're calling the right person if the site could be faked?
keb
if it is unimportant, why does it matter if your traffic is MITMd
yeah building a web of trust isnt easy, but has to start somewhere. e.g. visit the bank in person
katmagic
Something like censoring search results; it would be annoying and confusing, but not really critical.
keb
that would defeat one reason people are using Tor in the first place
Sebastian
a wot does that, too.
"what peers do you trust?"
katmagic
Yes it would, but I wouldn't be surprised if someone is running an exit node that modifies search results.
arma
atagar: i think the best recommendation is still the one i made in the faq. the last paragraph of https://wiki.torproject.org/noreply/TheOnionRouter/TorFAQ#Hibernation
katmagic
Sebastian: I mean presently.. Perspectives isn't really in a usable state yet.
Sebastian
katmagic: yeah I think Perspectives is a pita and pretty useless, but hey
katmagic
So my question wasn't 'what system would work>', but 'what systems /do/ work?'.
arma
sebastian: i think somebody should be able to get more than 20KB/s for a burst. remember, this includes directory downloads.
the question then is what burst to set for them.
Sebastian
sure.
I was more talking about sustained bw
arma
maybe a rate of 10KB and a burst of 1MB
hard to say. medium-sized websites can easily be 500KB these days
Sebastian
yeah, or lots more.
atagar
Sebastian: looks like we were both wrong (daily accounting most preferable? woulnd't expect that...)
Sebastian
without ads the website I visit most has >800kB already
atagar: I still don't think I'm wrong.
atagar
of course not ;)
arma
atagar: yeah, hm. i think there are several cases here.
sebastian has a good point that if you have a lot, for the month, then spending at least half the month up, and setting your bandwidthrate accordingly, is a fine plan
you could even set a really high burst
i guess it depends what the rate ends up being. if it ends up being 8KB/s, that's bad news
Sebastian
right. I think that's exactly what my points were above.
arma
somebody should fix the faq entry then. and while we're at it, move it over to the new faq :)
atagar
arma: and possibly change the last sentence of the AccoountingMax entry in the man page too
katmagic
nsa lists all these changes to the website, is there a repository or something it's taking those from?
Sebastian
katmagic: yeah, our svn repository
the website lives there
https://svn.torproject.org/cgi-bin/viewvc.cgi/website/
https://svn.torproject.org/cgi-bin/viewvc.cgi/website/trunk/ in fact
katmagic
That's confusing. So only some things have Git repositories?
keb
if the Tor network has a goal of throughput for most users being e.g. 100KB/s then it would make sense to rate limit a bit above that and ensure your node is always up.
Sebastian
keb: not really
keb
i.e. maximize number of available nodes at target speed
Sebastian
you should, if that means you can reach more than 100kB/s, make sure your relay is always up with the highest possible bw ;)
keb
yes, but the question only comes up if you cant afford that
Sebastian
katmagic: yup. In the past, everything was in svn. Now only the things that make more sense in svn are in svn, or those projects with a main contributor who likes to live in the past
keb: not really. Some people get the impression they should use Accounting always, because obviously it is prefered
the subtle hints about "slow" and "low bandwidth" get lost, and it is indeed difficult to know what a low bandwidth is.
corleone
what happened to half of the tor network?
seems like half of the nodes are down
descriptors
Sebastian
corleone: I see 1320 relays in my consensus
that's a lot less than it should be, but nowhere near half
xtoaster
my descripttion hasnt been updated for 2 days.. is it normal?
Sebastian
xtoaster: what?
xtoaster
cached-des*
Sebastian
that might be ok
xtoaster
my bad that's confusing. great at least tor's still working :)
corleone
Sebastian
i see 2300
not anymore
nevermind
what the heck
"2330 live routers"
Sebastian
corleone: what tells you this
corleone
tor controller
setevents info
Sebastian
ok no idea where it gets that number from. Maybe it likes stale descriptors or something
corleone
the info flys by so fast i can barely read it
somewhere else in this flood is the figure 1310
650 INFO routerlist_remove_old_routers(): We have 2338 live routers and 0 old router descriptors
650 INFO update_consensus_router_descriptor_downloads(): 0 router descriptors downloadable. 0 delayed; 1310 present (0 of those were in old_routers); 0 would_reject; 2 wouldnt_use; 0 in progress.
the world might be coming to an end
early
xtoaster
the 2338 seems total node number seen in a long time frame. i've never seen more than 1600 nodes in my vidalia.
corleone
the number of active relays and directories should be closer to 5000, right?
i just do not remember or know
Sebastian
no
it is, unfortunately, around 1300 to 1500 it seems.
dr|z3d
weasel: dandon's been following me around various networks engaging in high jinx and nonsense. What you saw was an extension of that, not the sum total of his cheekiness. With respect.
I'd rather we communicate privately on these matters, weasel, but you did initiate the chat here, in ths channel. :)
nsa
or: [tor/master] 2010-03-16 08:36:14 Roger Dingledine <arma@torproject.org>: parameterize update_consensus_router_descriptor_downloads
or: [tor/master] 2010-04-19 10:09:06 Roger Dingledine <arma@torproject.org>: bump to 0.2.2.11-alpha-dev
Meliboeus_
Any idea what this means: [warn] No ciphers on session
SwissTorExit
hello to everyone
Sebastian
Meliboeus_: Looks like a warning that indicates a problem of a connecting client, not one on your side.
arma: Smells like ProtocolWarning?
Meliboeus_
Sebastian: Cool I was worrying that it had to do with me...
Sebastian
arma: talking about the warnings in tor_tls_client_is_using_v2_ciphers
Meliboeus_: if you want more input, please file a bugreport on this. Then you'll see if my idea was correct
SwissTorExit
arma: Sebastian hello , the node has run all night, look all good, i will kill it an give you the out put
oky C^work , brb
BarkerJr
well, two things happened in the past few weeks... china unblocked tor, adding load to the network... relays stopped working due to openssl compatibility issues
arma
barkerjr: there's a third: we fixed a bug where nobody was picking the fast guards
BarkerJr
right
why does the FAQ say you shouldn't use monthly accounting and should instead divide by 30 and use daily?
SwissTorExit
arma: Sebastian here are the new link with the output, done with your command Sebastian http://tor.pastebin.com/SA5xXhKw
BarkerJr
if that's "worst I could possibly do", I think that FAQ entry should be changed... http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ#HowcanIlimitthetotalamountofbandwidthusedbymyTorrelay.3F
SwissTorExit
i have try to done same for bufferevent but i have only the end in terminal, their too much errors to get from the start
can be the part i have useful to add in the bug report ?
BarkerJr
I'm glad I started using accounting, cause we're finding all this bad doc :)
SwissTorExit
but seem look not too bad on 0.2.
oups the test you wanted seb, not too much errors
for info, Lucid 10.04 LTS come out in 3 days if i am right so it will be needed the new packages for it
phobos
SwissTorExit: helix is really the person to ask about lucid packages
i suspect it involves waiting until lucid is released, getting a virtual machine installed, and then building
SwissTorExit
hi phobos, yep, thanks :D
it run well on Lucid but i must say that i don't has take a look about original repo, like libevent, so i don't have a clue on it, i just use libevent2 in any OS since it's a great improuvement as server
phobos
i suspect lucid has libevent 1.4.11 or something mostly recent
SwissTorExit
i will look when i make my next install, RC must be out in ISO in the next hours
Neeraj
hi
hi arma
hi atagar
some_nick
Hi
Has anyone here used Hiawatha Webserver?
« prev 1 2 3 next »