Tor doc/TUNING Review

classic Classic list List threaded Threaded
9 messages Options
Reply | Threaded
Open this post in threaded view
|

Tor doc/TUNING Review

Libertas
Can anyone do me a favor and let me know whether this short guide, along
with the correction described in the comments, is correct?

https://trac.torproject.org/projects/tor/ticket/13702

Reply | Threaded
Open this post in threaded view
|

Re: Tor doc/TUNING Review

Stefan Sperling-5
On Fri, Nov 21, 2014 at 11:28:56AM -0500, Libertas wrote:
> Can anyone do me a favor and let me know whether this short guide, along
> with the correction described in the comments, is correct?
>
> https://trac.torproject.org/projects/tor/ticket/13702

In which configuration does tor need to open many files?
I've been running a tor relay on OpenBSD for more than a year without
any adjustments to ulimits and didn't notice any problems.

Reply | Threaded
Open this post in threaded view
|

Re: Tor doc/TUNING Review

lists
On Fri, Nov 21, 2014 at 05:51:52PM +0100, Stefan Sperling wrote:
> In which configuration does tor need to open many files?
> I've been running a tor relay on OpenBSD for more than a year without
> any adjustments to ulimits and didn't notice any problems.

I can second this.  I've used Tor from packages for several years now
and have never had trouble from either clients or servers.

Reply | Threaded
Open this post in threaded view
|

Re: Tor doc/TUNING Review

Libertas
Hmm, have you been keeping an eye on your logs? I eventually got a
warning telling me that Tor had to stop opening connections because it
couldn't open any more files. Regardless, Tor frequently opens thousands
of files, while the default hard limit for OpenBSD users is 512-1024
files. My Linux nodes generally have 9,000+ files open across all users
when mature.

I could be missing something - let me know if I am.

On 11/21/2014 12:02 PM, [hidden email] wrote:
> On Fri, Nov 21, 2014 at 05:51:52PM +0100, Stefan Sperling wrote:
>> In which configuration does tor need to open many files?
>> I've been running a tor relay on OpenBSD for more than a year without
>> any adjustments to ulimits and didn't notice any problems.
>
> I can second this.  I've used Tor from packages for several years now
> and have never had trouble from either clients or servers.

Reply | Threaded
Open this post in threaded view
|

Re: Tor doc/TUNING Review

Stefan Sperling-5
On Fri, Nov 21, 2014 at 12:30:57PM -0500, Libertas wrote:
> Hmm, have you been keeping an eye on your logs? I eventually got a
> warning telling me that Tor had to stop opening connections because it
> couldn't open any more files. Regardless, Tor frequently opens thousands
> of files, while the default hard limit for OpenBSD users is 512-1024
> files. My Linux nodes generally have 9,000+ files open across all users
> when mature.
>
> I could be missing something - let me know if I am.

Can you please provide the exact warning string so I can grep for it?

What are all these files used for?

Reply | Threaded
Open this post in threaded view
|

Re: Tor doc/TUNING Review

lists
In reply to this post by Libertas
On Fri, Nov 21, 2014 at 12:30:57PM -0500, Libertas wrote:
> Hmm, have you been keeping an eye on your logs? I eventually got a
> warning telling me that Tor had to stop opening connections because it
> couldn't open any more files. Regardless, Tor frequently opens thousands
> of files, while the default hard limit for OpenBSD users is 512-1024
> files. My Linux nodes generally have 9,000+ files open across all users
> when mature.

I wish I had more data to give you at the moment (I have no relays up
right now, but have historically run a couple long-term).  However, on
my local machine a grep through the logs shows nothing of the sort, nor
have I noticed this issue.  I currently have an uptime of about a week
and 7 browser tabs open at the moment with this client.

Reply | Threaded
Open this post in threaded view
|

Re: Tor doc/TUNING Review

Libertas
It shouldn't be an issue with clients IIRC, as they only maintain a few
circuits.

I just ran 'sudo lsof | wc -l' on a Linux guard relay that moves a
little less than 1 MB/s (not much traffic), and it returned >12,500. If
anyone else reading this has an active Tor relay running OpenBSD with
unaltered file limits, I'd appreciate it if you could run the same
command and let us know what you get. Running 'sudo lsof -u _tor | wc
-l' would also be useful, as it would help discern whether the process
hit the file limit set by /etc/login.conf.

On 11/21/2014 12:38 PM, [hidden email] wrote:

> On Fri, Nov 21, 2014 at 12:30:57PM -0500, Libertas wrote:
>> Hmm, have you been keeping an eye on your logs? I eventually got a
>> warning telling me that Tor had to stop opening connections because it
>> couldn't open any more files. Regardless, Tor frequently opens thousands
>> of files, while the default hard limit for OpenBSD users is 512-1024
>> files. My Linux nodes generally have 9,000+ files open across all users
>> when mature.
>
> I wish I had more data to give you at the moment (I have no relays up
> right now, but have historically run a couple long-term).  However, on
> my local machine a grep through the logs shows nothing of the sort, nor
> have I noticed this issue.  I currently have an uptime of about a week
> and 7 browser tabs open at the moment with this client.

Reply | Threaded
Open this post in threaded view
|

Re: Tor doc/TUNING Review

Stefan Sperling-5
On Fri, Nov 21, 2014 at 02:39:02PM -0500, Libertas wrote:

> It shouldn't be an issue with clients IIRC, as they only maintain a few
> circuits.
>
> I just ran 'sudo lsof | wc -l' on a Linux guard relay that moves a
> little less than 1 MB/s (not much traffic), and it returned >12,500. If
> anyone else reading this has an active Tor relay running OpenBSD with
> unaltered file limits, I'd appreciate it if you could run the same
> command and let us know what you get. Running 'sudo lsof -u _tor | wc
> -l' would also be useful, as it would help discern whether the process
> hit the file limit set by /etc/login.conf.

# fstat -u _tor | wc -l
      25

The file descriptor limit effectively limits the number of sockets
(ie. concurrent connections) tor can open.

On relays with more than kern.maxfiles connections at a time you'd need
to bump the file descriptor limit but I don't think there is a need to
bump the limit unconditionally on every relay.

Reply | Threaded
Open this post in threaded view
|

Re: Tor doc/TUNING Review

Libertas
In reply to this post by Stefan Sperling-5
This is the warning message I saw:

https://gitweb.torproject.org/tor.git/blob/42b42605f8d8eac25361be229354f6393967df4f:/src/common/compat.c#l1555

Although I suppose you could also get one of the related ones in the
same function.

On 11/21/2014 12:40 PM, Stefan Sperling wrote:

> On Fri, Nov 21, 2014 at 12:30:57PM -0500, Libertas wrote:
>> Hmm, have you been keeping an eye on your logs? I eventually got a
>> warning telling me that Tor had to stop opening connections because it
>> couldn't open any more files. Regardless, Tor frequently opens thousands
>> of files, while the default hard limit for OpenBSD users is 512-1024
>> files. My Linux nodes generally have 9,000+ files open across all users
>> when mature.
>>
>> I could be missing something - let me know if I am.
>
> Can you please provide the exact warning string so I can grep for it?
>
> What are all these files used for?