Delivery-Date: Wed, 03 Jun 2015 09:12:47 -0400
Return-Path: <tor-talk-bounces@lists.torproject.org>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on moria.seul.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.1 required=5.0 tests=BAYES_00,DKIM_SIGNED,
	RCVD_IN_DNSWL_MED,T_DKIM_INVALID,T_RP_MATCHES_RCVD autolearn=ham version=3.3.1
X-Original-To: archiver@seul.org
Delivered-To: archiver@seul.org
Received: from eugeni.torproject.org (eugeni.torproject.org [38.229.72.13])
	(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by khazad-dum.seul.org (Postfix) with ESMTPS id 79F691E06F0;
	Wed,  3 Jun 2015 09:12:45 -0400 (EDT)
Received: from eugeni.torproject.org (localhost [127.0.0.1])
	by eugeni.torproject.org (Postfix) with ESMTP id 3F2D4353FB;
	Wed,  3 Jun 2015 13:12:39 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by eugeni.torproject.org (Postfix) with ESMTP id 28AAD35417
 for <tor-talk@lists.torproject.org>; Wed,  3 Jun 2015 13:12:35 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at 
Received: from eugeni.torproject.org ([127.0.0.1])
 by localhost (eugeni.torproject.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id K2g6dcyehrTS for <tor-talk@lists.torproject.org>;
 Wed,  3 Jun 2015 13:12:35 +0000 (UTC)
Received: from windmill.donncha.is (unknown [IPv6:2001:41d0:8:da8a::1])
 by eugeni.torproject.org (Postfix) with ESMTP id EB848353E6
 for <tor-talk@lists.torproject.org>; Wed,  3 Jun 2015 13:12:34 +0000 (UTC)
Received: from [192.168.2.248] (unknown [89.100.162.177])
 by windmill.donncha.is (Postfix) with ESMTPSA id AC60B29F
 for <tor-talk@lists.torproject.org>; Wed,  3 Jun 2015 15:56:59 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=donncha.is; s=dkim;
 t=1433339819; bh=bbiOcM7/5VXXbcxSU1+tw9kPBsuIetm+IvKXhDWKYZ4=;
 h=Date:From:To:Subject:References:In-Reply-To:From;
 b=f/fy/BlOYzqnZO2qlYXZwo6lqPeq8CvQbjv62cyhaKVWhL49QW+VDE0fnS4dA20pn
 37Cb+IW3Kimr6ZSCldVlaXJQ7254PnmevWmRGkqh/vKRrTavDpmAjUrV5yJZAYCRrE
 h/GqbpkmsAwTYVc7BQ1zK6uxKH8iduJ71mlqkMP0=
Message-ID: <556EFD21.1030709@donncha.is>
Date: Wed, 03 Jun 2015 14:12:01 +0100
From: Donncha O'Cearbhaill <donncha@donncha.is>
User-Agent: Mozilla/5.0 (X11; Linux x86_64;
 rv:31.0) Gecko/20100101 Thunderbird/31.7.0
MIME-Version: 1.0
To: tor-talk@lists.torproject.org
References: <55643E87.4070108@donncha.is>
In-Reply-To: <55643E87.4070108@donncha.is>
OpenPGP: url=http://donncha.is/donncha.asc
Subject: Re: [tor-talk] Hidden Service Scaling Summer of Privacy Project
X-BeenThere: tor-talk@lists.torproject.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: tor-talk@lists.torproject.org
List-Id: "all discussion about theory, design,
 and development of Onion Routing" <tor-talk.lists.torproject.org>
List-Unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
List-Archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-Post: <mailto:tor-talk@lists.torproject.org>
List-Help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-Subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
Content-Type: multipart/mixed; boundary="===============6704593476498842907=="
Errors-To: tor-talk-bounces@lists.torproject.org
Sender: "tor-talk" <tor-talk-bounces@lists.torproject.org>

This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--===============6704593476498842907==
Content-Type: multipart/signed; micalg=pgp-sha512;
 protocol="application/pgp-signature";
 boundary="mbX23MT5CV4UibXQGOKtUI4nIuorT6vo5"

This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--mbX23MT5CV4UibXQGOKtUI4nIuorT6vo5
Content-Type: text/plain; charset=windows-1252
Content-Transfer-Encoding: quoted-printable

Hi all,

Firstly, thank you to all of the onion service operators who took the
time to get in touch with me. Your feedback has been very helpful.

It is clear that there are a multitude of use-cases and requirements
which can be quite different for people running 'public onion services'
or anonymous onion services. A couple of common points have stood out
which I will try to summarize here for future reference.

1. Redundancy, Failover and Scaling

Many of the onion service operators that I talked to said that the
ability to have redundant service hosting and avoid a single point of
failure is a big priority. The current situation with a single Tor
process on a single physical server is not ideal.

Some operators have experimented with running multiple Tor daemons which
then "compete" with one another to publish hidden service descriptors.
Early results suggest that this basic approach shows promise.

Operators also said that it is important that the deployment of onion
services should not require much Tor specific 'magic'. Ideally it should
be possible to deploy and manage onion services using much the same
tools and process as regular internet services (e.g Puppet, Chef, Ansible=
).

2. Multicore Tor

Operators were also interested in development of the Tor daemon to more
fully utilize the resources on their multi-core systems. Currently onion
services running on multi-core systems have difficulty utilizing much of
the available processing resources beyond a single core. This work is
outside the scope of my project, but I'll note these problems here anyway=
s.

My project may allow some degree of multicore utilization with onion
services as onion service could be served by multiple Tor instances
running on a single multicore system. Clients could then split
connections between different cores by choosing an intro point managed
by a particular Tor process/core. This was something I hadn't though
about before but which might provide some easy improvements.

3. Instrumentation for Onion Service Monitoring

Some operators have been trying to monitor and understand the
performance and reliability of their onion services but have run into
trouble due to a lack of information available on the Tor control port.

In particular the following limitations were outlined:
  - No metrics about concurrent onion service connections over time
  - No metrics for data transfer over the onion service.
  - No data about resource constraints (Tor bandwidth, entry guard
bandwidth)
  - No data about connection rates, failed introductions, rendezvous..
  - Difficult to monitor if a service is actually reachable.

Attempts to use information currently available via the control port was
not perceived to be very insightful or useful. Due to lack of available
metrics only anecdotal information is available when users contact the
operator with complaints. As a result the operator currently has little
options for debugging and diagnosis except for restarting Tor process
and hoping for the best.

I'll contact this list again when more design designs have been
finalized and when I have more to report.

Thank you all again,
Regards,
Donncha


--mbX23MT5CV4UibXQGOKtUI4nIuorT6vo5
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"

-----BEGIN PGP SIGNATURE-----

iQGcBAEBCgAGBQJVbv0hAAoJENYNZOc0WPKFR44L/iaMy/t+dt+/nr0fcLSQ75g8
HY53z3Kxc4PJry6qnyqaCl6zGsLksrF9aKTFWu8x074fn0ikMqLAfD8YjeJW7jXY
kgeeJiQqLzyFd9WDy2Ov7ARi6hajFERx3MFVDh9hO6PWPS5t7i3nLP9I4TD+6Bqs
xZNw6zOU3o9hqG3rTTR9G2VAyBSrQ4nYSf7mBN/5CPbk8WbS5+i8hDArx9LA2eRr
WXNdtboF5lyW0jTr96YLVFxZGy8cc4tDkpR7iZ7cg7yuj/Hk20jBNmcm86838fje
c+Yu54biLCU+5nPfmSbPpAQs+x2/K7HzqOuy4aI00AdoZ01nen2zuJCHv1zy1gog
5elqEm69YAs3M9f28RC0mGMb2Kyl4kMPHzpNr/SrFxV+sbXny+KRG1T3zW5trhqO
QpMiJNowjlsMpgKvsXn/cXc/B8Ef77wLgcj+Tww2yAn7myYvxKMB14k7N3u6oC3Z
BUTuE5Pkq2n9S07guCQU8pcZJkgkPlJ+3LH5if6YwQ==
=rf1W
-----END PGP SIGNATURE-----

--mbX23MT5CV4UibXQGOKtUI4nIuorT6vo5--

--===============6704593476498842907==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

--===============6704593476498842907==--

