@eyedeekay
&eche|on
&zzz
+R4SAS
+RN
+RN_
+StormyCloud
+T3s|4
+acetone
+dr|z3d
+eche|off
+orignal
+postman
+snex
+wodencafe
Arch
BubbRubb
Chrono
Danny
DeltaOreo
FreefallHeavens
Irc2PGuest16752
Irc2PGuest33667
Irc2PGuest33976
Irc2PGuest51880
Irc2PGuest97218
Onn4l7h
Sisyphus
Sleepy_
T3s|4_
Teeed
aargh2
ac9f_
b3t4f4c3__
b4dab00m
bak83_
duanin2
eyedeekay_
john231
leopold
makoto
nilbog-
not_bob_afk
poriori_
profetik1
r00tobo_BNC
rapidash
shiver_
solidx66
thetia
tr
u5657
uop23ip
vivid_reader56
w8rabbit
x74a6
xHarr
dr|z3d
let's see
zzz
the key is PERCENT_LIMIT
zzz
lower is stricter
zzz
we agreed to 3%
dr|z3d
as I said, the limit is around 20 tunnels in 220s in cannon. too lax you think?
dr|z3d
if you look further down that commit you'll see that PERCENT_LIMIT is reduced.
dr|z3d
in some cases, to lower than 3%
zzz
ok, I can't figure that out, what is it for fast routers?
dr|z3d
3.3%
dr|z3d
unless you're running with >=8 cores and >= 1024MB
dr|z3d
then it's 5%
dr|z3d
so to all intents and purposes, 3.3%
zzz
ok, not terrible, but we agreed on 3% after seeing that 6% wasn't strict enough, so not sure why all that extra is necessary
zzz
but apologies, didn't see the reduction code
dr|z3d
no problem at all. if you're happier, I'm happy :)
zzz
point is, take care not to let stormy's big fleet of fast routers contribute to this issue
dr|z3d
of course, that guided my thinking when modifying the above.
zzz
okey dokey
zzz
not sure what's going on with the 'new routers' chart but perhaps somebody has time to investigate, I don't right now
dr|z3d
been seeing spikes in known routers for a while now.
dr|z3d
that graph, however, looks more like a gradual incline.
dr|z3d
(or not-so-gradual)
zzz
usual three options are: new bundled application, new publicity, or attack
zzz
eyedeekay, any ideas?
dr|z3d
there's darknetlive.i2p/post/i2p-the-invisible-internet-project-5978d407 but I doubt that's caused the ramp. might be wrong.
weko
i belive this attack because i have transit tunnels with big traffic
weko
50300mb
weko
50-300mb
weko
sometimes this 'waves' happen
weko
with big num of this tunnels
obscuratus
Re: spike in new routers: For my part, I've noticed a large number of entries in my logs for "Picked IPv6-only or unreachable peer for IBGW" that seems to coincide with the periods where the whole network is suffering from poor Exploratory build success.
obscuratus
A can't precisely say the proporation, but when I spot check these routers, I see many that are both unreachable, and don't even have introducers.
obscuratus
Either way, we don't track the IP address of unreachable routers. I don't know it's a problem, but if I think suspiciously, there's nothinig to stop a single IP from spawning 100s or 1000s of unreachable routers, and we wouldn't know.
obscuratus
Nothing wrong with unreachable routers, but do we screen out unreachable routers without introducers when building exploratory tunnels?
dr|z3d
I don't think there's any way to use an unreachable router without introducers, obscuratus, but temporary banning might be something to consider.
dr|z3d
or just go for a straight-up session ban.
dr|z3d
or maybe they're already caught by temp bans under "unreachable on any transport".
obscuratus
dr|z3d: It might just a timing problem. They had introducers when they were selected for an exploratory tunnel, but by the time I checked my logs, the new RI no longer had introducers.
obscuratus
But, no point in banning them, just don't select a unreacheable router without introducers for tunnels.