#i2p-dev (irc2p) | 2.11.0-3 | Network status http://zzz.i2p/topics/3714

#i2p-dev

/2026/02/09

Online: 62

&zzz

+FreefallHeavens

+R4SAS

+RN_

+Romster

+T3s|4

+acetone

+eche|off

+mareki2p

+nilbog

+nyaa2pguy

+orignal

+postman

+qend-irc2p

+wodencafe

Arch

Daddy_I2P

Danny

Irc2PGuest15434

Irc2PGuest16019

Irc2PGuest20377

Irc2PGuest31938

Irc2PGuest35412

Irc2PGuest48148

Irc2PGuest77921

MatrixBot

NiceBoat

Onn4l7h

Onn4|7h

Over

Sisyphus

Teeed

aargh4

ahiru

ananas

anontor

b3t4f4c3__

cims

dr4wd3_

duanin2

ice_juice

mahlay

makoto

marek

noidea

not_bob_afk2

o3d3

poriori

profetikla

r00tobo

rapidash

rednode

solidx66

stormycloud[m]

sublimia

test7363673

uop23ip

urist_

vivid_reader56

x74a6

zelgomer

zzz good morning

dr|z3d for some definition of good. :)

zzz big improvement in build success overnight, not sure if due to the i2pd release or something else

zzz nice to wake up to graphs going up instead of down down down

zzz It may also just be that we popped out of congestion collapse. Hard to say. Both attack groups appear to be still running.

orignal are you releasing?

orignal zzz, i2pd was released yeaterday tonight but major changes was done yersterday morning and people often build from trunk

zzz we should be on schedule

orignal fair enough

zzz I see about 3% 0.9.68

nilbog the debian build unfortunately still has the same error zzz, tried -11-rc (+ the ppa version) and it's the same

orignal I haven't updated my routers yet

orignal to 9.9.68 explicitly

zzz probably not enough for a huge improvement, that's why I think it's probably just getting out of congestion collapse

zzz locally I'm up from 20% to 75% client build success. expl. from 8% to 18%. net avg expl. now at 28%

zzz nilbog, the PERCENT error?

nilbog zzz, yes it's still here in my tests, maybe an issue on my end? i would've guessed that any dependency issue would show when compiling

zzz don't know. I'll retest here, maybe I fixed it and then broke it

nilbog ok thanks

zzz nilbog, reproduced here, investigating, thanks for the report

not_bob zzz: I'm running a version of i2pd I compiled about 12 hours ago, and the latest i2p+ and things have been somewhat better.

not_bob Still getting a very large percent of transient tunnels on my flodfills though.

zzz yup, thanks for the report

zzz found the problem nilbog, might be a little messy to fix, the resolute/trixie release deb may be delayed

zzz you should be able use the jammy package instead, or I'll let you know when I have a fix

orignal I think most of yeatrday change is still on 0.9.67

zzz nilbog, I've concluded that debian's libjetty12 package is borked and we're not going to be able to use it

zzz we're going to use the jammy build for everything including resolute/trixie/stable/sid

orignal zzz I see 8K floodfiils now

zzz yeah lets see what the botnets are up to

orignal are they real or not?

orignal e.g. do they repspond to requests?

zzz looks like a big new batch of XfG routers, in the US now

orignal are they good of fake?

orignal *or

zzz yeah I'm connected to lots of them

orignal did you try to lookup?

orignal I'm wondering if they respond

zzz havent done any testing of them, no. A lot are so new they're reporting netdb.knownLeaseSets = 0

zzz back shortly

dr|z3d floodfills look normal from here.

dr|z3d I suspect the botnet ones are swallowing lookups.

dr|z3d so botnet appears large, >10K large.

orignal 10K FFs?

orignal are they G?

dr|z3d check

orignal I'm busy

orignal 10K routers itself is not a problem

dr|z3d *** chuckles. ***

dr|z3d no, I mean "check" as in "yes".

orignal so 10K G routers?

dr|z3d correctomundo.

orignal then that's the problem from one hand

dr|z3d of the X flava.

orignal while G means it's a tunnel originator

orignal the fix is easy

orignal limit number of TBR from G

orignal guys, can we collect ALL their IPs this way?

dr|z3d nuke those, things look normal again, ff size wise.

dr|z3d or just take a napalm torch to XG.

dr|z3d if I gave you a list of 10K hashes, any good?

orignal XG might mean someone is shutting down

dr|z3d no, it doesn't.

dr|z3d not in this context.

orignal in general

dr|z3d what it means is a shit ton of abusive routers on fast connections that are intent on causing havoc.

dr|z3d let's talk specifics, you can present your post-doctoral thesis later.

dr|z3d I have a sorted list of close to 12K router hashes here. they're not all shutting down.

dr|z3d and those have all been seen in the last 90m.

orignal so some of them are not floodfills?

dr|z3d correct.

orignal what I don't understand why tunnels are not being built?

orignal they are G

orignal nobody is trying to build tunnels through them

orignal do you guys throttle TBMs too much?

dr|z3d we throttle requests, sure.

orignal how much?

orignal 27 per 100 secs max for entire routers?

dr|z3d and no one would be trying to build requests through them, because G. they're not allowing it. that's the point.

dr|z3d it's both per router, with a growth factor to spot bursts.

orignal you ban other ruters

dr|z3d I'm also watching for bursts, there are some pretty demanding routers out there that are evidentially abusive.

orignal tell me why I have low rate now

orignal do you know if they build 1 hop tunnels only?

dr|z3d you have a low rate bacause you have an allergy to throttling.

dr|z3d but that's ok, because you've always told us you don't want to throttle. so carry on :)

orignal I have good rates before this routers

orignal if they build 1 hop tunnels they should afffect only me

orignal do you get it?

orignal looks like the problem is that you trottle entire numeber of TBMs

orignal dr|z3d yes or no?

orignal guys please dp something with it for the release

orignal right now Java routers cause low rate

zzz reminder: Prop. 169 review tomorrow #ls2 8 PM UTC. recommend being on the echelon server side to avoid netsplits

zzz ^^ dr|z3d orignal eyedeekay

zzz orignal, we already have XfG mitigations in for the release. Today is just a new batch of them

orignal yes

orignal zzz do you trottle TBMs for entire router?

orignal in the new release

orignal meaning that it affects everybody, not only abusers

orignal 12K G routers is not a problem

orignal low rate cause by your throttle is a problem

orignal btw, let's collect their destinations

orignal assuming thier tunnels are 1 hop

zzz orignal, we have both global and from/to TBM throttling. We did not make any changes to it in this release

orignal but now I bet you hot global limits

orignal btw, this new fleet respects congesion caps

orignal if yu are E they stop attacking you

orignal zzz when you throttle globaly do you raise E or G flag?

dr|z3d > to answer your question, orignal, from what I'm seeing here, the majority are now f.

dr|z3d > my guess is that this part of the attack floods the network with un-responsive floodfills which cause poor lookup rates all over.

orignal dr|z3d do you respond to lookups or not?

orignal can you confirem that they are unreposnsible?

orignal I don't see any LS lookup problems

orignal the rate I'm tallking about is tunnel build success rate

dr|z3d dunno if they are unresponsive, they're immediately shit-listed.

dr|z3d over time I do see profiled floodfills with 100% failure rates, though.

dr|z3d what's your success avg looking like?

orignal haven't tried

dr|z3d tunnel build success...

orignal if one hope I send TBMR instead TBR to the next router

orignal but when I try to build my own tunnel you drop mine because your global throttling

orignal even if you received nothing from me before