IRCaBot 2.1.0
GPLv3 © acetone, 2021-2022
#saltr
/2024/04/30
StormyCloud orignal, are you blocking tor requests to your i2pd reseed servers?
orignal what is i2pd reseed servers?
StormyCloud The i2pd.xyz reseed hosts?
orignal it's R4SAS's
orignal will ask him
orignal mine is through yggdrasil only
StormyCloud ah gotcha, my apologies I thought you were running them
dr|z3d R4SAS runs the i2pd reseed servers, StormyCloud
not_bob_afk Bah, my instances are out of sync.
RN ever get that syncing feeling?
not_bob_afk Yep, just getting errors when I try to sync them.
not_bob_afk Also, my data collection for my graph is broken for i2pd, somewhat.
not_bob_afk Since they are doing a very bad job of creating http tunnels, they can't report.
dr|z3d new + /dev/ build available, still reports at -10+
not_bob_afk I think my issue is on the i2pd end.
not_bob_afk But, I was able to connect to i2pd routers today.
not_bob_afk I'll update anyway for good measure though.
dr|z3d when the network's this turbulent, updating is always a good idea if you get whiff of new mitigations or optimizations.
not_bob_afk Agreed fully.
dr|z3d well, mostly. unless you just want to stick to release builds, in which case you'll still get out-of-band updates sometimes if warranted.
not_bob_afk It looks like things have been broken since my last update.
dr|z3d that says precisely nothing.
dr|z3d "things are broken" is about as useful as "it doesn't work"
not_bob_afk I agree.
dr|z3d if you're going to share insights, please do a bit better :)
not_bob_afk I'm sharing frustration.
RN technologies were hating me earlier today, I know how you feel
not_bob_afk Ever lost your 10mm socket inside an engine?
snex Engine? No. Transmission yes
not_bob_afk Both are bad.
dr|z3d we could all bang on about how things are broken, but it doesn't help fix the problem. you know. yes, it's frustrating, no, it's not helpful without specifics.
not_bob I agree, which is why I try to limit how much I do it.
not_bob Anyway, hosts are, or will be in sync now. That fixed it.
dr|z3d if (not_bob is on a rant) {drop = true}
not_bob I'm done at this point :)
dr|z3d good man.
not_bob Now, where is my emotional support kitten?
zzz speaking of excessive lookups, we added this throttle a decade ago and it's still dropping huge numbers of them:
zzz 04/30 14:32:46.618 WARN [ handler 1/1] nel.OutboundMessageDistributor: Drop msg at OBEP (new conn throttle) to [Hash: 1Agi~RrrAd-r-2hKj3Ck99mvCKcBuheNWf7pSHLRmfI=] [DatabaseLookupMessage:
zzz 04/30 14:32:47.576 ^^^ 35 similar messages omitted ^^^
orignal real lookups or fakes?
zzz how would I tell the difference?
orignal I'm asking what you are printing
orignal same ident many times or different idents?
eyedeekay zzz I filed the revert MR for the schedulable blocklist deletion: git.idk.i2p/i2p-hackers/i2p.i2p/-/merge_requests/192 it pretty straightforwardly rips out the feature and nothing else, let me know if you want to eyeball it otherwise I'll just merge it
zzz different
orignal then why do you trottle?
zzz eyedeekay, I'll look real quick, why not
orignal maybe real requests
eyedeekay Thanks zzz
zzz orignal, to prevent excessive "fan out", driving the obep router to connection limits
orignal and what's the limit?
zzz it's really high, stand by...
zzz probably too high
zzz 60 new connections in 30 seconds, per-OBEP
orignal 2 connections per second. It's nothing
orignal think about p2p
dr|z3d slowly, slowly, we'll get orignal onboard with the concept of throttling. :)
orignal if I run a torrent if might be hundreds
zzz what p2p app tries to connect to 120 destinations a minute?
zzz i2psnark won't do hundreds, no. Not in 30 seconds
orignal you never know
dr|z3d I think he has a pretty good idea, orignal :)
orignal in my opinion we should trorrle if exceeds 10 requests per second
dr|z3d you're not throttling anything at all right now, orignal, right?
orignal we only limit transports queues
orignal if a message was not sent for some time we drop it
zzz the vast majority I'm tossing are RI lookups
orignal if you do it at OBEP how do you know if it's lookup?
dr|z3d I've increased the tolerances for lookups to keep orignal happy. Doesn't seem to snag many routers now.
orignal what if you have them in garlic?
zzz eyedeekay, approved, although I believe in the tile you mean MR !93, not issue #93
zzz *title
eyedeekay Yeah that is what I meant
zzz the throttle doesn't care about message type; I'm just reporting that almost all of them are unencrypted RI lookups
dr|z3d I'm sure we can reach a happy middle ground somewhere orignal where you do some throttling of lookups, and we increase the tolerances, though tbh, 30/30s or 60/90s seems like plenty to me.
orignal zzz ?
zzz looks to me like a netdb refresh at startup or something
orignal what if it's real heavy traffic?
orignal if you don't care about message type
orignal say 1 Mb/sec
zzz heavy traffic is fine. huge fanout is not
zzz just pointing out this throttle has been there for 10 years, working well
orignal what if it goes to hundreds fo destinations
orignal dude, 10 years ago I2P was slow and usuable newtork
orignal nodays people watch youtube through it
zzz you're not going to do hundreds of dests out one tunnel, and we have guidelines on how many tunnels a server should have that cover this scenario
orignal so be carefull with trottling
zzz we are always careful
zzz philosophy #1. Protect the router from overload
orignal say I mutlicast video to throughs of subscribers at the same time
zzz see zzz.i2p guidelines on how many tunnels you need
orignal philosophy #1. you can protect your router first but you limits must be declared
orignal my point is if you trottle something at some level
orignal this level must be published in your properties
zzz declaration is on zzz.i2p post from years ago. thottles are implementation-dependent and subject to change at any time
zzz to address ongoing and evolving threats
orignal that's why it's improrant to know
zzz are you doing 100s of RI lookups per minute out a tunnel?
orignal people keep complaining that i2p can't handle traffic of few megs per sec
zzz this is not about bandwidth
orignal <zzz> the throttle doesn't care about message type
orignal that's your statemnt
orignal meaning it's applied to garlic messages
dr|z3d he's addressed the issue to some degree, zzz. he was queuing lookups and pumping them out every 15s before.
orignal dr|z3d that
zzz that's true, but no application is sending to hundreds of different places per minute
orignal 's fixed
orignal I told you an example
dr|z3d that's what I said, orignal :)
orignal video streaming service to many subscribers
orignal multicast-like
dr|z3d that's a good start.
dr|z3d if you can ensure you're not sending out > 30/30s, all the better, or 60/90s, better still.
orignal so it would be nice to publish some property
orignal real example people run online game server
orignal minecraft or something like this
zzz One tunnel for every 20-50 clients connected in a one-minute period.
orignal bunch of players are connected to single game server
orignal and server sends updated to all of them
orignal weko can tell better about thier setup
zzz if following the recommendations it's fine
zzz I can't allow a single tunnel to drive me to connection limits
zzz it's a very basic protection, that's why it's been there 10 years
orignal then publish a proprety
zzz I'm just wondering why the huge number of lookups
orignal and will solbe the problem
dr|z3d that's probably another alien concept for i2pd. orignal, you enforce connection limits per transport?
orignal no I don't
dr|z3d huge number of lookups when single routers are hosting 400K transit tunnels.
zzz you put a property in the build request saying how many conns or lookups you want per minute, I'll accept or reject
orignal zzz, wait
orignal you receive huge number of lookup at OBEP?
orignal put property telling your trttling limits
orignal that's all
orignal if I pick RI for OBEP and find this limit too low for my needs I bypass it
zzz ok, without a property, the default is 60 in 30 seconds
orignal it's for Java but not for i2pd
zzz so are you sending out hundreds of RI lookups per minute? or not? these are not LS lookups
orignal and dr|z3d might have different limits
orignal trough a tunnel or directly?
zzz tunnel
orignal ofc no
orignal and if you seem at OBEP as llokup
orignal it means they are unencrypted
orignal that's my question. how come?
orignal if I send a lookup though a tunnel I encrypt it for FF
orignal outbound->SendTunnelDataMsgTo (nextFloodfill->GetIdentHash (), 0,
orignal i2p::garlic::WrapECIESX25519MessageForRouter (msg, nextFloodfill->GetIdentity ()->GetEncryptionPublicKey ()));
orignal that's my code to send RI lookup through a tunnel
dr|z3d seeing those more often than we should -> Dropping duplicate DatabaseLookupMessage (RI lookup)
orignal zzz question
orignal when we receive lookup and return DSRM
orignal do we include any 3 closest routers or only close than us?
orignal docs don't answer this question
orignal or even 255
orignal well not 255 but 32 to fit 1K