StormyCloud
orignal, are you blocking tor requests to your i2pd reseed servers?
orignal
what is i2pd reseed servers?
StormyCloud
The i2pd.xyz reseed hosts?
orignal
it's R4SAS's
orignal
will ask him
orignal
mine is through yggdrasil only
StormyCloud
ah gotcha, my apologies I thought you were running them
dr|z3d
R4SAS runs the i2pd reseed servers, StormyCloud
not_bob_afk
Bah, my instances are out of sync.
RN
ever get that syncing feeling?
not_bob_afk
Yes :(
not_bob_afk
Yep, just getting errors when I try to sync them.
not_bob_afk
Lame.
not_bob_afk
Also, my data collection for my graph is broken for i2pd, somewhat.
not_bob_afk
Since they are doing a very bad job of creating http tunnels, they can't report.
dr|z3d
new + /dev/ build available, still reports at -10+
not_bob_afk
I think my issue is on the i2pd end.
not_bob_afk
But, I was able to connect to i2pd routers today.
not_bob_afk
I'll update anyway for good measure though.
dr|z3d
when the network's this turbulent, updating is always a good idea if you get whiff of new mitigations or optimizations.
not_bob_afk
Agreed fully.
dr|z3d
well, mostly. unless you just want to stick to release builds, in which case you'll still get out-of-band updates sometimes if warranted.
not_bob_afk
It looks like things have been broken since my last update.
dr|z3d
that says precisely nothing.
dr|z3d
"things are broken" is about as useful as "it doesn't work"
not_bob_afk
I agree.
dr|z3d
if you're going to share insights, please do a bit better :)
not_bob_afk
I'm sharing frustration.
RN
technologies were hating me earlier today, I know how you feel
not_bob_afk
Ever lost your 10mm socket inside an engine?
not_bob_afk
Yeah...
snex
Engine? No. Transmission yes
not_bob_afk
Ouch
not_bob_afk
Both are bad.
dr|z3d
we could all bang on about how things are broken, but it doesn't help fix the problem. you know. yes, it's frustrating, no, it's not helpful without specifics.
not_bob
I agree, which is why I try to limit how much I do it.
not_bob
Anyway, hosts are, or will be in sync now. That fixed it.
dr|z3d
if (not_bob is on a rant) {drop = true}
not_bob
I'm done at this point :)
dr|z3d
good man.
not_bob
Now, where is my emotional support kitten?
zzz
speaking of excessive lookups, we added this throttle a decade ago and it's still dropping huge numbers of them:
zzz
04/30 14:32:46.618 WARN [ handler 1/1] nel.OutboundMessageDistributor: Drop msg at OBEP (new conn throttle) to [Hash: 1Agi~RrrAd-r-2hKj3Ck99mvCKcBuheNWf7pSHLRmfI=] [DatabaseLookupMessage:
zzz
04/30 14:32:47.576 ^^^ 35 similar messages omitted ^^^
orignal
real lookups or fakes?
zzz
how would I tell the difference?
orignal
I'm asking what you are printing
orignal
same ident many times or different idents?
eyedeekay
zzz I filed the revert MR for the schedulable blocklist deletion: git.idk.i2p/i2p-hackers/i2p.i2p/-/merge_requests/192 it pretty straightforwardly rips out the feature and nothing else, let me know if you want to eyeball it otherwise I'll just merge it
zzz
different
orignal
then why do you trottle?
zzz
eyedeekay, I'll look real quick, why not
orignal
maybe real requests
eyedeekay
Thanks zzz
zzz
orignal, to prevent excessive "fan out", driving the obep router to connection limits
orignal
and what's the limit?
zzz
it's really high, stand by...
zzz
probably too high
zzz
60 new connections in 30 seconds, per-OBEP
orignal
2 connections per second. It's nothing
orignal
think about p2p
dr|z3d
slowly, slowly, we'll get orignal onboard with the concept of throttling. :)
orignal
if I run a torrent if might be hundreds
zzz
what p2p app tries to connect to 120 destinations a minute?
zzz
i2psnark won't do hundreds, no. Not in 30 seconds
orignal
you never know
dr|z3d
I think he has a pretty good idea, orignal :)
orignal
in my opinion we should trorrle if exceeds 10 requests per second
dr|z3d
you're not throttling anything at all right now, orignal, right?
orignal
no
orignal
we only limit transports queues
orignal
if a message was not sent for some time we drop it
zzz
the vast majority I'm tossing are RI lookups
orignal
if you do it at OBEP how do you know if it's lookup?
dr|z3d
I've increased the tolerances for lookups to keep orignal happy. Doesn't seem to snag many routers now.
orignal
what if you have them in garlic?
zzz
eyedeekay, approved, although I believe in the tile you mean MR !93, not issue #93
zzz
*title
eyedeekay
Yeah that is what I meant
zzz
the throttle doesn't care about message type; I'm just reporting that almost all of them are unencrypted RI lookups
dr|z3d
I'm sure we can reach a happy middle ground somewhere orignal where you do some throttling of lookups, and we increase the tolerances, though tbh, 30/30s or 60/90s seems like plenty to me.
orignal
zzz ?
zzz
looks to me like a netdb refresh at startup or something
orignal
what if it's real heavy traffic?
orignal
if you don't care about message type
orignal
say 1 Mb/sec
zzz
heavy traffic is fine. huge fanout is not
zzz
just pointing out this throttle has been there for 10 years, working well
orignal
what if it goes to hundreds fo destinations
orignal
dude, 10 years ago I2P was slow and usuable newtork
orignal
nodays people watch youtube through it
zzz
you're not going to do hundreds of dests out one tunnel, and we have guidelines on how many tunnels a server should have that cover this scenario
orignal
so be carefull with trottling
orignal
why?
zzz
we are always careful
zzz
philosophy #1. Protect the router from overload
orignal
say I mutlicast video to throughs of subscribers at the same time
zzz
see zzz.i2p guidelines on how many tunnels you need
orignal
philosophy #1. you can protect your router first but you limits must be declared
orignal
my point is if you trottle something at some level
orignal
this level must be published in your properties
zzz
declaration is on zzz.i2p post from years ago. thottles are implementation-dependent and subject to change at any time
orignal
ofc
zzz
to address ongoing and evolving threats
orignal
that's why it's improrant to know
zzz
are you doing 100s of RI lookups per minute out a tunnel?
orignal
people keep complaining that i2p can't handle traffic of few megs per sec
zzz
this is not about bandwidth
orignal
<zzz> the throttle doesn't care about message type
orignal
that's your statemnt
orignal
meaning it's applied to garlic messages
dr|z3d
he's addressed the issue to some degree, zzz. he was queuing lookups and pumping them out every 15s before.
orignal
dr|z3d that
zzz
that's true, but no application is sending to hundreds of different places per minute
orignal
's fixed
orignal
I told you an example
dr|z3d
that's what I said, orignal :)
orignal
video streaming service to many subscribers
orignal
multicast-like
dr|z3d
that's a good start.
dr|z3d
if you can ensure you're not sending out > 30/30s, all the better, or 60/90s, better still.
orignal
so it would be nice to publish some property
orignal
real example people run online game server
orignal
minecraft or something like this
zzz
One tunnel for every 20-50 clients connected in a one-minute period.
orignal
bunch of players are connected to single game server
orignal
and server sends updated to all of them
orignal
weko can tell better about thier setup
zzz
if following the recommendations it's fine
zzz
I can't allow a single tunnel to drive me to connection limits
zzz
it's a very basic protection, that's why it's been there 10 years
orignal
then publish a proprety
zzz
I'm just wondering why the huge number of lookups
orignal
and will solbe the problem
dr|z3d
that's probably another alien concept for i2pd. orignal, you enforce connection limits per transport?
orignal
no I don't
dr|z3d
huge number of lookups when single routers are hosting 400K transit tunnels.
zzz
you put a property in the build request saying how many conns or lookups you want per minute, I'll accept or reject
orignal
zzz, wait
orignal
you receive huge number of lookup at OBEP?
orignal
put property telling your trttling limits
orignal
that's all
orignal
if I pick RI for OBEP and find this limit too low for my needs I bypass it
zzz
ok, without a property, the default is 60 in 30 seconds
orignal
it's for Java but not for i2pd
zzz
so are you sending out hundreds of RI lookups per minute? or not? these are not LS lookups
orignal
and dr|z3d might have different limits
orignal
trough a tunnel or directly?
zzz
tunnel
orignal
ofc no
orignal
and if you seem at OBEP as llokup
orignal
it means they are unencrypted
orignal
that's my question. how come?
orignal
if I send a lookup though a tunnel I encrypt it for FF
orignal
outbound->SendTunnelDataMsgTo (nextFloodfill->GetIdentHash (), 0,
orignal
i2p::garlic::WrapECIESX25519MessageForRouter (msg, nextFloodfill->GetIdentity ()->GetEncryptionPublicKey ()));
orignal
that's my code to send RI lookup through a tunnel
dr|z3d
seeing those more often than we should -> Dropping duplicate DatabaseLookupMessage (RI lookup)
orignal
zzz question
orignal
when we receive lookup and return DSRM
orignal
do we include any 3 closest routers or only close than us?
orignal
docs don't answer this question
orignal
or even 255
orignal
well not 255 but 32 to fit 1K