IRCaBot 2.1.0
GPLv3 © acetone, 2021-2022
#saltr
/2024/11/04
~dr|z3d
@RN
@RN_
@StormyCloud
@T3s|4
@T3s|4_
@eyedeekay
@orignal
@postman
@zzz
%Liorar
+FreefallHeavens
+Leopold
+Xeha
+acetone
+bak83
+cancername
+cumlord
+hk
+profetikla
+uop23ip
+weko
An0nm0n
Arch
Danny
DeltaOreo
Irc2PGuest21357
Irc2PGuest21881
Irc2PGuest43426
Meow
Nausicaa
Onn4l7h
Onn4|7h
Over1
anon2
anu3
boonst
mareki2pb
not_bob_afk
plap
poriori_
shiver_
simprelay
solidx66
thetia
tr
u5657
orignal if I create a new routers
dr|z3d we all love you here, obviously. :)
orignal it will be full of transit shortly
dr|z3d anyways, 2.5m is too short a backoff.
orignal how do I know if Java routers drop me or not
dr|z3d you should get a rejection, not a drop.
RN same way you are blaming java routers of dropping 2rry
orignal I'm talking about 2RRY case
dr|z3d run I2P+, have some fun, see what a real UI looks like.
RN I'm saying make one like 2rry and see if it happens again.
orignal RN I can't repeat this scenario because the attack
RN well
RN make three
RN ahh
orignal a router reaches cap quickly
RN after atack
orignal and attacker is i2pd
orignal it might last for years
RN mine don't seem to be experiencing an attack
RN maybe I'm not watching the right numbers
orignal i2pd of course doen't care about wrong family key
orignal once it becomes good
dr|z3d check your bandwidth graph, RN.
orignal 2RRY is always jusm between 500 Kbs to 15 Mbs
dr|z3d if it's spiky, you're probably under attack like the rest of us.
orignal so I can't evaluate
RN the usual high and low 'sawtooth' at the timeframe I watch
orignal if the problem with Java still exists
dr|z3d that sawtooth is attack.
orignal even I create a new router it will be the same
orignal Transit: 811.88 GiB (396.16 KiB/s)
orignal Router Caps: XfRE
orignal few minutes ago it was 15 mbs
dr|z3d MB or Mb?
orignal so what does it tell me?
orignal megabytes
orignal and now it's 400 kilobytes
dr|z3d it tells you there are a substantial amount of routers pushing serious traffic over the network.
orignal but I don't know if 2RRY is good for Java routers or not
dr|z3d pretty sure 2RRY is fine.
dr|z3d looks fine from where I'm sitting.
dr|z3d Total tunnels peer agreed to participate in7
dr|z3d Total tunnels peer refused to participate in7
dr|z3d Total failed tunnels peer agreed to participate in4
dr|z3d Number of times peer sent us something unrequested and not seen before1
dr|z3d Number of times peer sent us something unrequested but seen before3
dr|z3d Number of times peer never responded to a lookup request13
dr|z3d Number of times peer sent a valid response to a lookup request2
dr|z3d Average peer response time17.22 seconds
orignal yes but it's only for you
orignal we still don't know about the majority of Java routers
dr|z3d latency is off the charts.
orignal because zzz saw the problem after more than a wekk
dr|z3d if you want peace of mind, install I2P or I2P+
orignal peer response is result of attack to the hoster
orignal Transit: 814.74 GiB (13207.98 KiB/s)
dr|z3d 13MB/s eh.
RN ¿ can we just unplug it and plug it in again ?
orignal 2RRY?
RN ))
RN no all of I2P
RN hehehe
dr|z3d the answer to 2RRY is I2P+.
dr|z3d next question? :)
RN we need to unplug that (those) asshat(s) running the attack
dr|z3d yeah, we don't see quite so much traffic in java-land, orignal, because throttles.
RN so how do we find them while they use things like I2P to hide themselves
RN yes throttling... I'd throttle the neck of the attacker if I met them.
RN especially if they claim to be "just following orders"
RN but, functionally, I really don't notice anything I attribute to 'an attack being active'
RN my stuff is still working
RN noted about the graphs
dr|z3d also, backoff -> 10m !2.5m and you'll see much less rejections from java routers. (reminder)
dr|z3d eepsite access is less than stellar, that's probably an obvious side-effect.
RN you mean mine? or in general?
dr|z3d generally, though it's variable.
RN maybe I'm just not looking at the right times, but stuff is loading for me prety fast right now and last few days when I looked at things like ramble, irc-scores and translate.idk
RN due for a little catch up on notbob
RN I'll wait for a high part of the sawtooth and try then
RN actually, I mispoke before, more a square wave than sawtooth
dr|z3d just call it a bumpy ride :)
RN *** fastens seatbelts ***
dr|z3d fwiw: X== Over 2,048KBps shared bandwidth
orignal it's not my goal
orignal and I'm fine with such traffic
orignal I can test under load
orignal R4SAS said 40 MBs today and some threads comsume entire core
orignal I'm wondring at which moment Java reaches this situation
dr|z3d sure, but you'll still get a decent amount of traffic if you throttle requests from individual routers. 8MB/s is plenty.
dr|z3d yeah, I've seen that on java before.
orignal That's why I want to move x25519 to another thread
dr|z3d or do what we do and pre-cache keys.
dr|z3d <zzz> no, but we have a queue of eph. keys precalculated, so that saves a little
orignal it's one part
orignal second part is key agreement
orignal ofc I have pre-calculation
dr|z3d ok, sort of got ls partial match working, zzz.
dr|z3d it matches the first found lease right now, ideally it should match all leases that contain the query string.
dr|z3d ok, now it's returning more than one result \o/
dr|z3d still not quite the results I want, but progress.
dr|z3d ok, this one's dubious: sIVCheipBdmN6ptApsK6q1fDX9vc2oovkfw7Uhlmafw=
dr|z3d L tier, pushing 200K/s
dr|z3d also dubious @ 130K/s (L) rEypFHVYwBJ0ePIN9WIGwiHCO-NMsNGB-GpsSNWJakA=
dr|z3d smtp.wugi.info
orignal i2pd doesn't limit current speed
orignal it limits new tunnels
orignal e.g. a siugnle tunnel can send 200 K/s even on L
orignal but that L wouldn't accept more tunnels
dr|z3d another XG demanding a ton of tunnels. c-DZ1TeE~V50zWSuZf0WNkpLYMhIXq0Z5wpqioyDxfg=
dr|z3d L12 - 48 KBps shared bandwidth
dr|z3d if a user sets their router to L tier, the expectation is they won't be pushing more than 48KB/s upstream.
dr|z3d otherwise, what's the point of setting bandwidth limits?
dr|z3d you need some sort of bandwidth test, orignal, so the user can make an informed decision about how much b/w they want to share, and perhaps also to adjust limits based on results.
dr|z3d but more importantly, you should be setting upstream limits based on what the user has configured.
dr|z3d maybe I'm on a VPS with a data cap, and I configure my bandwidth limits to avoid hitting that cap.. as it stands, i2pd will blast right through that cap.
orignal i2pd uses bandwidth to control number of tunnels
orignal the blast will be for short time
orignal and in average it will be what user set
orignal it worked this way for years
orignal nobody complains
orignal maybe spike but average works fine
orignal hence you never exceed your VPS bandwidth
orignal and i2pd never limits own raffic
orignal *traffic
orignal only transit
orignal and I know who is demanding tonns of tunnels
orignal that monkey who attacks Ilita with bots
orignal he has to create thousands of local destinations
dr|z3d he can do that programatically.
dr|z3d I wonder what sort of traffic he's pushing over them.
dr|z3d maybe just pulling huge files 24/7.
orignal no, monkey is not familiarwith SAM/BOB
orignal for huge fules you don't need tonns of tunnels
orignal for tonns of addresses yoy do
dr|z3d no, you don't, but if you want to hit the network hard, you want a ton of tunnels/dests and huge files being requested from all of them.
dr|z3d also, monkey might not know bob/sam, but monkey might have found a script.
orignal usually they create thousands of tunnels in config
RN Bad Monkey!(tm)
orignal what was the IP of XG? Tor?
dr|z3d sure, that's what I'm suggesting, wouldn't be difficult to script dests for the .config
dr|z3d didn't have any ips.
orignal then how do you know that it generates tonn of tunnels if it's not connected to you directy
dr|z3d the RI displays no IP, but I see a large tunnel count. Strange, but true.
orignal but how do you see them?
orignal how do you know if a tunnel came from router if you didn't have connection with it?
dr|z3d occasionally I'll see a router in the tunnels listing that indicates tunnel count, but without an ip.
dr|z3d or maybe I missed the ip which wasn't in the RI. can't remember.
orignal and how does it work?
orignal you should take an IP from endpoint
dr|z3d yeah, mostly I do, I look at the transport ip.
orignal then something worng in your code
orignal nobody can connect without endpoint
dr|z3d unless there's some sort of obfuscation in play.
dr|z3d dunno, I'll keep an eye on suspect routers and let you know if I see another that doesn't have an obvious ip./
orignal it's impossible
orignal Vort clearly sees thier IP
orignal and it's ipv6
dr|z3d that could be it, on routers without ipv6.
dr|z3d what about backoff period for rejected requests? you fixed that yet?
orignal I'm busy with something else
orignal you missed the point
dr|z3d it's a single variable value. set to 10*60*1000 and you're golden.
orignal Vort saw real NTCP2 conections to these routers
orignal no, it's profiling logic I need to review it again
dr|z3d like I said, I'll keep an eye on things and let you know if I see anything interesting.
zzz no, XG is not all ipv6
zzz also, investigting attempted all-zeros RI stores, several per day
orignal what is all-zeros RI store?
zzz WARN [ handler 1/1] FloodfillNetworkDatabaseFacade: Invalid store attempt! key does not match routerInfo.identity! key = [Hash: iOVJ9WBSwEGPtQ5ZpC6AZdD4-1Ub6VrUUs5hzVg-vuI=], router = [RouterInfo:
zzz Identity: [RouterIdentity:
zzz Hash: MRn86w6tHQgE25D7DIejOBCJ-dImSjdsQaOaBuUypkE=
zzz Certificate: [Certificate: type: Null payload: null]
zzz PublicKey: [PublicKey ELGAMAL_2048 size: 256]
zzz SigningPublicKey: [SigningPublicKey DSA_SHA1 size: 128]]
zzz Signature: [Signature DSA_SHA1: size: 40]
zzz Published: Thu Jan 01 00:00:00 GMT 1970
zzz Options (0):]
orignal timestamp zero
zzz everything zero. the hash is the hash of 387 zeros
orignal btw, do we have an I2CP option to not recreate a tunnel when expires?
orignal thanks
orignal I have a request for one
orignal always create a new tunnel
zzz email me a patch to the spec, mark it i2pd-only
orignal I want to implement is as i2cp param
orignal e.g. not only for tunnels, but also for SAM and I2CP
zzz email me a patch to the spec, mark it i2pd-only
orignal so you suggest me to invent own param
zzz yeah because if I ever did it it would probably be a router config option, not a per-client option
orignal I think to do it per destination
orignal per local destination
orignal for one service you might want it for another no
dr|z3d per client _might_ be useful, dunno. what's your use case, orignal?