mirror of
https://gitlab.torproject.org/tpo/core/tor.git
synced 2024-11-30 23:53:32 +01:00
Add a temporary section to dir-spec reflecting what we actually do now.
svn:r5097
This commit is contained in:
parent
9fa3a4a5e4
commit
fbedb32ee1
@ -270,6 +270,70 @@ $Id$
|
||||
It uses the last-mapped identity value, unless all of the "binding"
|
||||
network status documents bind the name to some other identity.
|
||||
|
||||
5.3. Notes on what we do now.
|
||||
|
||||
THIS SECTION SHOULD BE FOLDED INTO THE EARLIER SECTIONS; THEY ARE WRONG;
|
||||
THIS IS RIGHT.
|
||||
|
||||
All downloaded networkstatuses are discarded once they are 10 days old (by
|
||||
published date).
|
||||
|
||||
Authdirs download each others' networkstatus every
|
||||
AUTHORITY_NS_CACHE_INTERVAL minutes (currently 10).
|
||||
|
||||
Directory caches download authorities' networkstatus every
|
||||
NONAUTHORITY_NS_CACHE_INTERVAL minutes (currently 10).
|
||||
|
||||
Clients always try to replace any networkstatus received over
|
||||
NETWORKSTATUS_MAX_VALIDITY ago (currently 2 days). Also, when the most
|
||||
recently received networkstatus is more than
|
||||
NETWORKSTATUS_CLIENT_DL_INTERVAL (30 minutes) old, and we do not have any
|
||||
open directory connections fetching a networkstatus, clients try to
|
||||
download the networkstatus on their list after the most recently received
|
||||
networkstatus, skipping failed networkstatuses. A networkstatus is
|
||||
"failed" if NETWORKSTATUS_N_ALLOWABLE_FAILURES (3) attempts in a row have
|
||||
all failed.
|
||||
|
||||
We do not update router statuses if we have less than half of the
|
||||
networkstatuses.
|
||||
|
||||
A networkstatus is "live" if it is the most recent we have received signed
|
||||
by a given trusted authority.
|
||||
|
||||
A networkstatus is "recent" if it is "live" and:
|
||||
- it was received in the last DEFAULT_RUNNING_INTERVAL (currently 60
|
||||
minutes)
|
||||
OR - it was one of the MIN_TO_INFLUENCE_RUNNING (3) most recently received
|
||||
networkstatuses.
|
||||
|
||||
Authorities always believe their own opinion as to a router's status. For
|
||||
other tors:
|
||||
- a router is valid if more than half of the live networkstatuses think
|
||||
it's valid.
|
||||
- a router is named if more than half of the live networkstatuses from
|
||||
naming authorities think it's named, and they all think it has the
|
||||
same name.
|
||||
- a router is running if more than half of the recent networkstatuses
|
||||
think it's running.
|
||||
|
||||
Everyone downloads router descriptors as follows:
|
||||
|
||||
- If any networkstatus lists a more recently published routerdesc with a
|
||||
different descriptor digest, and no more than
|
||||
MAX_ROUTERDESC_DOWNLOAD_FAILURES attempts to retrieve that routerdesc
|
||||
have failed, then that routerdesc is "downloadable".
|
||||
|
||||
- Every DirFetchInterval, or whenever a request for routerdescs returns
|
||||
no routerdescs, we launch a set of requests for all downloadable
|
||||
routerdescs. We divide the downloadable routerdescs into groups of no
|
||||
more than DL_PER_REQUEST, and send a request for each group to
|
||||
directory servers chosen independently.
|
||||
|
||||
- We also launch a request as above when a request for routerdescs
|
||||
fails and we have no directory connections fetching routerdescs.
|
||||
|
||||
|
||||
|
||||
6. Remaining issues
|
||||
|
||||
Client-knowledge partitioning is worrisome. Most versions of this don't
|
||||
|
Loading…
Reference in New Issue
Block a user