Discussion:
[tor-dev] Is there strictly a one-to-one BW scanner to BW auth relationship?
Rob Jansen
2018-03-24 00:13:59 UTC
Permalink
Hi,

I understand that the current bandwidth measurement system is far from ideal, but I am wondering about how the current system works. Does each bandwidth authority also run a bandwidth scanner? Or is it possible that the results from a bandwidth scanner is supplied to multiple authorities?

Thanks!
Rob
Roger Dingledine
2018-03-24 00:21:38 UTC
Permalink
Post by Rob Jansen
I understand that the current bandwidth measurement system is far from ideal, but I am wondering about how the current system works. Does each bandwidth authority also run a bandwidth scanner? Or is it possible that the results from a bandwidth scanner is supplied to multiple authorities?
I believe there are no scanners that supply answers to multiple directory
authorities.

You could in theory check whether this is true in practice by seeing if
any dir auths vote the same numbers.

I think in past bwauth sessions at meetings, people have made lists of
who runs which bwauth.

I think moria1 runs its own, and Faravahar runs its own. I've lost track
of the others, but I'd guess that bastet also runs its own, and that
maatuska pulls numbers from a bwauth that tjr runs.

https://consensus-health.torproject.org/#bwauthstatus

--Roger
Matthew Finkel
2018-03-24 02:02:58 UTC
Permalink
Post by Roger Dingledine
Post by Rob Jansen
I understand that the current bandwidth measurement system is far from ideal, but I am wondering about how the current system works. Does each bandwidth authority also run a bandwidth scanner? Or is it possible that the results from a bandwidth scanner is supplied to multiple authorities?
[...]
Post by Roger Dingledine
I think in past bwauth sessions at meetings, people have made lists of
who runs which bwauth.
Not the original question Rob asked, but a year ago there was a session
and the (reformatted) notes contain:

longclaw: hongkong -> US
moria: US->US
matuska: .se->us
faravahar: us->us
sebastian: de->de

https://trac.torproject.org/projects/tor/wiki/org/meetings/2017Amsterdam/Notes/bwauths

(I don't know why there is a sebastian instead of a gabelmoo).

Obviously the situation has changed a bit since then. I don't know if
any of the bwscanner locations changed, either (not including losing
longclaw and sebastian and adding bastet).
Rob Jansen
2018-03-24 12:50:18 UTC
Permalink
Post by Roger Dingledine
I believe there are no scanners that supply answers to multiple directory
authorities.
Great! IIRC, at one point in the distant past this was not the case.
Post by Roger Dingledine
You could in theory check whether this is true in practice by seeing if
any dir auths vote the same numbers.
Did that; nobody is voting the same numbers. So presumably that means all bwauths are using independent numbers.

I was concerned because bastet and moria1 both stopped voting anything for each of two of my >2 year old relays during distinct time intervals yesterday. I mean there were missing votes, rather than votes of no or low bandwidth. This caused a consensus of Unmeasured=1 and BW=20 for several hours. See [0] if you want to see what I mean by missing votes - I noticed that this happens in every consensus I viewed for at least some number of relays.

I guess maybe I restarted my relays at just the right time to cause a scanner to go nonlinear or something. Things seem to be back to normal now, though. I'm going to chalk this up as bad error handling in the TorFlow code, because that accusation is easy and generally agreeable :D
Post by Roger Dingledine
I think moria1 runs its own, and Faravahar runs its own. I've lost track
of the others, but I'd guess that bastet also runs its own, and that
maatuska pulls numbers from a bwauth that tjr runs.
https://consensus-health.torproject.org/#bwauthstatus
Hmm. I wish we were more transparent about who is running scanners and which bwauths consume results from which scanners. Something to keep in mind for those of us working on next-gen replacement scanners.
Post by Roger Dingledine
Not the original question Rob asked, but a year ago there was a session
Thanks Matt! That is useful :)

Best,
Rob

[0] Warning, this page is quite large, it contains an entry for every relay in the consensus:
https://consensus-health.torproject.org/consensus-health-2018-03-23-11-00.html#0DA9BD201766EDB19F57F49F1A013A8A5432C008
Sebastian Hahn
2018-03-25 16:13:50 UTC
Permalink
Post by Rob Jansen
Post by Roger Dingledine
I think moria1 runs its own, and Faravahar runs its own. I've lost track
of the others, but I'd guess that bastet also runs its own, and that
maatuska pulls numbers from a bwauth that tjr runs.
https://consensus-health.torproject.org/#bwauthstatus
Hmm. I wish we were more transparent about who is running scanners and which bwauths consume results from which scanners. Something to keep in mind for those of us working on next-gen replacement scanners.
It is at the discretion of the bwauth operator to ensure that
they're using a trusted source for their data. To me, that
means anything other than running the code myself is utterly
unacceptable, other operators might make other choices. I
think it makes sense to say that the operator of a given bw
auth is *responsible* for whatever they're voting on, whether
they run the bwauth themselves or not.

Cheers
Sebastian
Rob Jansen
2018-03-25 17:16:01 UTC
Permalink
Post by Sebastian Hahn
Post by Rob Jansen
Post by Roger Dingledine
I think moria1 runs its own, and Faravahar runs its own. I've lost track
of the others, but I'd guess that bastet also runs its own, and that
maatuska pulls numbers from a bwauth that tjr runs.
https://consensus-health.torproject.org/#bwauthstatus
Hmm. I wish we were more transparent about who is running scanners and which bwauths consume results from which scanners. Something to keep in mind for those of us working on next-gen replacement scanners.
It is at the discretion of the bwauth operator to ensure that
they're using a trusted source for their data. To me, that
means anything other than running the code myself is utterly
unacceptable, other operators might make other choices. I
think it makes sense to say that the operator of a given bw
auth is *responsible* for whatever they're voting on, whether
they run the bwauth themselves or not.
I totally agree! Though, I do think that the decisions of which data sources are used could be made public - not as a means to call into question or criticize the choice of the data source, but more as a means to understand how the system works. Eventually (in an ideal world where the scanners report their status) the community could help monitor the health of the scanners. If this makes the job of a bwauth more difficult (we should design it so it doesn't), that should certainly be considered as well.

Best,
Rob
Roger Dingledine
2018-04-02 03:45:28 UTC
Permalink
Post by Rob Jansen
I was concerned because bastet and moria1 both stopped voting anything
for each of two of my >2 year old relays during distinct time intervals
yesterday. I mean there were missing votes, rather than votes of no or
low bandwidth.
I've filed a ticket for what I think is the root cause:

https://trac.torproject.org/25685

There is indeed a bandaid in place so that relays generally recover from
this situation, but hopefully we can do even better.

See also
https://lists.torproject.org/pipermail/tor-relays/2018-March/014764.html
for where a similar thing happened to another relay operator.

--Roger

Loading...