ホーム エクスプローラ ヘルプ
サインイン
piros
/
tor
3
0
フォーク 0
ファイル 課題 0 プルリクエスト 0 Wiki
ツリー: 0cb342e859
ブランチ タグ
tor
/
doc
/
spec
/
proposals
/
108-mtbf-based-stability.txt

108-mtbf-based-stability.txt 2.4 KB
履歴 Raw

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061 
  1. Filename: 108-mtbf-based-stability.txt
    2. 

  2. Title: Base "Stable" Flag on Mean Time Between Failures
    3. 

  3. Version: $Revision: 12105 $
    4. 

  4. Last-Modified: $Date: 2007-01-30T07:50:01.643717Z $
    5. 

  5. Author: Nick Mathewson
    6. 

  6. Created: 10-Mar-2007
    7. 

  7. Status: Open
    8. 

  8. 

  9. Overview:
    10. 

  10. 

  11.    This document proposes that we change how directory authorities set the
    12. 

  12.    stability flag from inspection of a router's declared Uptime to the
    13. 

  13.    authorities' perceived mean time between failure for the router.
    14. 

  14. 

  15. Motivation:
    16. 

  16. 

  17.    Clients prefer nodes that the authorities call Stable.  This flag is (as
    18. 

  18.    of 0.2.0.0-alpha-dev) set entirely based on the node's declared value for
    19. 

  19.    uptime.  This creates an opportunity for malicious nodes to declare
    20. 

  20.    falsely high uptimes in order to get more traffic.
    21. 

  21. 

  22. Spec changes:
    23. 

  23. 

  24.    Replace the current rule for setting the Stable flag with:
    25. 

  25. 

  26.    "Stable" -- A router is 'Stable' if it is active and its observed Stability
    27. 

  27.    for the past month is at or above the median Stability for active routers.
    28. 

  28.    Routers are never called stable if they are running a version of Tor
    29. 

  29.    known to drop circuits stupidly. (0.1.1.10-alpha through 0.1.1.16-rc
    30. 

  30.    are stupid this way.)
    31. 

  31. 

  32.    Stability shall be defined as the mean length of the runs observed by a
    33. 

  33.    given directory authority.  A run begins when an authority decides
    34. 

  34.    that the server is Running, and ends when the authority decides that
    35. 

  35.    the server is not Running.  In-progress runs are counted when
    36. 

  36.    measuring Stability.
    37. 

  37. 

  38. Issues:
    39. 

  39. 

  40.    How do you define a clipped MTBF?  If the current month begins with one
    41. 

  41.    day at the end of a one-year uptime, and then has 29 days of uptime, do we
    42. 

  42.    average one day and 29 days?  Or do we average one year and 29 days?  Or
    43. 

  43.    take 29 days on its own and discard the year?
    44. 

  44. 

  45.    Surely somebody has done this kinds of thing before.
    46. 

  46. 

  47. Alternative:
    48. 

  48. 

  49.    "A router's Stability shall be defined as the sum of $alpha ^ d$ for every
    50. 

  50.    $d$ such that the router was not observed to be unavailable $d$ days ago."
    51. 

  51. 

  52.    This allows a simpler implementation: every day, we multiply yesterday's
    53. 

  53.    Stability by alpha, and if the router was running for all of today, we add
    54. 

  54.    1.
    55. 

  55. 

  56. Limitations:
    57. 

  57. 

  58.    Authorities can have false positives and false negatives when trying to
    59. 

  59.    tell whether a router is up or down.  So long as these aren't terribly
    60. 

  60.    wrong, and so long as they aren't significantly biased, we should be able
    61. 

  61.    to use them to estimate stability pretty well.
    62.