Home Explore Help
Sign In
piros
/
tor
3
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: 14b858c4ce
Branches Tags
tor
/
doc
/
TUNING

TUNING 3.3 KB
History Raw

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586 
  1. Most operating systems limit an amount of TCP sockets that can be used 
    2. 

  2. simultaneously. It is possible for a busy Tor relay to run into these
    3. 

  3. limits, thus being unable to fully utilize the bandwidth resources it 
    4. 

  4. has at its disposal. Following system-specific tips might be helpful
    5. 

  5. to alleviate the aforementioned problem.
    6. 

  6. 

  7. Linux
    8. 

  8. -----
    9. 

  9. 

  10. Use 'ulimit -n' to raise an allowed number of file descriptors to be 
    11. 

  11. opened on your host at the same time.
    12. 

  12. 

  13. FreeBSD
    14. 

  14. -------
    15. 

  15. 

  16. Tune the followind sysctl(8) variables:
    17. 

  17.  * kern.maxfiles - maximum allowed file descriptors (for entire system)
    18. 

  18.  * kern.maxfilesperproc - maximum file descriptors one process is allowed
    19. 

  19.    to use
    20. 

  20.  * kern.ipc.maxsockets - overall maximum numbers of sockets for entire 
    21. 

  21.    system
    22. 

  22.  * kern.ipc.somaxconn - size of listen queue for incoming TCP connections
    23. 

  23.    for entire system
    24. 

  24. 

  25. See also:
    26. 

  26.  * https://www.freebsd.org/doc/handbook/configtuning-kernel-limits.html
    27. 

  27.  * https://wiki.freebsd.org/NetworkPerformanceTuning
    28. 

  28. 

  29. Mac OS X
    30. 

  30. --------
    31. 

  31. 

  32. Since Mac OS X is BSD-based system, most of the above hold for OS X as well.
    33. 

  33. However, launchd(8) is known to modify kern.maxfiles and kern.maxfilesperproc
    34. 

  34. when it launches tor service (see launchd.plist(5) manpage). Also, 
    35. 

  35. kern.ipc.maxsockets is determined dynamically by the system and thus is 
    36. 

  36. read-only on OS X.
    37. 

  37. 

  38. OpenBSD
    39. 

  39. -------
    40. 

  40. 

  41. Because OpenBSD is primarily focused on security and stability, it uses default
    42. 

  42. resource limits stricter than those of more popular Unix-like operating systems.
    43. 

  43. 

  44. OpenBSD stores a kernel-level file descriptor limit in the sysctl variable
    45. 

  45. kern.maxfiles. It defaults to 7,030. To change it to, for example, 16,000 while
    46. 

  46. the system is running, use the command 'sudo sysctl kern.maxfiles=16000'.
    47. 

  47. kern.maxfiles will reset to the default value upon system reboot unless you also
    48. 

  48. add 'kern.maxfiles=16000' to the file /etc/sysctl.conf.
    49. 

  49. 

  50. There are stricter resource limits set on user classes, which are stored in
    51. 

  51. /etc/login.conf. This config file also allows limit sets for daemons started
    52. 

  52. with scripts in the /etc/rc.d directory, which presumably includes Tor.
    53. 

  53. 

  54. To increase the file descriptor limit from its default of 1,024, add the
    55. 

  55. following to /etc/login.conf:
    56. 

  56. 

  57. tor:\
    58. 

  58. 	:openfiles-max=13500:\
    59. 

  59. 	:tc=daemon:
    60. 

  60. 

  61. Upon restarting Tor, it will be able to open up to 13,500 file descriptors.
    62. 

  62. 

  63. This will work *only* if you are starting Tor with the script /etc/rc.d/tor. If
    64. 

  64. you're using a custom build instead of the package, you can easily copy the rc.d
    65. 

  65. script from the Tor port directory. Alternatively, you can ensure that the Tor's
    66. 

  66. daemon user has its own user class and make a /etc/login.conf entry for it.
    67. 

  67. 

  68. High-bandwidth relays sometimes give the syslog warning:
    69. 

  69. 

  70. /bsd: WARNING: mclpools limit reached; increase kern.maxclusters
    71. 

  71. 

  72. In this case, increase kern.maxclusters with the sysctl command and in the file
    73. 

  73. /etc/sysctl.conf, as described with kern.maxfiles above. Use 'sysctl
    74. 

  74. kern.maxclusters' to query the current value. Increasing by about 15% per day
    75. 

  75. until the error no longer appears is a good guideline.
    76. 

  76. 

  77. Disclaimer
    78. 

  78. ----------
    79. 

  79. 

  80. Do note that this document is a draft and above information may be
    81. 

  81. technically incorrect and/or incomplete. If so, please open a ticket
    82. 

  82. on https://trac.torproject.org or post to tor-relays mailing list.
    83. 

  83. 

  84. Are you running a busy Tor relay? Let us know how you are solving
    85. 

  85. the out-of-sockets problem on your system.
    86. 

  86.