ticket24902 875 B

  1. o Major features (denial of service mitigation):
  2. - Give relays some defenses against the recent network overload. We start
  3. with three defenses (default parameters in parentheses). First: if a
  4. single client address makes too many concurrent connections (>100), hang
  5. up on further connections. Second: if a single client address makes
  6. circuits too quickly (more than 3 per second, with an allowed burst of
  7. 90) while also having too many connections open (3), refuse new create
  8. cells for the next while (1-2 hours). Third: if a client asks to
  9. establish a rendezvous point to you directly, ignore the request. These
  10. defenses can be manually controlled by new torrc options, but relays
  11. will also take guidance from consensus parameters, so there's no need to
  12. configure anything manually. Implements ticket 24902.