Date: Fri, 7 Nov 2014 14:32:42 -0800 From: John-Mark Gurney <jmg@funkthat.com> To: d@delphij.net Cc: tor-relays@lists.torproject.org, FreeBSD Net <freebsd-net@freebsd.org>, Adrian Chadd <adrian@freebsd.org>, grarpamp <grarpamp@gmail.com> Subject: Re: [tor-relays] FreeBSD's global IP ID Message-ID: <20141107223242.GZ24601@funkthat.com> In-Reply-To: <545D3C9E.2000201@delphij.net> References: <CAD2Ti28BFsedyPC7VBR-Rz8c2_4CAQDnBFopnRHEX45sgqmjtA@mail.gmail.com> <20141106135228.GE3824@nymity.ch> <CAD2Ti2-eKzbU3trE0qiTDdK73hsxNGuRy7VJee52%2BWmNC5H%2BmA@mail.gmail.com> <CAJ-VmomY34S=Lx5uNF_9%2BuSjd=74fCEFwOeo_CvSUO1qRFVH1A@mail.gmail.com> <545D3C9E.2000201@delphij.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Xin Li wrote this message on Fri, Nov 07, 2014 at 13:41 -0800: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA512 > > On 11/07/14 08:31, Adrian Chadd wrote: > > ... that's .. odd. > > > > Let's poke the freebsd crypto and network stack people and ask. I > > can't imagine why this is a problem anymore and we should default > > to it being on. The other thing you could do is have the tor port > > require it be turned on before tor runs. > > If I remember correctly, it wasn't about security but about > performance, the idea was to make the option per-interface (so that > e.g. for internal, fast connection, don't bother to do it), but that > never happen. > > I personally enable it on all my systems to sink away more kernel > arc4rand output (which is, unfortunately a side effect of wrong (IMO) > behavior, because the current generation code is rather unoptimized > and does arc4rand() for each IP ID generated). > > The NetBSD implementation is superior than ours in my opinion as it > uses Fisher-Yates shuffle instead of doing arc4rand (modern version > even uses a lighter weighted PRNG for those who do not need strong > cryptographical strengths) every time then test for collision, and is > therefore more scalable. See: > http://cvsweb.netbsd.org/bsdweb.cgi/src/sys/netinet/ip_id.c?only_with_tag=MAIN Looks interesting, but please make sure to fix the for loop... and memory use is a bit high... 128KB for each of these? Though it looks like NetBSD only uses one... RFC6864 is an interesting read: https://tools.ietf.org/html/rfc6864 We should add a dtrace probe or acounter to see just how many non-atomic IP packets are sent... For most consumers, just a random ID is fine, but there are some workloads (heavy UDP) that will need more than just random ID's, but need additional state to prevent id reuse... > > On 7 November 2014 00:20, grarpamp <grarpamp@gmail.com> wrote: > >> On Thu, Nov 6, 2014 at 8:52 AM, Philipp Winter <phw@nymity.ch> > >> wrote: > >>> On Wed, Nov 05, 2014 at 04:04:41AM -0500, grarpamp wrote: > >>>> 173 FreeBSD > >>> > >>> FreeBSD still seems to use globally incrementing IP IDs by > >>> default. That's an issue as it leaks fine-grained information > >>> about how many packets a relay's networking stack processes. > >>> (However, nobody investigated the exact impact on Tor relays so > >>> far, which makes this a FUD-heavy topic.) It looks like > >>> approximately 50 out of the 131 FreeBSD relays I tested (38%) > >>> use global IP IDs. > >>> > >>> There's a sysctl variable called "net.inet.ip.random_id" which > >>> makes a FreeBSD's IP ID behaviour random. FreeBSD relay > >>> operators should set this to "1". > >>> > >>> Note that this issue was already discussed earlier this year in > >>> a thread called "Lots of tor relays send out sequential IP IDs; > >>> please fix that!". > >> > >> It's been default off since before it was a sysctl over a decade > >> ago. Anyone know what the deal is with that? Some objection, or > >> forgotten flag day, or oversight that really should be set to 1? > >> https://svnweb.freebsd.org/base?view=revision&revision=133720 > > > - -- > Xin LI <delphij@delphij.net> https://www.delphij.net/ > FreeBSD - The Power to Serve! Live free or die > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v2.0 > > iQIcBAEBCgAGBQJUXTyeAAoJEJW2GBstM+nscFkP/3AZyfGcZ+guYAXKg2fXUeNL > 2A6upXx5Vtb7xMyTeCSfccGMtvc/IsGjWNrN8m8gC1xo304RDE9ChxZKUwtbSjNz > twSIACF26F1wUmyFXPAqyNu3m9Id1KET4ttW+XO8cCDZegoyzm4O+xnMQY6PkhtT > czf9VfONFzMM/ZPwFEClWsVcxNnIL6rGgDRUF0TJOPijwRSdp14MUNPTfYJT8JZ0 > xL/KSYwK228S0AtGJXEyh8JXn6ejNYZBC1A9bvZWzPeKFDbfS20hJfPbs7N2NBCf > KqE4EEAVikJ0DRjB7qBhm09mAA0Igg2K5WROcuT5RoOgLL4vj/DPa6LGaBqxgCBT > 9NiqTuefcoLjXKWcYNLuRxaBgPuERXm4J9CdIWIn1X9QXSx+En++JHMiuqUT+8fW > qSmlXve0zOIpnLoIZ7mlpMDwpQe2YWWf3eNhDVtsZLr+ra3pd95gQaf3aOvAJpJQ > 8syLAyso5GkR+uQK9/mT7L3IH8VuiGAGzVrmdXXd0GewQct7flBymWCnUb8yUF6F > O8+MMJOF7WWbtRBW45boWhoHl7K9JFtznDiZxZ/ef0P2LP+C6tk2DtjNtXWKRw6M > Fg8ZK2FsFj0QiYuN7rdHWASLUjQCM08VnGItPbaIK1mnEa5RR66jgbLckbsTzCpP > u9TA361AfS2/MER6RNdF > =zRJy > -----END PGP SIGNATURE----- > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" -- John-Mark Gurney Voice: +1 415 225 5579 "All that I will do, has been done, All that I have, has not."
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20141107223242.GZ24601>