[Tor-BSD] kernel: ... was killed: out of swap space

Gijs Peskens gijsje at heteigenwijsje.nl
Mon Feb 19 15:43:43 EST 2018


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Sharing your system specs (especially ram size and configured swap
size) and tor configuration would really help us debug your issues.

As for running Tor on FreeBSD, https://metrics.torproject.org/rs.html#d
etails/1283EBDEEC2B9D745F1E7FBE83407655B984FD66

That is my exit-relay running on OPNsense (FreeBSD 11 based) without
any issues. Tor is using 1,5gig of ~4g availabe and is happily eating
CPU cycles. 
I was previously running it on OpenBSD, also without isssue.

On Mon, 2018-02-19 at 20:30 +0000, George Rosamond wrote:
> teor:
> > 
> > > On 20 Feb 2018, at 05:51, George Rosamond <george at ceetonetechnolo
> > > gy.com> wrote:
> > > 
> > > But the best route would be to update security/tor to 0.3.2.9.  I
> > > *think* it deals with the DDOS'g you're experiencing.
> > 
> > Unfortunately, 0.3.2.9 does not have the DDoS feature.
> > Please wait for the 0.3.2.10 release, which should be out soon.
> 
> Cool.
> 
> > 
> > In the meantime, please try adjusting:
> > 
> > MaxMemInQueues 1 GB # Or half your free RAM
> > 
> 
> Changing MaxMemInQues had no effect for my FreeBSD relay.
> 
> > And please disable CellStatistics and ConnDirectionStatistics.
> > 
> 
> CellStatistics off did but note it's not on by default.
> 
> > We could give you better advice if you posted your machine specs
> > and torrc.
> 
> Definitely.  I clearly made some sweeping assumptions in terms of
> diagnosis.
> 
> > 
> > > I can say that the current security/tor-devel (0.3.3.2) does deal
> > > with
> > > it, and I see a good number of messages like:
> > > 
> > > Feb 19 18:44:21.000 [notice] {HEARTBEAT} DoS mitigation since
> > > startup:
> > > 1083 circuits rejected, 6 marked addresses. 59073 connections
> > > closed.
> > > 1330 single hop clients refused.
> > 
> > The combination of DDoS defence and turning off statistics dropped
> > my
> > (Linux) relay RAM usage from 6-10 GB to about 1 GB.
> 
> I never had any issues with the OpenBSD relays, but with FreeBSD I
> had
> to cron restarting tor every 15 hours or so.
> 
> The TorBSD wiki page I posted has some mitigations, but none seemed
> effective.  It's good newer versions of Tor are dealing, but
> mitigating
> further from the node is also good, like limiting tcp states via
> network
> firewall, etc.
> 
> g
> 
> _______________________________________________
> Tor-BSD mailing list
> Tor-BSD at lists.nycbug.org
> http://lists.nycbug.org/mailman/listinfo/tor-bsd
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEE39aOQY4w2je+JdDQi2ZEc9DzrPMFAlqLNv8ACgkQi2ZEc9Dz
rPOhvA//Y189clVoCjgx1JC28gdev36hdEPM9zbVz26PXsPsByJEnbBMcdfr86sM
Z1wGP/grKGk16YtrABUEmzud+zgOitSm0bctst3gL8EWcG1ZEAefAFX/ywwMEH3Y
iox5thomJY/iVtCgf07BlDVnRT1028KoFhcGCNEmu2gamMkvc474zYa2zAC7zhSG
tiLAAkOqbLdt+yzQ0jPmI0jQoyBym8eq00AlqRYnCUhCfk5tNAND/N/ZcTXxsYC0
WBPhvUM8o7lRzFUbwuUI6x8Vkc1d1ds7pBJT9M9goIrgovocKNCngr4Npffl1ssO
btezEW7U6P5GnYpK1egjQzvTIvxNN+Q7CN1Rmc4U9efIeQPKwe9pHnNpQ6PBMICa
UUXFLTxQyIhEtq+9XE7wIqLhzQOh10tzsNRwAsObDuEDAAyPAOjcfOEbD2gdedl+
y0P/p9qZNtVkVSgWyBgyPoU0BDPidLVJoJXnBhtEMrMrESX9wF76z4tze/LjmlwJ
jw9yVmd1i8DlnrCfLHZV5x8g1wAoLjdYIiUNFhVcBLCg8zY+LFtrfycpSs7YznNK
SgHaSntZTTFGpFC8gPJG0ivKe/DHmq9QuJb29F1f3ehcSnSWZUr4Gy7TYoSrftYV
odiOwKwXQlXPKg2PdEMO4d1lnLU+h5g2+upNej82PKWUBG3Ltxg=
=dIwa
-----END PGP SIGNATURE-----



More information about the Tor-BSD mailing list