From owner-freebsd-net@FreeBSD.ORG Fri Nov 7 22:32:58 2014 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 4D475EEE; Fri, 7 Nov 2014 22:32:58 +0000 (UTC) Received: from h2.funkthat.com (gate2.funkthat.com [208.87.223.18]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client CN "funkthat.com", Issuer "funkthat.com" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 13B2A7B3; Fri, 7 Nov 2014 22:32:57 +0000 (UTC) Received: from h2.funkthat.com (localhost [127.0.0.1]) by h2.funkthat.com (8.14.3/8.14.3) with ESMTP id sA7MWiWs056487 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Fri, 7 Nov 2014 14:32:44 -0800 (PST) (envelope-from jmg@h2.funkthat.com) Received: (from jmg@localhost) by h2.funkthat.com (8.14.3/8.14.3/Submit) id sA7MWgk3056486; Fri, 7 Nov 2014 14:32:42 -0800 (PST) (envelope-from jmg) Date: Fri, 7 Nov 2014 14:32:42 -0800 From: John-Mark Gurney To: d@delphij.net Subject: Re: [tor-relays] FreeBSD's global IP ID Message-ID: <20141107223242.GZ24601@funkthat.com> Mail-Followup-To: d@delphij.net, Adrian Chadd , grarpamp , tor-relays@lists.torproject.org, FreeBSD Net References: <20141106135228.GE3824@nymity.ch> <545D3C9E.2000201@delphij.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <545D3C9E.2000201@delphij.net> User-Agent: Mutt/1.4.2.3i X-Operating-System: FreeBSD 7.2-RELEASE i386 X-PGP-Fingerprint: 54BA 873B 6515 3F10 9E88 9322 9CB1 8F74 6D3F A396 X-Files: The truth is out there X-URL: http://resnet.uoregon.edu/~gurney_j/ X-Resume: http://resnet.uoregon.edu/~gurney_j/resume.html X-TipJar: bitcoin:13Qmb6AeTgQecazTWph4XasEsP7nGRbAPE X-to-the-FBI-CIA-and-NSA: HI! HOW YA DOIN? can i haz chizburger? X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.2.2 (h2.funkthat.com [127.0.0.1]); Fri, 07 Nov 2014 14:32:44 -0800 (PST) Cc: tor-relays@lists.torproject.org, FreeBSD Net , Adrian Chadd , grarpamp X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 07 Nov 2014 22:32:58 -0000 Xin Li wrote this message on Fri, Nov 07, 2014 at 13:41 -0800: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA512 > > On 11/07/14 08:31, Adrian Chadd wrote: > > ... that's .. odd. > > > > Let's poke the freebsd crypto and network stack people and ask. I > > can't imagine why this is a problem anymore and we should default > > to it being on. The other thing you could do is have the tor port > > require it be turned on before tor runs. > > If I remember correctly, it wasn't about security but about > performance, the idea was to make the option per-interface (so that > e.g. for internal, fast connection, don't bother to do it), but that > never happen. > > I personally enable it on all my systems to sink away more kernel > arc4rand output (which is, unfortunately a side effect of wrong (IMO) > behavior, because the current generation code is rather unoptimized > and does arc4rand() for each IP ID generated). > > The NetBSD implementation is superior than ours in my opinion as it > uses Fisher-Yates shuffle instead of doing arc4rand (modern version > even uses a lighter weighted PRNG for those who do not need strong > cryptographical strengths) every time then test for collision, and is > therefore more scalable. See: > http://cvsweb.netbsd.org/bsdweb.cgi/src/sys/netinet/ip_id.c?only_with_tag=MAIN Looks interesting, but please make sure to fix the for loop... and memory use is a bit high... 128KB for each of these? Though it looks like NetBSD only uses one... RFC6864 is an interesting read: https://tools.ietf.org/html/rfc6864 We should add a dtrace probe or acounter to see just how many non-atomic IP packets are sent... For most consumers, just a random ID is fine, but there are some workloads (heavy UDP) that will need more than just random ID's, but need additional state to prevent id reuse... > > On 7 November 2014 00:20, grarpamp wrote: > >> On Thu, Nov 6, 2014 at 8:52 AM, Philipp Winter > >> wrote: > >>> On Wed, Nov 05, 2014 at 04:04:41AM -0500, grarpamp wrote: > >>>> 173 FreeBSD > >>> > >>> FreeBSD still seems to use globally incrementing IP IDs by > >>> default. That's an issue as it leaks fine-grained information > >>> about how many packets a relay's networking stack processes. > >>> (However, nobody investigated the exact impact on Tor relays so > >>> far, which makes this a FUD-heavy topic.) It looks like > >>> approximately 50 out of the 131 FreeBSD relays I tested (38%) > >>> use global IP IDs. > >>> > >>> There's a sysctl variable called "net.inet.ip.random_id" which > >>> makes a FreeBSD's IP ID behaviour random. FreeBSD relay > >>> operators should set this to "1". > >>> > >>> Note that this issue was already discussed earlier this year in > >>> a thread called "Lots of tor relays send out sequential IP IDs; > >>> please fix that!". > >> > >> It's been default off since before it was a sysctl over a decade > >> ago. Anyone know what the deal is with that? Some objection, or > >> forgotten flag day, or oversight that really should be set to 1? > >> https://svnweb.freebsd.org/base?view=revision&revision=133720 > > > - -- > Xin LI https://www.delphij.net/ > FreeBSD - The Power to Serve! Live free or die > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v2.0 > > iQIcBAEBCgAGBQJUXTyeAAoJEJW2GBstM+nscFkP/3AZyfGcZ+guYAXKg2fXUeNL > 2A6upXx5Vtb7xMyTeCSfccGMtvc/IsGjWNrN8m8gC1xo304RDE9ChxZKUwtbSjNz > twSIACF26F1wUmyFXPAqyNu3m9Id1KET4ttW+XO8cCDZegoyzm4O+xnMQY6PkhtT > czf9VfONFzMM/ZPwFEClWsVcxNnIL6rGgDRUF0TJOPijwRSdp14MUNPTfYJT8JZ0 > xL/KSYwK228S0AtGJXEyh8JXn6ejNYZBC1A9bvZWzPeKFDbfS20hJfPbs7N2NBCf > KqE4EEAVikJ0DRjB7qBhm09mAA0Igg2K5WROcuT5RoOgLL4vj/DPa6LGaBqxgCBT > 9NiqTuefcoLjXKWcYNLuRxaBgPuERXm4J9CdIWIn1X9QXSx+En++JHMiuqUT+8fW > qSmlXve0zOIpnLoIZ7mlpMDwpQe2YWWf3eNhDVtsZLr+ra3pd95gQaf3aOvAJpJQ > 8syLAyso5GkR+uQK9/mT7L3IH8VuiGAGzVrmdXXd0GewQct7flBymWCnUb8yUF6F > O8+MMJOF7WWbtRBW45boWhoHl7K9JFtznDiZxZ/ef0P2LP+C6tk2DtjNtXWKRw6M > Fg8ZK2FsFj0QiYuN7rdHWASLUjQCM08VnGItPbaIK1mnEa5RR66jgbLckbsTzCpP > u9TA361AfS2/MER6RNdF > =zRJy > -----END PGP SIGNATURE----- > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" -- John-Mark Gurney Voice: +1 415 225 5579 "All that I will do, has been done, All that I have, has not."