Actions

Why is Tor Slow?

From Whonix



Introduction[edit]

Users often complain that the Tor network is slow or has inconsistent speed. This page briefly describes some reasons for affected Tor throughput and how to create a Whonix-Gateway ™ with a different set of guards for testing purposes. Interested readers can also refer to the Tor Project FAQ [archive] and relevant research [archive] for a more detailed explanation of this topic.

Factors Affecting Tor Throughput[edit]

Misuse of the Tor Network[edit]

Some actors misuse the Tor network, either purposefully or due to a lack of knowledge. For instance, Tor is sometimes used to conduct DDoS attacks [archive]. By doing this, the Tor relays are the ones who actually suffer from the attack, instead of the intended target. Some people use peer-to-peer software [archive] (like BitTorrent [archive]) through Tor which slows down the network for all users. [1]

Relay Quality[edit]

Tor relays are run by volunteers [2] in a decentralized way. Consequently, relays do not have uniform quality; some are big and fast, while others are smaller and slower. As a whole, the network could be faster if it had more capacity [archive]. To improve the capacity of the Tor network, users can either run a Tor relay [archive] or help existing relays [archive].

Tor Circuits Lengthen Connections[edit]

When navigating to clearnet resources, Tor provides anonymity by building circuits with three relays. So instead of connecting directly to the destination server, a connection is made between each relay of the circuit and this takes more time. In the case of onion services, a six-relay arrangement is used in the connection - three picked by the user and three picked by the onion service.

In addition to using multiple relays, Tor tries to build circuits with relays in different geographical locations. This necessarily causes connections to travel further and slows down the fetching of resources.

Other Factors[edit]

Research by computer scientists Roger Dingledine [3] and Steven Murdoch has noted several other factors that affect Tor throughput.

Table: Tor Throughput Factors [4] [5]

Factor Description
Directory Information Download Overhead Users with low bandwidth (like those on cell phones) have to spend too much time downloading directory information. Tor protocols need to be optimized for efficiency.
Excessive User Load Some users put excessive traffic load on the Tor network relative to their network contributions. Methods of limiting these effects and prioritizing other users need to be implemented. [6]
Tor Congestion Control Tor's mechanism does not work well in combining high-volume (bulk transfer) and low-volume (browsing) streams.
Tor Latency Failures Tor is inefficient in handling connection failures or high / variable latency. Better heuristics to move away from bad circuits and a more uniform latency response is required.
Tor Load Distribution Tor's current path selection algorithms do not effectively distribute the network load. The properties of relays need to be more accurately estimated so relays do not become over or under-loaded. [7]
Tor Network Capacity As noted earlier, the total capacity of the Tor network is insufficient relative to unmet privacy demand. A significant boost in the overall number of relays is required. [8]

Whonix ™ has Slowed Tor Connections Dramatically![edit]

This is likely an incorrect assumption. Since Whonix ™ does not modify the Tor package directly, nor attempt to improve the Tor routing algorithm, any sudden drop in network speed is almost certainly related to:

  • User (mis)configurations relating to a VPN, proxy or other relevant settings.
  • Tor network anomalies.
  • Tor entry guards which are:
    • Malicious.
    • Overloaded.
    • Under attack.
    • Misconfigured.
  • A change in the Tor guard selection which has resulted in poor throughput due to capacity issues.

Before posting about the issue in forums, first use one of the following two methods to create a test Whonix-Gateway ™ with a different set of guards.

Info There is a small chance of receiving the same set of Tor guards using both methods below. Use Arm to explicitly check the new Tor guards are different before testing Tor throughput.

Easy: Whonix-Gateway ™ Clone[edit]

This procedure is less useful for Whonix ™ debugging.

1. Create a clone of the slow Whonix-Gateway ™ (sys-whonix) and name it Whonix-Gateway ™-test VM (sys-whonix-test-vm). [9]

2. Regenerate the Tor State File.

3. Retest the speed of Tor connections.

Moderate Difficulty: Manual Regeneration of the Tor State File[edit]

This is more useful for Whonix ™ debugging.

1. Copy the Whonix-Gateway ™ Tor state folder to a temporary folder.

Run the following Konsole commands.

sudo systemctl stop tor@default
sudo mv /var/lib/tor /tmp
sudo systemctl restart tor@default

2. Retest the speed of Tor connections.

After testing Tor throughput, run these Konsole commands to restore the Tor state folder to its original settings.

sudo systemctl stop tor@default
sudo rm -r /var/lib/tor
sudo mv /tmp/tor /var/lib
sudo systemctl restart tor@default

Interpreting the Test Results[edit]

There is no guarantee the test VM / new Tor state will be faster. However, if there is a significant difference in speed between the test and normal Whonix-Gateway ™ VMs / Tor state, then this can be attributed to the Tor guards that are normally in use. This also means there is no bug in Whonix ™.

If the test VM / new Tor state does not speed up, the user may have selected Tor guards with poor throughput, or it could be a bug in Whonix ™. Before reporting the problem in the forums, regenerate the Tor state file and test the Tor throughput again. If it is still slow, then this may indicate a Whonix ™ bug or other issue.

It is strongly discouraged to use the Whonix-Gateway ™-test VM / new Tor state (with a new Tor guard set) for activities other than testing, even if it is faster. It is feasible that adversaries might try to induce the user to switch their guards. By switching, the probability that a new chosen guard set is adversary-controlled increases, aiding end-to-end correlation attacks that deanoymize connections.

License[edit]

Whonix ™ Why is Tor Slow? wiki page Copyright (C) Amnesia <amnesia at boum dot org>
Whonix ™ Why is Tor Slow? wiki page Copyright (C) 2014 - 2019 ENCRYPTED SUPPORT LP <adrelanos@riseup.net>

This program comes with ABSOLUTELY NO WARRANTY; for details see the wiki source code. This is free software, and you are welcome to redistribute it under certain conditions; see the wiki source code for details.

Footnotes[edit]

  1. A large file downloaded through BitTorrent can translate to several hours of browsing for the regular Tor Browser user.
  2. And hostile actors.
  3. Roger Dingledine is the co-creator of the first alpha version of Tor.
  4. https://svn.torproject.org/svn/projects/roadmaps/2009-03-11-performance.pdf [archive]
  5. As the research is dated, some of these issues may have been fully or partially mitigated by now.
  6. This may involve targeting specific user profiles (e.g. throttling certain protocols) so the original Tor design of high throughput and good latency properties can be realized.
  7. Capacity is currently estimated by observing the largest traffic burst seen in the past day. This bandwidth capacity is advertised in the directory information, leading clients to preference their path selection based upon a relay's estimated bandwidth.
  8. Economics suggests increased supply will lead to more users arriving to fill the void.
  9. Alternatively follow the instructions to use Multiple Whonix-Gateway ™.


Follow: Twitter.png Facebook.png 1280px-Gab text logo.svg.png Rss.png Matrix logo.svg.png 1024px-Telegram 2019 Logo.svg.png Discourse logo.svg

Donate: Donate Bank Wire Paypal Bitcoin accepted here Monero accepted here Contriute

Whonix donate bitcoin.png Monero donate whonix.png

Share: Twitter | Facebook

Are you proficient with iptables? Want to contribute? Check out possible improvements to iptables [archive]. Please come and introduce yourself in the development forum [archive].

https [archive] | (forcing) onion [archive]

This is a wiki. Want to improve this page? Help is welcome and volunteer contributions are happily considered! Read, understand and agree to Conditions for Contributions to Whonix ™, then Edit! Edits are held for moderation.

Copyright (C) 2012 - 2019 ENCRYPTED SUPPORT LP. Whonix ™ is a trademark. Whonix ™ is a licensee [archive] of the Open Invention Network [archive]. Unless otherwise noted, the content of this page is copyrighted and licensed under the same Freedom Software license as Whonix ™ itself. (Why?)

Whonix ™ is a derivative of and not affiliated with Debian [archive]. Debian is a registered trademark [archive] owned by Software in the Public Interest, Inc [archive].

Whonix ™ is produced independently from the Tor® [archive] anonymity software and carries no guarantee from The Tor Project [archive] about quality, suitability or anything else.

By using our website, you acknowledge that you have read, understood and agreed to our Privacy Policy, Cookie Policy, Terms of Service, and E-Sign Consent. Whonix ™ is provided by ENCRYPTED SUPPORT LP. See Imprint.