Why is Tor Slow?

From Whonix
Jump to navigation Jump to search


Users often complain that the Tor network is slow or has inconsistent speed. This page briefly describes some reasons for affected Tor throughput and how to create a Whonix-Gateway with a different set of guards for testing purposes. Interested readers can also refer to the Tor Project FAQarchive.org (.oniononion) and relevant researcharchive.org for a more detailed explanation of this topic.

Factors Affecting Tor Throughput[edit]

DDoS Attacks on the Tor Network[edit]

DDoS attacksarchive.org are being conducted against the Tor network. See The Tor Project's blog post Tor is slow right now. Here is what is happeningarchive.org.

Misuse of the Tor Network[edit]

Some actors misuse the Tor network, either purposefully or due to a lack of knowledge. For instance, Tor is sometimes used to conduct DDoS attacks. By doing this, the Tor relays are the ones who actually suffer from the attack, instead of the intended target. Some people use peer-to-peer softwarearchive.org (like BitTorrentarchive.org) through Tor which slows down the network for all users. [1]

Relay Quality[edit]

Tor relays are run by volunteers [2] in a decentralized way. Consequently, relays do not have uniform quality; some are big and fast, while others are smaller and slower. As a whole, the network could be faster if it had more capacityarchive.org (.onion)onion. To improve the capacity of the Tor network, users can either run a Tor relayarchive.org (.oniononion) or help existing relaysarchive.org.

Tor Circuits Lengthen Connections[edit]

When navigating to clearnet resources, Tor provides anonymity by building circuits with three relays. So instead of connecting directly to the destination server, a connection is made between each relay of the circuit and this takes more time. In the case of onion services, a six-relay arrangement is used in the connection -- three picked by the user and three picked by the onion service.

In addition to using multiple relays, Tor tries to build circuits with relays in different geographical locations. This necessarily causes connections to travel further and slows down the fetching of resources.

Other Factors[edit]

Research by computer scientists Roger Dingledine [3] and Steven Murdoch has noted several other factors that affect Tor throughput.

Table: Tor Throughput Factors [4] [5]

Factor Description
Directory Information Download Overhead Users with low bandwidth (like those on cell phones) have to spend too much time downloading directory information. Tor protocols need to be optimized for efficiency.
Excessive User Load Some users put excessive traffic load on the Tor network relative to their network contributions. Methods of limiting these effects and prioritizing other users need to be implemented. [6]
Tor Congestion Control Tor's mechanism does not work well in combining high-volume (bulk transfer) and low-volume (browsing) streams.
Tor Latency Failures Tor is inefficient in handling connection failures or high / variable latency. Better heuristics to move away from bad circuits and a more uniform latency response is required.
Tor Load Distribution Tor's current path selection algorithms do not effectively distribute the network load. The properties of relays need to be more accurately estimated so relays do not become over or under-loaded. [7]
Tor Network Capacity As noted earlier, the total capacity of the Tor network is insufficient relative to unmet privacy demand. A significant boost in the overall number of relays is required. [8]

Whonix has Slowed Tor Connections Dramatically![edit]

This is likely an incorrect assumption. Since Whonix does not modify the Tor package directly, nor attempt to improve the Tor routing algorithm, any sudden drop in network speed is almost certainly related to:

  • User (mis)configurations relating to a VPN, proxy or other relevant settings.
  • Tor network anomalies.
  • Tor entry guards which are:
    • malicious
    • overloaded
    • under attack
    • misconfigured
  • A change in the Tor guard selection which has resulted in poor throughput due to capacity issues.

Before posting about the issue in forums, first use one of the following two methods to create a test Whonix-Gateway with a different set of guards.

Info There is a small chance of receiving the same set of Tor guards using both methods below. Use Nyx to explicitly check the new Tor guards are different before testing Tor throughput.

Easy: Whonix-Gateway Clone[edit]

This procedure is less useful for Whonix debugging.

1. Create a clone of the slow Whonix-Gateway (sys-whonix) and name it Whonix-Gateway-test VM (sys-whonix-test-vm). [9]

  • VirtualBox: follow these instructionsarchive.org to create a VM snapshot.
  • Qubes-Whonix: Right-click on sys-whonixClone VM

2. Regenerate the Tor State File.

3. Retest the speed of Tor connections.

Moderate Difficulty: Manual Regeneration of the Tor State File[edit]

This procedure is more useful for Whonix debugging.

1. Copy the Whonix-Gateway Tor state folder to a temporary folder.

Run the following terminal commands.

sudo systemctl stop tor@default

sudo mv /var/lib/tor /tmp

sudo systemctl restart tor@default

2. Retest the speed of Tor connections.

After testing Tor throughput, run these terminal commands to restore the Tor state folder to its original settings.

sudo systemctl stop tor@default

sudo rm -r /var/lib/tor

sudo mv /tmp/tor /var/lib

sudo systemctl restart tor@default

Interpreting the Test Results[edit]

There is no guarantee the test VM / new Tor state will be faster. However, if there is a significant difference in speed between the test and normal Whonix-Gateway VMs / Tor state, then this can be attributed to the Tor guards that are normally in use. This also means there is no bug in Whonix.

If the test VM / new Tor state does not speed up, the user may have selected Tor guards with poor throughput, or it could be a bug in Whonix. Before reporting the problem in the forums, regenerate the Tor state file and test the Tor throughput again. If it is still slow, then this may indicate a Whonix bug or other issue.

It is strongly discouraged to use the Whonix-Gateway-test VM / new Tor state (with a new Tor guard set) for activities other than testing, even if it is faster. It is feasible that adversaries might try to induce the user to switch their guards. By switching, the probability that a new chosen guard set is adversary-controlled increases, aiding end-to-end correlation attacks that deanoymize connections.


Whonix Why is Tor Slow? wiki page Copyright (C) Amnesia <amnesia at boum dot org>
Whonix Why is Tor Slow? wiki page Copyright (C) 2014 - 2021 ENCRYPTED SUPPORT LP <adrelanos@whonix.org>

This program comes with ABSOLUTELY NO WARRANTY; for details see the wiki source code. This is free software, and you are welcome to redistribute it under certain conditions; see the wiki source code for details.


  1. A large file downloaded through BitTorrent can translate to several hours of browsing for the regular Tor Browser user.
  2. And hostile actors.
  3. Roger Dingledine is the co-creator of the first alpha version of Tor.
  4. https://svn.torproject.org/svn/projects/roadmaps/2009-03-11-performance.pdfarchive.org
  5. As the research is dated, some of these issues may have been fully or partially mitigated by now.
  6. This may involve targeting specific user profiles (e.g. throttling certain protocols) so the original Tor design of high throughput and good latency properties can be realized.
  7. Capacity is currently estimated by observing the largest traffic burst seen in the past day. This bandwidth capacity is advertised in the directory information, leading clients to preference their path selection based upon a relay's estimated bandwidth.
  8. Economics suggests increased supply will lead to more users arriving to fill the void.
  9. Alternatively follow the instructions to use Multiple Whonix-Gateway.

We believe security software like Whonix needs to remain open source and independent. Would you help sustain and grow the project? Learn more about our 12 year success story and maybe DONATE!