Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

AMP cache rendezvous for Snowflake #109

Open
wkrp opened this issue Mar 7, 2022 · 2 comments
Open

AMP cache rendezvous for Snowflake #109

wkrp opened this issue Mar 7, 2022 · 2 comments

Comments

@wkrp
Copy link
Member

wkrp commented Mar 7, 2022
edited
Loading

I neglected to post about this when it was newer. This post is about a new feature that was released in Tor Browser 11.5a1 (December 2021), 11.0.3 (December 2021), and 11.0.5 for Android (February 2022).

Before Snowflake can start a peer-to-peer WebRTC connection, it needs to do a step called rendezvous, where the client connects to the broker and indicates its need for a proxy connection. In principle, rendezvous is modular: any kind of blocking-resistant request–response protocol can work. Originally, and still by default in Tor Browser, Snowflake does rendezvous using a domain-fronted HTTPS request. Now there is an alternative (backup) to domain fronting rendezvous: AMP cache rendezvous. If one rendezvous method is blocked, there is a chance the other will work.

Unfortunately, there is no easy UI for changing the rendezvous method. You have to edit a configuration file. (This will get easier in a future version where you can control options in the bridge line.)

Open the Tor Browser folder and find the torrc-defaults file:

platform location
linux Browser/TorBrowser/Data/Tor/torrc-defaults
windows Browser\TorBrowser\Data\Tor\torrc-defaults
osx Contents/Resources/TorBrowser/Tor/torrc-defaults

Find the part that says:

## snowflake configuration
ClientTransportPlugin snowflake exec ...

Remove the following options from the line:

-url https://snowflake-broker.torproject.net.global.prod.fastly.net/ -front cdn.sstatic.net

And replace them with these options:

-url https://snowflake-broker.torproject.net/ -ampcache https://cdn.ampproject.org/ -front www.google.com

In place of -front www.google.com, you can try other Google domains. Leave all the other options the same.

Then start Tor Browser, and configure it to use Snowflake as a bridge at about:preferences#tor.

For extra debugging information, you can add the options -log snowflake.log -log-to-state-dir. Search for a file called snowflake.log.

The torrc-defaults file will be overwritten whenever Tor Browser self-updates. You will have to apply the change again.

Background and history on AMP cache:

Discussion of modular rendezvous:
@keroserene
Copy link

Thank you for doing this.

@cohosh
Copy link

cohosh commented Feb 2, 2024

We have some new metrics exported by the Snowflake broker to count how many client poll requests we get for each rendezvous method. These changes were deployed on January 31st, making yesterday the first day these counts started being archived by CollecTor. I was very surprised by how close the domain fronting (HTTP) and AMP cache counts are:

client-http-count 1250792
client-ampcache-count 1004456

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@keroserene @wkrp @cohosh