Increase Authorities' AuthDirMaxServersPerAddr to 4 or 8 to use more processors

Due to the increase in logical processors per machine, a recent conversation on the tor-dev mailing list suggested increasing the Tor Authorities' AuthDirMaxServersPerAddr,0 (Mortiz Bartl) either to unlimited1 (isis) or 4 or 8 2 (mikeperry, teor).

I suggest we initially increase the consensus parameter to 8, quadrupling CPU-bound throughput, and then, if successful, change the default in code in a major release.

Details:

The increase in logical and physical processors per machine has outstripped tor's ability to parallelise its workload, artificially limiting the network throughput.4 (AFO-Admin)

• Scarcity of IPv4 addresses, particularly in some regions
• Multiple relays sharing IPv4 addresses due to VPSs and/or NAT - see legacy/trac#13234 (moved)

Long-term:

Long-term work that will resolve this issue:

• Parallelise more of tor's compute workload 5
• Optimise Cryptography, either through algorithm choice or code refactoring
• Implement/Test/Deploy/Activate IPv6 ORPorts

Potential Concerns:

This could make Sybil attacks slightly easier, but we already mitigate against Syblils on the same IP using the /24 filter. isis wasn't concerned about extra Sybils from this change.1

This change may slightly increase the size of the consensus. However, there are multiple upcoming plans to reduce consensus size, including:

• Consensus Diffs
• Reducing Consensus Size by Excluding the Slowest Relays