Internet anonymity systems, like for instance Tor, are in widespread use today. Technically they are realized as overlays, i. e., they add another instance of routing, forwarding, and transport functionality on top of the Internet protocol stack. This has important (and often subtle) implications, as overlay and underlay may interact. Far too often, existing designs neglect this. Consequently, they suffer from performance issues that are hard to track down and fix. The existing body of work in this area often takes a quite narrow view, tweaking the design in order to improve one specific aspect. The behavior of the interacting underlay and overlay transport layers is complex, though, and often causes unexpected-and unexplored-side effects. Therefore, we show that so far considered combinations of overlay and underlay protocols cannot deliver good throughput, latency, and fairness at the same time, and we establish guidelines for a future, better suited transport layer design.
