Roger, thanks for the reply. See below for my comments.<br><br><div class="gmail_quote">On Dec 5, 2007 12:58 PM, Roger Dingledine <<a href="mailto:arma@mit.edu">arma@mit.edu</a>> wrote:<br><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
[snip]<div class="Ih2E3d"><br>> Then I have 3 of my own computers that I set up as Tor Onion Routers<br>> (servers). Let's call them Tor1, Tor2, and Tor3. Each of them have the<br>> correct DirServer lines pointing to DirectoryMirrorX.
<br><br></div>I think you might misunderstand what DirServer is for. That config line<br>changes the directory authorities that Tor believes in. So if you put<br>DirServer lines pointing to DirectoryMirror{1,2,3}, then Tor will demand
<br>networkstatus documents (or in 0.2.0, a consensus document) signed by<br>a majority of the DirServers.<br><br>Since you didn't talk above about setting AuthoritativeDirectory, which<br>you would do if you were actually trying to create your own separate Tor
<br>network, I have to assume that the mirrors aren't making any networkstatus<br>documents, which means anybody who sets DirServer lines pointing to them<br>are going to have real problems finding enough dir info to make circuits.
</blockquote><div><br>DirectoryMirror{1,2,3} have AuthoritativeDirectory = 1. So the Tor OR will use those 3 DirectoryMirror{1, 2,3} as authoritative directory servers.<br><br></div><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
<br><div class="Ih2E3d"><br>> Now, I have a client with the DirServer lines pointing to<br>> DirectoryMirrorX and which tries to setup a circuit with TorX as a<br>> node in the circuit. This fails. Note that DirectoryMirrorX does have
<br>> TorX in its cached-status.<br><br></div>It probably has TorX in its cached-status from back before you changed<br>the DirServer lines on TorX?</blockquote><div><br>I made sure to rm -Rf ~/.tor/cached-*<br> </div>
<blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;"><br><div class="Ih2E3d"><br>> However, if I have the client with the same DirServer lines try to
<br>> setup a circuit with the other Tor nodes (the "real" ones on the<br>> network), this works.<br><br></div>Something is deeply wrong with your assumptions here. You might try<br>reading the man page entries again.
<br><div class="Ih2E3d"><br>> Any help will be greatly appreciated.<br><br></div>Hope that helps,</blockquote><div><br>Thanks for the reply.<br><br>What I am trying to do is be able to set up circuits with both the "real" Tor nodes and my own Tor nodes being part of the circuit. However, I would like to keep my Tor ORs private so that they don't appear in the directory servers for anybody else to use, because they are just being used as part of a test.
<br><br>Setting up a Tor OR to connect to the default authoritative directory servers but with PublishServerDescriptor=0 and then in the Tor client EntryNodes=Tor1 and StrictEntryNodes=1 does not seem to help either... unless I am doing something wrong.
<br><br>Thanks,<br><br>Eric<br><br></div><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;"><br><font color="#888888">--Roger<br><br></font></blockquote>
</div><br>