- tor-relays - lists.torproject.org

[bridge operators] Fix required for WebTunnel docker bridges
by gus 28 Aug '25

28 Aug '25

Hello bridge operators, During yesterday's upgrade of our WebTunnel docker image, some bridges stopped working due to an operating system issue[1]. Only WebTunnel operators using our official Docker image are affected. If your bridge is affected and you don’t apply this fix, it will remain non-functional and users will not be able to connect. You need to take action now! ### How to check if your bridge is affected Run the command: `docker ps` If your WebTunnel container is stuck in a restart loop (shows `Restarting (1)` or similar message), then your bridge needs fixing: ``` thetorproject/webtunnel-bridge:latest "/usr/local/bin/star…" 22 hours ago Restarting (1) 21 seconds ago webtunnelBridge5a35b7dd47c6 containrrr/ ``` ### How to fix your WebTunnel docker bridge 1. List your Docker volumes: ``` docker volume list ``` 2. Identify the persistent volume for Tor, then run (adjust the volume name accordingly): ``` docker run --rm -it -v root_webtunnel-tor-state:/var/lib/tor debian chown -R 100 /var/lib/tor ``` 3. Restart your bridge: ``` docker compose up -d ``` If you need help, please reach out to us on irc #tor-relays (irc.oftc.net) or matrix: https://matrix.to/#/#tor-relays:matrix.org. Thank you for running bridges! gus [1] https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/webt… -- The Tor Project Community Team Lead

1 0

lower relay through-put: consensus or throttling?
by code9n＠pm.me 25 Aug '25

25 Aug '25

Hi, For the last 5 months or so my guard / middle relay ( 41D4F82AB54AE5C5FB8D3CD24B4FC84350EFEF03 ) has been moving about 8MB/sec each way which is lower than it had been doing for the 2 years up to that point - it had been averaging around 12MB/sec. There's been talk on this mailing list of northern European relays getting lower consensus weight recently. (Mine is hosted in the UK). When my vps was last coming up for annual re-payment I told the admins there (Hostworld) that I was maybe not going to renew my annual subscription and the relay's through-put went up to around 20MB/sec for a while - until I'd renewed. So they do boost / throttle to suit themselves. So my question is: Is my last few months lower efficacy likely due to Tor (consensus weight) or throttling by my vps provider? (It's not my settings in torrc, by the way, they're set way higher than is being used and are unchanged since the earlier, higher, through-put). Thanks, Pete

1 0

(no subject)
by kerem the secondary 20 Aug '25

20 Aug '25

[warn] Your server has not managed to confirm reachability for its ORPort(s) at 31.223.44.45:443. Relays do not publish descriptors until their ORPort and DirPort are reachable. Please check your firewalls, ports, address, /etc/hosts file, etc. hello my relay doesnt work, firewall is not running, my isp did not block port 443, i have tried the official torrc file in the techincal setup page (only changed the log, contact and relay name) which did not work. I have not included the entire notices.log file because its 4 megabytes of the same error message. I have no idea what i did wrong please help. Thanks in advance

2 1

authority bandwidth measurements and latency
by Marco Moock 20 Aug '25

20 Aug '25

Hello! I operate 94DEAD24492D6D01E3DE614E8BE6B4035329A4D7 and I've seen various changes in the measured bandwidth in atlas. At the beginning, more than 10 MB/s were measured, now below 3. The machine itself didn't change, I can reach high up- and download rates if I transfer stuff via HTTP/FTP etc. I see that latency isn't that low (50ms https://atlas.ripe.net/measurements/116107380/results) and want to ask if that might be part of this situation. I dunno about the TCP settings of the authority bandwidth testing machines. Can anybody give some hints what's going on? -- Gruß Marco Send unsolicited bulk mail to 1751988041muell(a)stinkedores.dorfdsl.de

3 4

moria1 unreachable from AS202306
by Marco Moock 19 Aug '25

19 Aug '25

Hello! I cannot communicate with moria1 from 78.153.140.44 and it cannot reach my system. I can communicate with the rest of the world. For me, it looks like a firewall is blocking it, as traceroute clearly indicates a different behaviour for ICMP echo request and TCP. I've tried that multiple times. [m@teufel ~]$ traceroute -P tcp -p 9201 128.31.0.39 traceroute to 128.31.0.39 (128.31.0.39), 64 hops max, 40 byte packets 1 gw.hostglobal.plus (78.153.140.1) 0.460 ms 0.427 ms 0.349 ms 2 10.28.1.6 (10.28.1.6) 210.766 ms 353.511 ms 563.838 ms 3 ae8-209.rt.ad.rix.lv.retn.net (87.245.239.26) 25.299 ms 25.264 ms 25.228 ms 4 * ae1-5.rt.irx.fkt.de.retn.net (87.245.232.244) 51.147 ms 52.203 ms 5 * * * 6 * * * 7 * * * 8 * * * 9 * * * 10 * * * 11 * * * 12 * * * 13 * * * 14 * * * [m@teufel ~]$ traceroute -I 128.31.0.39 traceroute to 128.31.0.39 (128.31.0.39), 64 hops max, 48 byte packets 1 gw.hostglobal.plus (78.153.140.1) 0.286 ms 1.231 ms 0.219 ms 2 10.28.1.6 (10.28.1.6) 1041.847 ms 25.035 ms 25.234 ms 3 ae8-209.rt.ad.rix.lv.retn.net (87.245.239.26) 26.015 ms 26.091 ms 26.084 ms 4 ae1-5.rt.irx.fkt.de.retn.net (87.245.232.244) 61.037 ms 53.253 ms 52.533 ms 5 * * * 6 * ae2.13.ear2.Boston1.net.lumen.tech (4.69.230.138) 135.086 ms 135.092 ms 7 * * * 8 * * * 9 * * * 10 * * * 11 * * * 12 * * * 13 * * * 14 * * * 15 * * * What are your opinions about this? -- Gruß Marco Send unsolicited bulk mail to 1755409526muell(a)stinkedores.dorfdsl.de

2 2

Tor relay back to 1 weight
by tor＠obscurity.app 17 Aug '25

17 Aug '25

ADA11AA7FD14CFE904C7E302CA08EFBC8AFB415D My relay jumped to 13500 weight, then back to 1. Even thought relay is really young, this is (in my opinnion) not normal behavior? Tor notice logs doesnt give any error, and relay got unmettered bandwidth.

2 1

Tor People @ WHY2025
by Alexander Hansen Færøy 11 Aug '25

11 Aug '25

Hey Relay Operators, I'll be at the upcoming WHY2025 hacker camp in the Netherlands. WHY2025 is an excellent opportunity to do a Relay Operator meetup at some point during the camp days. Who else from here is going? At the latest CCCamp, we did a meetup at the BornHack village, but we did receive some negative feedback on the noise level in that general area, so I was thinking of investigating if there is a quieter place with some good seating where we could host the meetup this time, and announce the time and location here on the list. Suggestions of locations are most welcome. I recently received a link from tornth on #tor-relays on IRC/Matrix to https://wiki.why2025.org/Project:Tor_Relays, where it's relatively easy to add "Tor Relays" as a project from your WHY2025 wiki account. Cheers, Alex -- Alexander Hansen Færøy

4 6

Low consensus weight votes from European authorities
by Skye Clayton 11 Aug '25

11 Aug '25

Hello, I’ve had a non-exit relay (602D56DFD408530F7FE3056CAF1DA413A50ECAE4) that has been getting low weight votes from authorities like tor26, gabelmoo, and maatuska, compared to other authorities like moria1 and bastet after checking with the consensus-health tor site. At first, I questioned my ISP (ATT Fiber)’s routing to Germany based on an authority IP so I speedtested to four speedtest.net servers in Nuremberg but I received expected bw and around 100ms ping. Regardless, my relay hasn’t had anywhere as much traffic as it should have, and my relay is essentially offering resources to the Tor network that are being devalued right now. My relay’s consensus weight is around 3000, even though moria1 and bastet vote mine around 10000. I would also ask for the Tor developers’ reasoning for using median of authorities in consensus weighting rather than mean since in my mind, if no authorities are malicious/compromised to give false values, then mean would give a more accurate representation of actual measured bw performance from the authorities, IMO. Is median only used because of a large prevalence of extremely skewed bw vote distributions? Can this be remedied in software to allow for mean usage later on? Any help would be appreciated :)

2 1

FW: Re: Tor
by C. Pe. 11 Aug '25

11 Aug '25

forgot to copy the list. ---------------------------------------- Betreff: FW: Re: [tor-relays] Tor Von: C. Pe. <peca-relay(a)mailfence.com> An: CIP <ciptorrelays(a)gmail.com> Datum: 09.08.2025, 17:10:51 Hi, after looking at the first five entries from your list, I observe one common pattern: - Each relay has got a reachable IPv6 address (next to IPv4) - Each relay has an IPv4 exit policy - Each relay has got NO IPv6 exit policy (i.e. "reject 1-65535") Could that be the reason? You have, so to say, an IPv4-exit and at the same time an IPv6 middle-only-relay. (Please note, that I am NOT a member of torproject.org, but just a bridge and non-exit relay operator, so I do not have any further insight) Regards, C. Am 08.08.2025 um 05:13, CIP via tor-relays <tor-relays(a)lists.torproject.org> schrieb: Hello. We launched 20 Tor relays about a few weeks ago. We have learned that all of our relays have 2 strange flags: BadExit and MiddleOnly. Why are these flags assigned to our relays? Did we misconfigure something? Here is a list of our relays: E977DB4A822E3A949E6C2819AEBC3414CE214CF1 CBBAE95A4EE11633C435F7080BC6A03683045E09 06D96F28744B5E904E29A0E5B30EF6939200A657 999CA95B7F7ED9084360F8DA45CBD128FE677450 B6B64E54F1480F649F15E54DDC13E0CEE24117A1 4B55ED89F4DCF003EFEA1F899F6242D484A201CB C3E1511072DA6EFCF14232DB12D7E0B41B493A05 8E57FA4CCCCCA55D5E0DBCA6EEB63D7893CCAC9C 00A591A34E271E1A2BE595B03FA1F349E113589A BA20A8077D27CFE1701805920754867152C23863 4F1557DF7CD3E92880638BB72A0FCC5A30750794 66CE6400C5868EF548FB992D375D7CC8D61ABA4C DF70D38C775156A4662BC9BD9B2565D83663626B F2D902F0E8C40BE0E4328BA825DEAF7A72F0CCE7 C9BB71EA60EB1E5BBE6437E9F95426910E921940 E91A14923166F88221EF6AB9070C1C6702C3B293 81B242FE18D95A39535AFECEDADEBA8969C3FD3A C32A47FD85627A0D4F6EE121C9FA976D77F90160 3E7C2C3065EBAB57C9C1200BE26922F81DE67F16 AC80958B66FE21FAF5B6105F631BC4A7744F64EC _______________________________________________ tor-relays mailing list -- tor-relays(a)lists.torproject.org To unsubscribe send an email to tor-relays-leave(a)lists.torproject.org -- Sent with https://mailfence.com Secure and private email -- Sent with https://mailfence.com Secure and private email

3 3

No update of bridge distribution method?
by C. Pe. 09 Aug '25

09 Aug '25

Hello all, next to my posts about the NAT and non-default IP for bridges topic, I would like to draw your attention to my observation, that somehow, bridge distribution seems not updating and hence no distribution and no traffic. Please refer to the below examples, which all are configured properly without any "special" situation: E80088962F97FE190D734D67E0C656C2A6EADEE7 (webtunnel, on distribution method "none" since more than a week, despite method manually set in torrc) 45E1449B8B87ACFE6AF40CD33E91DFC3CB9B7488 (obfs4, this one is active way longer than indicated in "first seen", also shown as distribution "none") Is something wrong with the distribution DB ? Thanks & regards, C. -- Sent with https://mailfence.com Secure and private email

1 0