- tor-relays - lists.torproject.org

Connectivity issues; disabling my relay
by Steven Chamberlain 16 Feb '17

16 Feb '17

Hello! My non-exit Tor relay "4pyro2eu3org0" in the United Kingdom is served by a consumer FTTC broadband line. It had a rare, unexplained outage on 2016-01-19 between 00:00 and 02:00 UTC. Two other lines with the same provider, terminating in the same local telephone exchange, were unaffected. When it came back, latency was different (lower) than before, to the first hop (the LNS in Birmingham) suggesting ATM traffic maybe taking a different (faster) route through BT's network *or* just my modem having resynced with different modulation. (Smokeping graph attached). But what concerns me, are intermittent bursts of packet loss (for about 3 seconds, happening every 10-60 seconds) which have been happening for more than 24 hours since. My ISP has checked with BT and assures me no maintenance work was scheduled that night; they see in their logs that my PPP session dropped at that time but believe no other customers at my local telephone exchange were affected. I consider that - whatever may be causing this - this kind of interruption to Tor relay traffic, could make timing attacks easier for an observer. So I'm shutting down my relay until this can be explained and fixed. At the very least, I should replace the BT Openreach-supplied VDSL modem (Huawei HG521) or its firmware with something I have more control over (and third parties have less control over...) Here's how the issue looks in mtr (at 1-second intervals); it affects all IP traffic. Maybe this is something benign, but I encourage other relay operators to be vigilant nonetheless. 1. 217.155.40.118 (Tor relay) ................................................................................... 2. 62.3.80.17 (LNS) .........................???......................???............???............... 3. x.x.x.x (test machine on same ISP) .........................???......................???............???............... and in reverse: 1. x.x.x.x (test machine on same ISP) ................................................................................... 2. 62.3.80.17 (LNS) ................................................................................... 3. 217.155.40.118 (Tor relay) .........................???......................???............???............... Regards, -- Steven Chamberlain steven(a)pyro.eu.org

3 4

[OrNetRadar] loskiq exit relays
by nusenu 14 Feb '17

14 Feb '17

Hi Amir, thanks for adding so many tor exit relays. You might want do consider rejecting port 25 in your ExitPolicy, that is the default: https://www.torproject.org/docs/tor-manual.html.en#ExitPolicy Also please set the MyFamily in your torrc https://www.torproject.org/docs/tor-manual.html.en#MyFamily If you need help with that let us know. thanks, nusenu ornetradar(a)riseup.net: > 2017-02-11 > ----------------------------------------------------------------------------------------------------------------------- > Up|Ext|JoinTime| IP | AS | CC | ORp | Dirp | OS | Version | Nickname | eFamlen > ----------------------------------------------------------------------------------------------------------------------- > 1 | 1 | 09:34:02 | 13.94.150.167 | Microsoft Corpo | nl | 8080 | 21 | Linux | 0.2.9.9 | loskiq | 1 > 1 | 1 | 13:20:08 | 13.74.174.90 | Microsoft Corpo | ie | 8080 | 21 | Linux | 0.2.9.9 | loskiq | 1 > 1 | 1 | 10:30:29 | 13.81.62.91 | Microsoft Corpo | nl | 8080 | 21 | Linux | 0.2.9.9 | loskiq | 1 > 1 | 1 | 15:10:13 | 40.69.73.77 | Microsoft Corpo | ie | 8080 | 21 | Linux | 0.2.9.9 | loskiq | 1 > 1 | 1 | 20:00:54 | 40.118.98.190 | Microsoft Corpo | nl | 8080 | 21 | Linux | 0.2.9.9 | loskiq | 1 > 1 | 1 | 11:37:42 | 13.73.158.253 | Microsoft Corpo | nl | 8080 | 21 | Linux | 0.2.9.9 | loskiq | 1 > 0 | 0 | 11:56:32 | 104.47.155.162 | Microsoft Corpo | nl | 8080 | 21 | Linux | 0.2.9.9 | loskiq | 1 > 1 | 0 | 17:03:54 | 13.69.10.96 | Microsoft Corpo | nl | 8080 | 21 | Linux | 0.2.9.9 | loskiq | 1 > 1 | 0 | 15:36:37 | 52.164.227.83 | Microsoft Corpo | ie | 8080 | 21 | Linux | 0.2.9.9 | loskiq | 1 > 1 | 1 | 09:49:38 | 104.46.34.192 | Microsoft Corpo | nl | 8080 | 21 | Linux | 0.2.9.9 | loskiq | 1 > 1 | 0 | 16:34:04 | 13.81.114.52 | Microsoft Corpo | nl | 8080 | 21 | Linux | 0.2.9.9 | loskiq | 1 > Fingerprints: > EBCFE46B8B756B44EC93BD833804C80341EB61CC,4896D07700198BE676543CC7F29A117C9DB8EE41,425C84600D0FD3781A553BD29D4E8782AB580120,4FAFBB649045A5C466ABBE6D702A55914DA2BEA7,05DBC69C4E392F83AF5C3F803913A3907E91DD6D,5245785C5CEBB51DD7CD9BBBB649AFE3FF5A85AD,1BFA55620CFC63B6ECE80877E282526E6F493903,7CCC661464AA0A954D2584B06D411175AFC91533,7E327AC4A36679C2A0A8F694B81CD182DB0E8560,0775CC3939EC0B749377EB53DFFEEA7E41F4CE82,5743EF596F776B20B1F0F551A9BF4EFCCE2E07EE >

1 1

Normal to lose stable/guard flags on relay reboot?
by Jivan Amara 13 Feb '17

13 Feb '17

Hi all, I recently rebooted a server hosting a relay (XOXXOX). Traffic plummeted to zero for five days and the relay lost all its flags except fast/running/valid. The server was down less than a minute. Is this normal?

4 5

My first relay is running
by Juan Guillermo Narvaez 13 Feb '17

13 Feb '17

Hello everyone! I'm start running my Tor relay today. Now what? =) -- J. Guillermo Narvaez @_aran0id

3 2

Reminder: If you are on 0.2.9.x, make sure you are running 0.2.9.9
by Nick Mathewson 12 Feb '17

12 Feb '17

Hi, awesome relay operators! About two weeks ago, we put out 0.2.9.9, to fix a significant problem in our build process that led to an easy remote crash attack: o Major bugfixes (security): - Downgrade the "-ftrapv" option from "always on" to "only on when --enable-expensive-hardening is provided." This hardening option, like others, can turn survivable bugs into crashes -- and having it on by default made a (relatively harmless) integer overflow bug into a denial-of-service bug. Fixes bug 21278 (TROVE-2017-001); bugfix on 0.2.9.1-alpha. If you are on some earlier version of 0.2.9.x, it would be really great if you could update your relay some time soon: I want to put out a fix for the underlying bug here, but I'm hesitant to do so while there are still 700 crashable relays on the network. Also if you are on 0.3.0.1-alpha, you should upgrade to 0.3.0.2-alpha or later, but there are only around 53 relays still on that version, so I'm freaking out less about that. best wishes and many thanks, -- Nick

14 22

Reaching out to webiron
by Andrew Deason 12 Feb '17

12 Feb '17

I run an exit node, and as such, I get abuse emails like this from time to time: <https://lists.torproject.org/pipermail/tor-relays/2015-October/007982.html> Mostly I ignore them, but since their automated report contains the sentence "Please feel free to send us your comments or responses.", every so often I send something to complain about their practices. To my surprise, apparently somebody does actually read these because today I got a reply. I'm not reproducing the entire response here without permission (they seem kinda touchy), but the person that replied did mention that they have some kind of rbl "in beta" regarding tor exits. They seemed to imply that doing so was quite a burden on them, though, which I don't really understand (IME blocking tor exits is easy; intentionally so). I'm trying to keep the conversation going, but I was wondering if anyone from the tor project has tried to reach out to them in some kind of official way? I'm just some random guy, so I don't know if it would be preferable for someone more knowledgeable, or with more access to tor infrastructure, to be conversing with them. (e.g. teor) I assume some people will say this isn't even worth the effort; it's not like it's hard to just ignore those reports. But it doesn't take much effort to just try to talk ot them, and it perhaps helps to give tor a reputation of cooperation and helpfulness. -- Andrew Deason adeason(a)dson.org

11 23

Re: [tor-relays] Reminder: If you are on 0.2.9.x, make sure you are running 0.2.9.9
by Mick 09 Feb '17

09 Feb '17

Sorry, I thought I had. I must have hit the wrong reply button. Now copied in. Apologies for the top post.......On 9 Feb 2017 21:58, Roger Dingledine wrote: > > On Thu, Feb 09, 2017 at 09:57:03PM +0000, mick wrote: > > Done > > > > Now running 0.2.9.9. > > Thanks! Can you send this to the list too, for completeness? > > Or, do you mind if I do that? > > --Roger >

1 0

Hostname in DirAuthority config
by Andrew Smith 09 Feb '17

09 Feb '17

Hi I'm experimenting running my own tor network. To achieve this I'm setting DirAuthority in torrc. But it seems that I cannot use a hostname for my DirAuthority. For example: DirAuthority da1 orport=7000 no-v2 v3ident=xxx da1:7000 xxx Results in the error: Unrecognized flag 'da1:7000' on DirAuthority line If I replace "da1" with an IP address there is no error. Is this expected behaviour? I'm running tor v0.2.8.12. The documentation calls this an "address" (as opposed to other parts which refer to an "IP") which made me think a hostname would work. Thanks -- Andy Smith http://andrewmichaelsmith.com | @bingleybeep

3 6

What does this log message mean ? : Starting with guard context "default"
by Toralf Förster 08 Feb '17

08 Feb '17

3 3

assign_to_cpuworker failed
by diffusae 07 Feb '17

07 Feb '17

Hello! What does this warning mean? "Jan 13 09:31:49.000 [warn] assign_to_cpuworker failed. Ignoring." Do I need to reduce the number of connection to the relay or could I ignore this message? Regards,

5 21