- tor-relays - lists.torproject.org

Netflix overblocking non-exit Tor relays
by Gero Kuehn 16 Dec '16

16 Dec '16

tl;dr: Even paying customers sharing IPs with non-exit Tor relays are now blocked from accessing Netflix Hello everyone ! After two very fruitless attempts to get the issue silently resolved through proper Netflix support channels, the time has come to make this public. As some of you have probably already read in the news, Netflix recently announced a crackdown on what they call "VPN Pirates" and what I call "paying customers using the same benefits of globalization that global companies like Netflix (ab)use for their taxes". They have now obviously changed their strategy regarding the Tor network. I am operating (among others) a middle-relay on a German residential fixed-ip VDSL-50 line (dc6jgk1/486740353B905AA4731F82C0B4CC25821A62C6E3) behind a NAT. Until 2 days ago, none of the devices sharing the same external IP address had any problem connecting to Netflix and there never was a Tor exit relay on that IP as far as I can tell. It is also obviously not possible for users of the Tor network to connect to Netflix through middle relays. As a consequence they should not be classifying such IP addresses as VPNs/Proxies and they should not be blocking them. This has been escalated and explained twice to "technical supervisors" in their callcenters. They did however not leave the impression that they a) care or b) intend to fix this at some point by parsing the Tor network information properly instead of using whatever cheap&wrong hack they use now. The official response from Netflix is that you now need to make a choice between operating that Tor relay (of any type) and the ability to watch Netflix. They also strictly refuse to refund any remaining credit in the customer account. My personal choice with regards to that blackmailing is as clear my next steps (conditional cancellation, 14 day deadline for refund and a legal challenge of their German AGB with regards to this issue). I am allergic to being blackmailed like that and being called a pirate by a service I legitimately paid for. For those of you who just would like to contribute to the Tor network without having trouble like that, please do not let this nonsense stop you. A more diversified Tor network is a more healthy network and I would really like to see more normal users operating tor relays operating in as many different locations as possible - including DSL lines "that are there anyways". If you do not want to be put into a position where you have to choose between your contribution to the network and some legal and paid-for entertainment, you might want to operate only a bridge until the issue has been resolved. If you already have the same problem, make it as expensive for Netflix as possible and spread the word about why this block (and geoblocking in general) is wrong. Thanks ! Kind regards, Gero / dc6jgk

14 21

Re: [tor-relays] Tor relay from home - end of experiment?
by balbea16 15 Dec '16

15 Dec '16

Hi Peter unfortunately your message is empty, it only shows the signature. This occurs with all signed messages. I have no idea how to solve the problem.Mike -------- Ursprüngliche Nachricht -------- Von: Peter Ludikovsky <peter(a)ludikovsky.name> Datum: 15.12.16 07:22 (GMT+01:00) An: tor-relays(a)lists.torproject.org Betreff: Re: [tor-relays] Tor relay from home - end of experiment? _______________________________________________ tor-relays mailing list tor-relays(a)lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

2 1

Re: [tor-relays] Tor relay from home - end of experiment?
by balbea16 15 Dec '16

15 Dec '16

Hi J. I know. But I need a fan on top of the sinks. Just the heat sinks are not efficient enough. -------- Ursprüngliche Nachricht -------- Von: Rana <ranaventures(a)gmail.com> Datum: 15.12.16 11:19 (GMT+01:00) An: tor-relays(a)lists.torproject.org Betreff: Re: [tor-relays] Tor relay from home - end of experiment? I meant aluminum heat sink, not a fanHeat sinks do not make noise, they are flat pieces of metal with rib structure for improved heat radiation. You glue them on the chips that tend to become hot as they crunch your Tor relay traffic. But hey, whatever turns you on J

1 0

Re: [tor-relays] Tor relay from home - end of experiment?
by balbea16 15 Dec '16

15 Dec '16

J, TNX for the recommendation. Just used a spare one. Temperature dropped to 41 C. Didn't like the noise, because it's running permanentely. However, you are right :-) -------- Ursprüngliche Nachricht -------- Von: Rana <ranaventures(a)gmail.com> Datum: 15.12.16 09:34 (GMT+01:00) An: tor-relays(a)lists.torproject.org Betreff: Re: [tor-relays] Tor relay from home - end of experiment? Well I do suggest that you get a set of Pi heat sinks on ebay for $0.70 (including postage from China, adhesive and sinks for all 3 chips on the Pi). And if you are as extravagant as I you will even shell out an additional $1.20 for a Pi case. Your 20 mbps relay has some value, you do not want to step on it accidentally J From: tor-relays [mailto:tor-relays-bounces@lists.torproject.org] On Behalf Of balbea16 Sent: Thursday, December 15, 2016 10:24 AM To: tor-relays(a)lists.torproject.org Subject: Re: [tor-relays] Tor relay from home - end of experiment? You are totally right. Besides the "cost" for the PI, I pay some additional Euros per month for the 40 MBIT upload, that's it. I really can recomment to run a relay on a Pi 3. Let's see how the Tor authorities handle this. By the way the CPU temperature levels around 60 Celsius (without running arm). I don't cool it. Mike Von meinem Samsung Gerät gesendet. -------- Ursprüngliche Nachricht -------- Von: Rana <ranaventures(a)gmail.com> Datum: 15.12.16 08:53 (GMT+01:00) An: tor-relays(a)lists.torproject.org Betreff: Re: [tor-relays] Tor relay from home - end of experiment? OK then let me summarize. 1. You are running a Pi from Cologne, at 21 mbps (measured) peak, 900 kbps (measured) average utilization by Tor, with 1300 connections.2. Your Pi is under-utilized, probably limited by your ISP’s peering with those to which DirAuths are connected. 20% CPU utilization, 50% memory utilization. 3. Given that part of the memory is used by Linux kernel, and that the PI Ethernet interface is nominally 100 mbps, the Pi is probably able to sustain up to 3000 connections. Bottom line: the $35 Pi is a killer and running a Tor node with up to 3000 connections on another computer is probably a big waste of money. Comments welcome. From: tor-relays [mailto:tor-relays-bounces@lists.torproject.org] On Behalf Of balbea16 Sent: Thursday, December 15, 2016 9:04 AM To: tor-relays(a)lists.torproject.org Subject: Re: [tor-relays] Tor relay from home - end of experiment? Pls. refer to may answers after each of your questions. -------- Ursprüngliche Nachricht -------- Von: Rana <ranaventures(a)gmail.com> Datum: 15.12.16 07:44 (GMT+01:00) An: tor-relays(a)lists.torproject.org Betreff: Re: [tor-relays] Tor relay from home - end of experiment? >Hi There>This is a pretty interesting topic. I have been running a Rasp Pi 3 based relay since August this year. By now, I am up to about 1,300 incomming and outgoing connections, and a max of >about 21mbps. This is about 50% of the max. upload speed. Consensus weight is between 3,000 and 6,000. The CPU is running at 20% max. However, my local ISP disconnects me after 24 >to 36 hours. From my point of view this is the only disadvantage. > >For a home based relay, is that good, bad, or just average? Is there a chance for me to get a stable, or even guard flag? What are your experiances?>MikeMy experience is bad, the relay is not taking off at all, I have consensus weight of 19 and am sending less than 20 MB every 6 hours despite having bandwidth measured by Tor of between 70 and 120 KB/s. The total up bandwidth I have in ISP connection is 1.5 mbps and this is probably the issue. I also run this on Pi 3. I did, however, get a stable flag after 5 days, and have had it since then. My IP is dynamic and did not change in these 5 days or in the 4 days that passed since I got the Stable flag. My relay nickname is ZG0.Based on your experience I think your are doing fabulously well for a home relay, and that what really counts is the ISP bandwidth, and the Stable flag does not have much to do with how much traffic you get. Moreover, your 20% cpu util confirms my opinion that Pi is the perfect, most cost efficient way to run a relay and that running it on a larger computer is a waste of resources and money (up to the point Raspi chokes which we are yet to discover J)Moreover, clearly Pi’s cpu power will never be the bottleneck, only its memory size. You have a total of 1GB of memory on your Pi 3, what’s your memory utilization? about 513 MB What’s the total traffic the Pi sends every 6 hours (reported in the Tor log file /var/log/tor/notices.log and, for the previous time window, in /var/log/tor/notices.log.1)? About 19 GB in the last 6 hour period, with a total sent 2671.53 GB and received 2625.31 GB. What’s your relay’s nickname? Balbea16

2 1

Re: [tor-relays] Tor relay from home - end of experiment?
by balbea16 15 Dec '16

15 Dec '16

You are totally right. Besides the "cost" for the PI, I pay some additional Euros per month for the 40 MBIT upload, that's it. I really can recomment to run a relay on a Pi 3. Let's see how the Tor authorities handle this. By the way the CPU temperature levels around 60 Celsius (without running arm). I don't cool it. Mike Von meinem Samsung Gerät gesendet. -------- Ursprüngliche Nachricht -------- Von: Rana <ranaventures(a)gmail.com> Datum: 15.12.16 08:53 (GMT+01:00) An: tor-relays(a)lists.torproject.org Betreff: Re: [tor-relays] Tor relay from home - end of experiment? OK then let me summarize. 1. You are running a Pi from Cologne, at 21 mbps (measured) peak, 900 kbps (measured) average utilization by Tor, with 1300 connections.2. Your Pi is under-utilized, probably limited by your ISP’s peering with those to which DirAuths are connected. 20% CPU utilization, 50% memory utilization. 3. Given that part of the memory is used by Linux kernel, and that the PI Ethernet interface is nominally 100 mbps, the Pi is probably able to sustain up to 3000 connections. Bottom line: the $35 Pi is a killer and running a Tor node with up to 3000 connections on another computer is probably a big waste of money. Comments welcome. From: tor-relays [mailto:tor-relays-bounces@lists.torproject.org] On Behalf Of balbea16 Sent: Thursday, December 15, 2016 9:04 AM To: tor-relays(a)lists.torproject.org Subject: Re: [tor-relays] Tor relay from home - end of experiment? Pls. refer to may answers after each of your questions. -------- Ursprüngliche Nachricht -------- Von: Rana <ranaventures(a)gmail.com> Datum: 15.12.16 07:44 (GMT+01:00) An: tor-relays(a)lists.torproject.org Betreff: Re: [tor-relays] Tor relay from home - end of experiment? >Hi There>This is a pretty interesting topic. I have been running a Rasp Pi 3 based relay since August this year. By now, I am up to about 1,300 incomming and outgoing connections, and a max of >about 21mbps. This is about 50% of the max. upload speed. Consensus weight is between 3,000 and 6,000. The CPU is running at 20% max. However, my local ISP disconnects me after 24 >to 36 hours. From my point of view this is the only disadvantage. > >For a home based relay, is that good, bad, or just average? Is there a chance for me to get a stable, or even guard flag? What are your experiances?>MikeMy experience is bad, the relay is not taking off at all, I have consensus weight of 19 and am sending less than 20 MB every 6 hours despite having bandwidth measured by Tor of between 70 and 120 KB/s. The total up bandwidth I have in ISP connection is 1.5 mbps and this is probably the issue. I also run this on Pi 3. I did, however, get a stable flag after 5 days, and have had it since then. My IP is dynamic and did not change in these 5 days or in the 4 days that passed since I got the Stable flag. My relay nickname is ZG0.Based on your experience I think your are doing fabulously well for a home relay, and that what really counts is the ISP bandwidth, and the Stable flag does not have much to do with how much traffic you get. Moreover, your 20% cpu util confirms my opinion that Pi is the perfect, most cost efficient way to run a relay and that running it on a larger computer is a waste of resources and money (up to the point Raspi chokes which we are yet to discover J)Moreover, clearly Pi’s cpu power will never be the bottleneck, only its memory size. You have a total of 1GB of memory on your Pi 3, what’s your memory utilization? about 513 MB What’s the total traffic the Pi sends every 6 hours (reported in the Tor log file /var/log/tor/notices.log and, for the previous time window, in /var/log/tor/notices.log.1)? About 19 GB in the last 6 hour period, with a total sent 2671.53 GB and received 2625.31 GB. What’s your relay’s nickname? Balbea16

2 1

Re: [tor-relays] Tor relay from home - end of experiment?
by balbea16 15 Dec '16

15 Dec '16

Pls. refer to may answers after each of your questions. -------- Ursprüngliche Nachricht -------- Von: Rana <ranaventures(a)gmail.com> Datum: 15.12.16 07:44 (GMT+01:00) An: tor-relays(a)lists.torproject.org Betreff: Re: [tor-relays] Tor relay from home - end of experiment? >Hi There>This is a pretty interesting topic. I have been running a Rasp Pi 3 based relay since August this year. By now, I am up to about 1,300 incomming and outgoing connections, and a max of >about 21mbps. This is about 50% of the max. upload speed. Consensus weight is between 3,000 and 6,000. The CPU is running at 20% max. However, my local ISP disconnects me after 24 >to 36 hours. From my point of view this is the only disadvantage. > >For a home based relay, is that good, bad, or just average? Is there a chance for me to get a stable, or even guard flag? What are your experiances?>MikeMy experience is bad, the relay is not taking off at all, I have consensus weight of 19 and am sending less than 20 MB every 6 hours despite having bandwidth measured by Tor of between 70 and 120 KB/s. The total up bandwidth I have in ISP connection is 1.5 mbps and this is probably the issue. I also run this on Pi 3. I did, however, get a stable flag after 5 days, and have had it since then. My IP is dynamic and did not change in these 5 days or in the 4 days that passed since I got the Stable flag. My relay nickname is ZG0.Based on your experience I think your are doing fabulously well for a home relay, and that what really counts is the ISP bandwidth, and the Stable flag does not have much to do with how much traffic you get. Moreover, your 20% cpu util confirms my opinion that Pi is the perfect, most cost efficient way to run a relay and that running it on a larger computer is a waste of resources and money (up to the point Raspi chokes which we are yet to discover J)Moreover, clearly Pi’s cpu power will never be the bottleneck, only its memory size. You have a total of 1GB of memory on your Pi 3, what’s your memory utilization? about 513 MB What’s the total traffic the Pi sends every 6 hours (reported in the Tor log file /var/log/tor/notices.log and, for the previous time window, in /var/log/tor/notices.log.1)? About 19 GB in the last 6 hour period, with a total sent 2671.53 GB and received 2625.31 GB. What’s your relay’s nickname? Balbea16

2 1

Re: [tor-relays] Tor relay from home - end of experiment?
by balbea16 15 Dec '16

15 Dec '16

Hi ThereThis is a pretty interesting topic. I have been running a Rasp Pi 3 based relay since August this year. By now, I am up to about 1,300 incomming and outgoing connections, and a max of about 21mbps. This is about 50% of the max. upload speed. Consensus weight is between 3,000 and 6,000. The CPU is running at 20% max. However, my local ISP disconnects me after 24 to 36 hours. From my point of view this is the only disadvantage. For a home based relay, is that good, bad, or just average? Is there a chance for me to get a stable, or even guard flag? What are your experiances?Mike

2 1

Tor relay from home - end of experiment?
by Rana 15 Dec '16

15 Dec '16

After 9 days of running a relay with a stable IP address (with "Stable" flag during the last 4 days) and consensus bw steadily oscillating around 20 despite the 100 Kbyte/s bandwidth measured by Tor and 200 Kbyte/s bandwidth measured on the Internet connection, I guess it is time to quit. My relay is consistently sending less than 20MB every 6 hours, which probably means that is not making a noticeable contribution to Tor network. I have also been running another relay for the last 5 days from a friend's home - he has a static IP, a different ISP from mine and twice the bandwidth. His consensus is bw dead locked at 31 and never changes. He is getting Fast flag on and off, no Stable flag, his Atlas measured bandwidth is 150 KB/s. The traffic it relays is only slightly larger than mine, so I guess it is time to quit for this one, too. Any other advice / ideas welcome. Rana

6 17

Did you recently start >750 bridges?
by nusenu 14 Dec '16

14 Dec '16

Hi, If you recently added >750 bridges (without malicious intend) or know anything about it, please read this thread: [1] https://lists.torproject.org/pipermail/tor-project/2016-December/000851.html and get in contact with them (without disclosing the location of your bridges to the public). regards, nusenu

1 0

Does the "Advertised bandwidth" correlates with the "Consensus Weight"
by Toralf Förster 13 Dec '16

13 Dec '16

2 2