- tor-relays - lists.torproject.org

Opening metrics-api.torproject.org for testing
by Hiro 03 Aug '24

03 Aug '24

Hello everyone, As part of our redesign of the metrics pipeline, we have developed a new API that will eventually replace Onionoo: the Network Status API (aka NSA). We are now opening NSA for testing, and it can be accessed at: https://metrics-api.torproject.org. Documentation is available here: https://gitlab.torproject.org/tpo/network-health/metrics/networkstatusapi/-…. Please note that the API may be unstable at times, and some results might be inconsistent. Onionoo will remain our primary data source for relay search at least until the end of the year. We welcome any suggestions or feedback regarding the types of information that should be included in the API. You can provide feedback by opening an issue on the repository or by replying to this email. Thank you. -hiro

4 3

Tor Metrics 'Running' flag is back for bridges who don't publish the OrPort
by lists＠for-privacy.net 30 Jul '24

30 Jul '24

I don't know if this was mentioned at the Tor Relay Meeting yesterday, if so, I missed it. ;-) A few months ago there was a recommendation to not exposing OrPort for bridges. This had the unpleasant effect that all bridges were 'red' on Tor Metrics, even though they were running perfectly fine. I noticed yesterday after the meeting that everything is 'green' again. https://metrics.torproject.org/rs.html#search/ForPrivacyNET Thank you, I believe these 6 people did that: https://gitlab.torproject.org/tpo/network-health/team/-/issues/318 -- ╰_╯ Ciao Marco! Debian GNU/Linux It's free software and it gives you freedom!

5 7

Re: [tor-relays] Archive key from deb.torproject.org was renewed!
by boldsuck 25 Jul '24

25 Jul '24

On Donnerstag, 25. Juli 2024 01:29:41 CEST you wrote: > What was the previous key for reminder? The same ;-) > This looks like exactly the one I installed BEFORE all your messages > mentioning the requirement to update... manually. Of course, it is the same key as before. When creating PGP keys, an expiration date is defined by default. The Repo PGP key is always valid for 2 years and the expiry date has been extended for the next 2 years. > I have a problem in that I like to remove ssh before I leave my > installations, to be conscious. What do you mean exactly? 'exit', and you are logged out. > I would have to re-install yet I am pretty sure my key was also 89-ending. > > QUESTION: > > is there any one / way to tell whether my relays have the proper key > from any metrics / torproject admin / version showing up? apt update gives error message that key has expired. apt-key -list /etc/apt/trusted.gpg.d/deb.torproject.org-keyring.gpg ----------------------------------------------------- pub rsa2048 2009-09-04 [SC] [expires: 2028-08-29] A3C4 F0F9 79CA A22C DBA8 F512 EE8C BC9E 886D DD89 uid [ unknown] deb.torproject.org archive signing key sub rsa2048 2009-09-04 [S] [expires: 2026-09-09] -- ╰_╯ Ciao Marco! Debian GNU/Linux It's free software and it gives you freedom!

1 1

OT: Tor Control Protokoll ADD_ONION
by boldsuck 24 Jul '24

24 Jul '24

Hi, In the control-spec https://spec.torproject.org/control-spec/commands.html#add_onion or https://github.com/torproject/torspec/blob/main/control-spec.txt#L1777 The ADD_ONION 'Flag' include Hidden Service options: MaxStreamsCloseCircuit and MaxStreams, among others. We also want to use the PoWDefenses and IntroDoSDefense parameters. Is the control-spec outdated or is it not possible to set these parameters via Flag? -- ╰_╯ Ciao Marco! Debian GNU/Linux It's free software and it gives you freedom!

1 0

OT: Tor-Metrics for Hidden Services
by boldsuck 24 Jul '24

24 Jul '24

Does anyone know where I can find information about the MetricsPort output? In particular, hs introduction point and rendezvous point circ build time bucket. What do the numbers represent le="1000.00" - le="6000.00" suggested-effort value Do I understand correctly that the value goes from 0-1000? https://spec.torproject.org/hspow-spec/common-protocol.html#client-limits # HELP tor_hs_intro_circ_build_time The introduction circuit build time in milliseconds # TYPE tor_hs_intro_circ_build_time histogram tor_hs_intro_circ_build_time_bucket{onion="somerandomonionaddress",le="1000.00"} 128 tor_hs_intro_circ_build_time_bucket{onion="somerandomonionaddress",le="5000.00"} 205 tor_hs_intro_circ_build_time_bucket{onion="somerandomonionaddress",le="10000.00"} 205 tor_hs_intro_circ_build_time_bucket{onion="somerandomonionaddress",le="30000.00"} 205 tor_hs_intro_circ_build_time_bucket{onion="somerandomonionaddress",le="60000.00"} 205 tor_hs_intro_circ_build_time_bucket{onion="somerandomonionaddress",le="+Inf"} 205 tor_hs_intro_circ_build_time_sum{onion="somerandomonionaddress"} 210297 tor_hs_intro_circ_build_time_count{onion="somerandomonionaddress"} 205 # HELP tor_hs_rend_circ_build_time The rendezvous circuit build time in milliseconds # TYPE tor_hs_rend_circ_build_time histogram tor_hs_rend_circ_build_time_bucket{onion="somerandomonionaddress",le="1000.00"} 14275 tor_hs_rend_circ_build_time_bucket{onion="somerandomonionaddress",le="5000.00"} 24060 tor_hs_rend_circ_build_time_bucket{onion="somerandomonionaddress",le="10000.00"} 24095 tor_hs_rend_circ_build_time_bucket{onion="somerandomonionaddress",le="30000.00"} 24096 tor_hs_rend_circ_build_time_bucket{onion="somerandomonionaddress",le="60000.00"} 24096 tor_hs_rend_circ_build_time_bucket{onion="somerandomonionaddress",le="+Inf"} 24096 tor_hs_rend_circ_build_time_sum{onion="somerandomonionaddress"} 25308501 tor_hs_rend_circ_build_time_count{onion="somerandomonionaddress"} 24096 # HELP tor_hs_pow_suggested_effort Suggested effort for requests with a proof of work client puzzle # TYPE tor_hs_pow_suggested_effort gauge tor_hs_pow_suggested_effort{onion="somerandomonionaddress"} 1 -- ╰_╯ Ciao Marco! Debian GNU/Linux It's free software and it gives you freedom!

1 0

bridges
by Earl M. Northern 22 Jul '24

22 Jul '24

obfs4 49.12.224.203:8001 8E6B9FB7914E9ECA1BD271AB33FF8D868EEA6DE5 cert=zZcPgBgVxKhmhlo2M0yLKTGkxDnSXl2372d5E0POqVMpmzu0tsIlegXR4OolUDudfD+7CA iat-mode=0 obfs4 94.131.97.25:50703 4DF9058B33F6D3E72A4397B09A40503AF51DAA04 cert=HXw+QS4SVjB9/oekpZSQcGDyoNxrp8a/mOQ14qSAuLPp5b9h6H1p4VB8008VHWPwj7vBJA iat-mode=0 obfs4 88.198.12.66:1812 7611DAC3C59A43322D774400F57FDA4D2AC0EEE2 cert=Qo94bPwOyZ9gRUJkyXFV5AhLXOPa+Ilgt8gQ+5a2Mw2NSzzvEY00FhWfeCnfSGs81CYLZA iat-mode=0

3 2

tor middle relay issue
by theyarewatching 22 Jul '24

22 Jul '24

I have had two ubuntu based tor middle relays fail.I am using a proxmox server and have tried both ubuntu server 20.04 and a fresh download of ubuntu 24.04. I follow the tor website install instructions. The results show the same no matter what version of ubuntu. "failed to start Tor(a)default.service. This is the same result with the original install and a brand new VM install on Proxmox. Any input would be greatly appreciated Thank you SDS

1 0

OOM at relay with small RAM if statistic configs are enabled
by Toralf Förster 14 Jul '24

14 Jul '24

Regarding to https://gitlab.torproject.org/tpo/core/tor/-/issues/40958 I do wonder if that issue happened for stable Tor versions too - I do run myself git HEAD only. FWIW at my bare metal relay the RAM consumption per Tor process decreased by about 0.7 GiB. -- Toralf

1 0

Hardware sizing for physical exit node
by Osservatorio Nessuno 10 Jul '24

10 Jul '24

Hi everyone, we are planning to get some hardware to run a physical Tor exit node, starting with a 1Gbps dedicated, unmetered uplink (10Gbps downlink). We will also route a /24 on it, so we will have large availability of addresses to run multiple instances. We have been running a few exit nodes so far, but never on our own hardware. Which is the bandwith limit per core/Tore instance? Or what can we expect to be the bottleneck? Due to some other requirements we need for some experiments (SFP ports, coreboot support, etc) we can mainly choose between these 2 CPUs: Intel i5-1235U Intel i7-1255U The cost between the two models is significant enough in our case to pick the i7 only if it's really useful. In both cases with 32GB of DDR5 RAM (we can max to 64 if needed, but is it?). Should this allow us to saturate the uplink? To summarize, with this bandwith, this hardware and a /24 how many Tor exit nodes should be ideal to run considering that each of them could have their own address? Thanks!

5 4

Seeking Advice on Running Multiple Tor Relays or A Bridge
by Alessandro Greco 07 Jul '24

07 Jul '24

Hello Tor Community, I have some experience running a Tor relay, and I am now interested in setting up another one. I plan to do this using my home internet connection, which is an FTTH line with bandwidth up to 2 Gbps. I have read that it is possible to run multiple relays on the same node, but I am unsure how to configure this. Additionally, I am curious about what would be most beneficial for the Tor network today: a highly resilient bridge or multiple relays managed from the same node? Is it feasible to operate both at the same time? This is probably not the best idea since the bridge's IP address would be public, right? I am looking for guidance on the best course of action to support the Tor community. Thank you in advance for your assistance,Aleff.

4 5