- tor-relays - lists.torproject.org

Slow bandwidth, bridge + obfsproxy project (+Socks for LAN?)
by Petrusko 01 May '16

01 May '16

Hey all, 1. Coming here to learn some quick lessons about bridges+obfsproxy. I'm thinking about that when I see some slow upload bandwidth speed like at home for example. Running a relay will be a bottleneck... so a bridge will be more useful... (less than 1Mbits/s upload :s ) 2. If computers running bridges are not 24/24 powered, will it be useful for people ? When I see the "lifecycle of a relay" article, I can understand a relay will be useful if it's always available, but what about a bridge ? (office hours for example) 3. Will this bridge+obfsproxy can be useful for the LAN computers, with Socks for example for LAN connections, to redirect traffic to Tor ? Those services can run together on the same instance ? ex on the doc: SocksPort 4000 #example for the LAN connection (default = 0) ORPort auto BridgeRelay 1 Exitpolicy reject *:* 4. I'm confused, the "bridge" is acting like a relay ? (like a router on a network, 50% upload / 50% download...?). Or like a hidden door to contact the Tor network, and the client will only use relays after without the bridge ? (I don't want this server to be a bottleneck...!) Many thx for your help and your thoughts about this little contribution! -- Petrusko PubKey EBE23AE5 C0BF 2184 4A77 4A18 90E9 F72C B3CA E665 EBE2 3AE5

2 2

Re: [tor-relays] "support team" address?
by eliaz 01 May '16

01 May '16

Thanks for the precise help, Roger. some relies interleaved: > On 4/30/2016 7:41:48 PM, Roger Dingledine (arma(a)mit.edu) wrote: > > On Sat, Apr 30, 2016 at 02:51:27PM +0000, eliaz wrote: > > I'm having crashes when restarting tor. I get the error message "Tor > > unexpectedly exited.... Send a copy of Your Tor Log to the support > > team." So, what's the address? > > We have alas stopped operating the support team, since we didn't have > funding to keep it going, and it was being overwhelmed by users who wanted > the same things over and over. We've instead been focusing on cleaning > up our documentation, improving user experience, etc in hopes that in > the future we'll have fewer users who think contacting the support desk > is the right first move. > > I've opened https://trac.torproject.org/projects/tor/ticket/18939 > so we can confuse fewer users with that phrase. Aha, that must be why previous requests to rt.torproject.org went unanswered? Water over the dam... > In your case, my guess is that you added something to your torrc file, > which caused your Tor to fail when it restarted it. Tor Browser isn't > really meant to be used along with the phrase "when restarting Tor", > so I'm afraid you are in expert territory. :) Of course. I'd think it would be useful to know how if possible to do this for those who run torbrowser only on windows. > > Also, Tor Browser isn't a relay by default, and it's a poor way to operate > a relay. Who would know? It's nowhere stated in the documentation... > You'll do much better with a Tor package like the debian package: > https://www.torproject.org/docs/tor-relay-debian I'm running debian already as a VM, & running tails off a usb stick so I can know how to help those who need that. The 24/7 low-power rig on which I currently run bridges runs on an old Intel Atom D2550 processor which doesn't accept graphical UI linux & I haven't gotten around to looking into command-line versions. If anyone can suggest one I'd appreciate it. >And lastly, > https://www.torproject.org/about/contact#support > has some suggestions for how to find help. Did that, also will follow Moritz's suggestions re IRC & stackexchange. Really, running bridges intelligently & learning what's going on is not straightforward at all. I keep at it out of perversity. - eliaz

1 0

"support team" address?
by eliaz 01 May '16

01 May '16

I'm having crashes when restarting tor. I get the error message "Tor unexpectedly exited.... Send a copy of Your Tor Log to the support team." So, what's the address?

3 2

does it make sense to close unused ports at a tor relay with iptables ?
by Toralf Förster 29 Apr '16

29 Apr '16

6 8

Announcing a shutdown of a relay
by Josef 'veloc1ty' Stautner 28 Apr '16

28 Apr '16

Hi @all, can I announce the shutdown of my relay to the network so clients select a new guard? Thanks, ~Josef

4 6

MaxMemInQueues is set to 256 MB
by pa011 28 Apr '16

28 Apr '16

One of my small servers is running on Debian8 for weeks now. The memory is 256MB only. Arm is showing (Linux 3.16.0-4-a...) Tor 0.2.7.6 (recommended) cpu: 20.0% tor, 5.7% arm mem: 136 MB (56.5%) pid: 560 while some 20-40 Mbit/s are running through. The relay is connected to some 100Mbits/s. Could somebody please explain what is the maximum throughput I could possibly reach with "MaxMemInQueues is set to 256 MB" ? I guess it does not make sense to change the MaxMemInQueues while memory is only 256MB? If in case I cant use the whole 100Mbit/s - what would be the minimum requirement in memory I would need as the CPU is just working on a 20 percent level? Thank you . Paul

2 1

Suggestion for Tor exit friendly ISP
by Tor-Node.net 26 Apr '16

26 Apr '16

Hi! I have come across a Tor friendly VPS provider in Norway. They allow exits. At the moment they host no other Tor relay than mine. I've tried adding them to the Good/Bad ISP wiki, but get trapped be som anti-spam filter even when not logged in via Tor. Is this list an appropriate way to reccommend them? I'm not affiliated with this company but don't want to spam the list. Their permanent offer is a VPS with dedicated and unmetered 1Gbps connection per VPS, price per month is 149 NOK (~ 18 USD / ~ 16 EUR). My relay is at the moment CPU constrained, pushing about 10 MB/s. Kind regards TorNodeNET

3 2

IPv6 bridges (without IPv4 ORPort but IPv4 connectivity)
by erwin rolf 25 Apr '16

25 Apr '16

Hi, I'm running relays on servers which have a single IPv4 address and many IPv6 addresses. I guess this is a common setup in nowadays hosting environments since you get IPv6 addresses for free. I'm wondering whether these additional (currently unused) IPv6 addresses could be usefull to run bridges on them. Even though there are reports that say bridges are blocked on an IP:port basis (not IP only) I would prefere to not use the IPv4 address for the bridge at all since there runs a public relay on it already (something that is blocked already). I would like to run a config with an IPv6 ORPort only. To see whether this is currently supported I read: https://trac.torproject.org/projects/tor/wiki/org/roadmaps/Tor/IPv6 https://trac.torproject.org/projects/tor/wiki/doc/IPv6RelayHowto unfortunately the page reads: > Note that you'll have to have an IPv4 OR port configured as well, or your bridge will bootstrap but leave its clients hanging at 50% (see #4847) https://trac.torproject.org/projects/tor/ticket/4847 so my planned setup would not work I guess. A workaround would probably be to bind to IPv4 as well and ignore the fact that the IPv4 bridge wont be useable since it runs on the same IP as the public relay, but I'd rather wait for a fix of #4847. #4847 has the milestone set to unknown "0.2.???" If there are other options, please me know.

2 2

Reading check.torproject
by eliaz 24 Apr '16

24 Apr '16

In looking at the check.torproject.org page on the browser/machine that runs my bridge, I'm used to seeing the same IP address a.b.c.d on the check page ("Your IP address appears to be: a.b.c.d") as in the exit on the path drop-down. But today for several hours a.b.c.d showed on the drop-down but a different address w.x.y.z appeared on the page. Opening up atlas gave a "no results" error until I entered a.b.c.d manually; and w.x.y.z was no tor node; it turned out to belong to a VPN provider which was also poking my ports. Is this discrepancy normal? Should be worried about it? - eliaz

3 3

Re: [tor-relays] Using your own Relay as Entry Node
by stealth＠nym.mixmin.net 24 Apr '16

24 Apr '16

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I too would like to know, if using one's own relay as an Entry Node WITHOUT any of the Proxy shenanigans is good practice to maintain one's anonymity. I want to hard code my relay in torrc as the only entry node. Should this be done? -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.15 (MingW32) iQIcBAEBAgAGBQJXGsFTAAoJEH1gNwhiMDZuxzUP/i9t56ZLG246vyV8Bb3Lz/9o bh/03OHrfKG+ZrgBKRu+K3pDxR6iPdKF5unvrRkmO8AOa056rUKNH0uBu/Ssawtx Bet0SDJT3YlPOYLhJAjO1Vy3nHgLxBwVGVs9z0pyS1yvcgufrmTQoLnpiTEtXLjg KvR2DqmBbgDvBJB6EX6GLSdI8agNsV92XD/nPkV6Z1lOZO6B2dzkSnaH7PyqEeQo vhhW4s9z28r//mbk59FvTB/LKbsvRIMh2PA1I3rdUonaDbBT/d1NCl2ICjvPKg2x CUGuF2Sjv6Rcw64BugvPBEUAKkb73woX0iQ52Ce1aowe3mx2xdnG4SAg5o4xwEr2 ORUG+4kGW+ds4kOaCDfkrjkSuqRw25zXhLLOTiaaHhKtTxFcbEoEcUfFL2z3ERDr sFkmFF1ce0fGzn7FBt6k+GR6c6XwmEu3orf/smW+JD669gNWeGyTWcN4vmml4Vge E9EwKRYT2Qk4VG5S6kg84eqJKSWIoqTR4ffISxpc5XwHqeWigBBhLMn8OP+4BqZP TjyW1Q/6/0O2mOISuhtyuvlbxvVRWO/Lwp2MWhAAaTSnMTyYHVJeO+JXl/h3zORs 4qCWAe9QkO9VheCMaIFw3kTVNWO09UZEvGgY5qtsNhwygABYZ0q5SpL1i49ros0v 8p0//o07gYqlItaLwDP6 =nshE -----END PGP SIGNATURE-----

2 1