tor-relays

tor-relays@lists.torproject.org

31 participants
4812 discussions

Re: [tor-relays] Overloaded state indicator on relay-search
by Gary C. New 05 Oct '21

05 Oct '21

David Goulet: Will you confirm whether the Advertised Bandwidth metric is also client initiated (I'm assuming to the Directory Authority)? I have a 250Mb pipe and have seen a maximum Advertised Bandwidth rate of 4MB/s with my Tor relay. I know resource constraint must be factored in, but I would expect better than 4MB/s. I believe I remember reading it was based on an average 10 second burst rate, but in what direction is the connection initiated? Thanks, again. Gary

2 2

Re: [tor-relays] Overloaded state indicator on relay-search
by Bleedangel Tor Admin 29 Sep '21

29 Sep '21

1 0

New round of measuring the accuracy of Tor relays' advertised bandwidth
by Georg Koppen 23 Sep '21

23 Sep '21

Hello! You might recall we ran two "speed tests" so far for investigating the accuracy of a relay's advertised bandwidth, one in 2021[1] and another one earlier this year[2]. We gonna pick this test up again this week. However, this time it won't be just a single run but we are rather scheduling the experiment to be on for two weeks and then off for two weeks for the upcoming weeks/months (see: the third item in our network experiments strategy[3] for some rationale). More exactly: we'll run our measurement script for roughly one week, then wait about a week for flooded values leaving the relay descriptors, then 2 weeks off, then starting again... The experiment itself has not changed: we are planning to download several large data streams for a period of about 20 seconds with the goal to get a better estimation of the relay's true capacity. There are more details related to this experiment in particular in an older mailing list thread[1], in case anyone is interested and has not seen those yet. As in previous instances of this "speed test" there is the option for an opt-out. Let us know if any of you doesn't want to participate and we remove your relay(s) from the list to scan. Finally, an up-to-date status about the flooding being on/off (and other experiments scheduled) can be found on our status page[4]. Thanks, Georg [1] https://lists.torproject.org/pipermail/tor-relays/2019-July/017535.htmlff. [2] https://lists.torproject.org/pipermail/tor-relays/2021-May/019649.html [3] https://gitlab.torproject.org/tpo/network-health/team/-/wikis/Network-exper… [4] https://status.torproject.org/affected/network-experiments/

2 6

tor version question
by torix 22 Sep '21

22 Sep '21

Dear All, I can see in OrNetStats that I have several relays marked as having a vulnerable Tor version. But when I checked and tried to update them, I was told that everything was up to date. In 2 cases relays rented at the same time on the same host have different versions. AlexHost running FreeBSD release 12.1 and 12.2 respectively: 0.4.6.7 and 0.4.5.8 CoolComputers both running Centos8.4.2105: 0.4.6.6 and 0.4.5.10 I'm not sure why the same package repo would cough up different tor versions for different servers - is the answer to sit tight and wait for the older versions to catch up, or is there a way to force the older ones to update to a newer tor version? (My oldest version is 0.4.5.8). TIA, --Torix

2 2

Need help with Dir Address and Exit Address
by Bleedangel Tor Admin 21 Sep '21

21 Sep '21

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Hi all I have an exit relay running, and all is working well. I am a stickler though, and i notice when i search my relay on the metrics page, the following two items are listed as 'none': Dir Address Exit Address Can anyone help me to get these reporting properly? I have a V2 Directory flag and my dir port is 9030. I am allowing ipv4 exits. Metric page for reference: https://metrics.torproject.org/rs.html#details/5161B1C501805A0D3E9F87AFCAC9… Thanks for any help you can give! -----BEGIN PGP SIGNATURE----- Version: ProtonMail wnUEARYKAAYFAmFJOgQAIQkQ07hp34FMyg4WIQSgEMifmnN5ohFWvfnTuGnf gUzKDs8DAP4hSvlEPrlDkIY5vlLULhJHuNVbq/UT3r5mfBg/cg+p0wEAltfV bPlU/3wfg7j0b31h6R4g+Ik+96fkoq9VTqiydQg= =6AAW -----END PGP SIGNATURE-----

2 1

Ripped off relay name
by xplato 20 Sep '21

20 Sep '21

Just curious a relay appeared with a nearly identical name to a relay I have run for a while. Is this just a lack of creativity or something that I should be concerned about? The name is fairly unique and the new relay is almost identical in name. Sent from ProtonMail for iOS

4 3

OrNetStats now parses all your ContactInfo v2 fields and warns you if your Tor version is vulnerable
by nusenu 15 Sep '21

15 Sep '21

today I pushed new features to OrNetStats: https://nusenu.github.io/OrNetStats/ - Relay Search replacement: relay level pages via a custom allium[1] version Thanks to Jordan for creating allium! - parse and display all ContactInfo v2 fields [2] example: https://nusenu.github.io/OrNetStats/w/relay/A14D96E6C4C3A5AF3D7E57AC0A85AE8… - proven operator domains are highlighted with an icon in all overview relay lists (family-, contact-, country-level pages) example: https://nusenu.github.io/OrNetStats/w/misc/families-by-bandwidth.html (we display the proven operator domain instead of the ContactInfo when available) - the icon links directly to the proof file from the operator (on the relay-level page) - we display a warning sign when a relay runs a vulnerable version of tor examples on relay and contact-level pages: https://nusenu.github.io/OrNetStats/w/relay/FB58E117D11F87F0A291475D603EC61… https://nusenu.github.io/OrNetStats/w/contact/17b90573a94e713bf1b3ad7988934… - we display bandwidth in G|Mbit/s not MByte/s - onionoo AS data replaced with ipfire's upstream version: we no longer use AS data from onionoo - which made the switch from previously used https://yui.cat links to a custom allium version necessary because yui.cat (allium) uses onionoo as data source. Previously over 2000 relays had no AS name data (which affected >25% of tor's exit capacity). Now we are down to bellow 0.1% affected exit capacity without AS name data (mainly in the LACNIC region). +------------+--------+-----------+ |date |affected| affected | | | relays | exit_prob | +------------+--------+-----------+ ... | 2021-09-06 | 2005 | 24.03 | | 2021-09-07 | 2025 | 27.33 | | 2021-09-09 | 2038 | 27.93 | | 2021-09-10 | 2045 | 28.45 | | 2021-09-11 | 2041 | 28.12 | | 2021-09-12 | 2045 | 28.70 | | 2021-09-13 | 2044 | 27.32 | | 2021-09-14 | 2029 | 26.44 | | 2021-09-15 | 108 | 0.05 | <<< todays switch from onionoo to ipfire +------------+--------+-----------+ kind regards, nusenu [1] https://github.com/tempname1024/allium [2] https://nusenu.github.io/ContactInfo-Information-Sharing-Specification -- https://nusenu.github.io

1 0

IPv6 reachability tests fail on CenturyLink IPv6 6rd - reachability broken?
by Neel Chauhan 13 Sep '21

13 Sep '21

Hi, I recently moved into a home with CenturyLink Fiber and moved my FreeBSD relays to the said home. Fingerprints: https://metrics.torproject.org/rs.html#details/B0F9BA27944FA59E3B1A182208FF… https://metrics.torproject.org/rs.html#details/DB710B14D7329B7289CFCC547F48… In my relay logs, while IPv4 works fine, I get these IPv6 errors: Aug 26 18:47:01.000 [notice] Auto-discovered IPv6 address [REDACTED]:143 has not been found reachable. However, IPv4 address is reachable. Publishing server descriptor without IPv6 address. Aug 26 19:47:01.000 [notice] Auto-discovered IPv6 address [REDACTED]:143 has not been found reachable. However, IPv4 address is reachable. Publishing server descriptor without IPv6 address. [2 similar message(s) suppressed in last 2400 seconds] CenturyLink does use 6rd for IPv6 in case that matters, however I can telnet the relay ORPort via IPv6 from a VPS. My firewall is an OPNsense box which terminates PPPoE/6rd. I am running tor-0.4.6.4-rc. Yes I know it's not the "latest", but I usually run the "beta" versions on my relays from FreeBSD pkg. Rebooting both my OPNsense box and my server doesn't work. The same relay fingerprints/torrcs/keys worked fine on Google Fiber/Webpass native IPv6 in another address. I'm guessing IPv6 reachability tests aren't working right now since it worked with CL 6rd earlier today, or maybe CL misconfigured their network. It's not a biggie for me, but while I could go Comcast with better IPv6, I'd rather have a high bandwidth relay than an IPv6 one with Comcast's slow uploads/caps. Other Seattle ISPs like Webpass, Wave, and Atlas aren't in my new home. -Neel Chauhan === https://www.neelc.org/

2 1

new tor network graphs on OrNetStats
by nusenu 10 Sep '21

10 Sep '21

Hi, up until now OrNetStats mainly consisted of tables with lots of numbers about tor network stats that can be interactively searched, but graphs are usually a lot easier to comprehend, that is why I'll be adding more graphs to OrNetStats. Today I've added the first new graph on the main page that shows the 10 largest proven exit operator domains and their exit fraction in a bar chart: https://nusenu.github.io/OrNetStats/index.html In the long run I plan to publish (and re-implement) all graphs that currently are nonpublic (and not on OrNetStats yet). This should give more people a better view / understanding about what is happening/changing on the tor network infrastructure. kind regards, nusenu -- https://nusenu.github.io

1 0

Relay Control Port
by sysmanager7 10 Sep '21

10 Sep '21

In torrc I have the control port commented out. I'm told the control port is not supposed to be listed on the relay itself. Below, is now what it says. How do I get rid of it? Control Socket: /run/tor/control GroupWritable RelaxDirModeCheck Thank you for your help :-) Sent with [ProtonMail](https://protonmail.com/) Secure Email.

3 2

Jump to page:

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

tor-relays