tor-relays

tor-relays@lists.torproject.org

36 participants
4815 discussions

Low observed bandwith
by Mario Costa 16 Apr '20

16 Apr '20

Hi list, I’m running a guard relay from my home connection on a Raspberry Pi 4. My internet connection is 1000/100 Mbps, and I thought I’d allocate half of the upload bandwidth for the relay. Then I set RelayBandwidthRate to 10 MB/s, because I thought that Tor would upload 5 MB/s and download 5 MB/s. However, the maximum observed bandwidth was always about 6 MB/s. I’d like to know what could cause this low observed bandwidth. I don’t think it’s the Raspberry Pi, because CPU usage is always low and it has a Gigabit connection to the router. The router itself easily reaches Gigabit speeds, so 10 MB/s should be a breeze. Could it be the number of connections? nyx indicates that the connections are always about 4000. If this is the case, how can I know if the connections bottleneck is the router or the Raspberry Pi? Additionally, I’d like to ask for a rule of thumb for setting the RelayBandwithBurst. I set it to 20 MB/s because I’m ok with the relay using the whole upload bandwidth (about 10 MB/s, or 100 Mbps) for short periods of time, but as I already explained I’m never seeing such speeds. For reference my relay’s fingerprint is F942EE73F1B8E39125F617FA85E80E4C9E540A2E. -m

4 5

Multiple obsf4 Bridge Relays on macOS
by Wilton Gorske 15 Apr '20

15 Apr '20

Hi all, Firstly, I hope you're taking care and staying safe (against pandemics and surveillance, especially considering how the latter is taking advantage of the former). Secondly, and mainly, I am working on setting up ten obsf4 bridge relays on macOS and keep running into port issues, so I'm hoping to get some general advice and guidance about how to set this up in the absence of updated macOS tutorials online. These bridge relays are going to run on one macOS server. Knowing that they can each have their own dedicated IP address, could someone advise how to best set up these multiple obsf4 bridge instances so each can be run (tor -f /usr/local/etc/tor/torrc.1, torrc.2, torrc.3, etc...) under one non-root user with only two public ports open on the data center network (80 and 443)? I'm getting stuck at the port reachability phase, and even more so when trying to run multiple instances with forwarding/binding warnings. The Application Level Firewall allows certain granted programs (tor/tor-gencert/tor-print-ed-signing-cert/tor-resolve/torify/obfs4proxy) the ability to open or accept a network socket. By editing the macOS network system settings to route port 80 to 9005, and noting ORPort 80 NoListen ORPort 0.0.0.0:9005 NoAdvertise in the torrc, that works correctly (including routing 443 for obfs4proxy). Running a second instance is where it seems to break down. Is there a way to have multiple tor instances sharing a port? My guess is the main issue is that at the system routing level, I need a way to note each IP and port so it goes to the right tor instance. Currently, the forwarding is set up like: rdr pass on en1 inet proto tcp from any to any port 80 -> 127.0.0.1 port 9005 I'm guessing I need some way to designate IP XX.XXX.XX.120 -> port 9005 (torrc.1), XX.XXX.XX.121 -> port 9006 (torrc.2), XX.XXX.XX.122 -> port 9007 (torrc.3), etc. Is that correct? A copy of my notes and configurations so far can be found here: http://5jp7xtmox6jyoqd5.onion/p/ISjeXEW-vt8H1s89bwSW Please feel free to make suggestions or edits directly in that etherpad. I'm sure there are multiple ways to do this, but I definitely want to make sure I am using the most secure method as opposed to the easiest or quickest... Thanks for any help in advance. All the best, Wilton

2 1

Question about authority clock skew
by torjoy 14 Apr '20

14 Apr '20

Hello everyone, how are you? I was browsing the "Consensus health" page and something let me curious... What is the importance of the clock skew in the authorities with the resolution of microseconds? Picture: 2020/04/13 - 13:37 UTC Also, how the authorities compare their clocks? Using ntp daemon for example? I'm asking this here because I work in a time and frequency reference lab and have two NTP (stratum 1, connected directly to UTC(LRTE) timescale. And a stratum 2 that is discilplinned with the stratum 1 timeserver). So considering the microssencond accuracy did the keepers of these authorities care about the time source? Or any time source is ok? Best regards and keep safe! Luiz

4 5

Introducing: The Onion Pack
by Ralph Wetzel 10 Apr '20

10 Apr '20

8 11

Bridge is down
by Anonforpeace 10 Apr '20

10 Apr '20

Hello: Hope someone can help. I had a power outage the other night and when I turned on my bridge the next day, I found that I have no connectivity. It is hard wired and among all other computers, it is the only one that is offline. The logs which are attached here state that it cannot finish the bootstrapping process. My browser also does not surf. I can get an IP address but that's as far as it gets. I'm having trouble deciphering the log files. Any help is appreciated. Thanks

3 3

Sudend drop in Consensus Weight
by Clément Février 08 Apr '20

08 Apr '20

Hello, On April 5th, the consensus weight of my tor relay dropped to 0, see https://metrics.torproject.org/rs.html#details/33D88F331408141F2A2CC563239E… As far as I know, nothing specific happened, no update nor reboot. Nothing in the logs. Can anyone explain me what happened? Thanks, Clèm

3 3

Advertised Bandwidth vs. RelayBandwidthRate
by petrarca＠protonmail.ch 08 Apr '20

08 Apr '20

Hello all - I see a constant mismatch of my relay regarding the Advertised Bandwidth vs. the defined and available RelayBandwidthRate. Tor metrics usually only shows around 1.3 MiB/s as Advertised Bandwidth (Bandwidth rate: 3 MiB/s, Bandwidth burst: 6 MiB/s). The torrc config defines: RelayBandwidthRate 24 Mbit RelayBandwidthBurst 48 Mbit So everything looks fine, except the Advertised Bandwidth seems to be too low. Fingerprint is 605EE4375EE4C38215C8949F5808863749FD4F4A and there is plenty of bandwidth available (1 Gbps link). The connection is up-and-running perfectly fine without any issues or interruptions for at least a month. Any idea, why the Advertised Bandwidth is so low?

2 3

Guidelines and processes for our bad relay work
by Georg Koppen 08 Apr '20

08 Apr '20

Hello! There has been some confusion among relay operators about how we deal with bad relays and who is actually making decisions and how the overall process is working. Even though we don't have a document yet to point to for answering all those questions (more on that below) we thought it could be useful to give a status update to the relay community and outline possible next steps. One of the tasks in the network health area is to make sure bad relays are found and excluded from the network. This should happen according to transparent criteria which help relay operators to understand both expectations and processes. Ideally, a document containing those criteria would give operators some insight at how we arrived at those as well. Unfortunately and as I said above, we are not at a point yet where we have written up that document. However, that does not mean that removing relays from the network is arbitrary currently. Rather, we have some rules of thumb and some unwritten guidelines which still seem to be worth sharing at this point to help relay operators better understand what is going on in the bad relay detection world. A bad relay is one that either doesn't work properly or tampers with users' connections. This can be either through maliciousness or misconfiguration. We are relying on some scanners that check for common issues to find those relays and on volunteers that spot things beyond what our scanners target. To give you some examples of issues we are concerned about: a) Tampering with exit traffic b) Running HSDirs that harvest and probe .onion addresses c) Issues with resolving DNS queries on exit relays d) Flooding the network with relays to deanonymize users e) Running outdated Tor versions ... Now, how do we detect maliciousness vs. misconfiguration and what do we do about both? There is behavior that we think is clearly malicious like tampering with exit traffic or trying to harvest and probe .onion addresses. In those cases we outright reject relays. In the past we thought relays that tampered with exit traffic could still be useful as non-exit relays and they got the BadExit flag. But it turned out that a bunch of those had other, more subtle, misbehavior and thus we decided to be on the safe side and just reject those malicious relays nowadays. For behavior that could either be malicious or the result of a misconfiguration (like missing MyFamily settings) things get messier. Means for contacting relay operators (e.g. a meaningful ContactInfo entry) are very important in cases where misconfiguration can play a role. We usually contact operators in that case (if possible) to figure out what is going on and help them getting their configurations right. That means there is no outright force removal of relays that e.g. did not have their MyFamily configuration set up properly (we know it can be tricky). That approach is successful in a lot of cases and helps us build a relationship to operators which is worthwhile as well. However, in cases where we don't get a reaction or are getting confident that the intentions of the operator are malicious we'll reject the relay(s) to protect our users. All those activities mentioned above are coordinated on the bad-relays list, which is private and used by members of the team to discuss cases and keep each other in the loop. As to next steps: yes, we need to sit down finishing that document with all the criteria we are concerned with giving some rationale for each of them. Alas, there is no timeframe for getting this work done. But once we are there we'll consult tor-internal and the tor-relays list for input and make changes as needed. I hope this helps to clear some things up. I am happy to answer questions/reply to concerns on and off-list should there be some. Georg

1 0

(FWD) Network is suffering with only two torflows; can you help?
by Roger Dingledine 08 Apr '20

08 Apr '20

FYI, below is a start at a short-term plan to address the current network weighting issues, now that, as of a few weeks ago, gabelmoo's torflow died and Sebastian hasn't been able to get it going properly again. See also nifty's new ticket: https://bugs.torproject.org/33824 --Roger ----- Forwarded message from Roger Dingledine <arma(a)torproject.org> ----- Date: Mon, 6 Apr 2020 06:06:26 -0400 From: Roger Dingledine <arma(a)torproject.org> To: dir-auth <dir-auth(a)lists.torproject.org> Subject: Network is suffering with only two torflows; can you help? tl;dr there's a way at the bottom of this mail that you can help even without running torflow yourself. [...] So, it looks like we're down to two remaining torflows, and because that's less than three, we're suffering much more from the current errors in sbws. Specifically, (a) sbws doesn't vote for some relays, and (b) sbws votes a super low weight for some relays. There are somewhere between 500 and 1000 relays that are getting left out of sbws's opinions: https://consensus-health.torproject.org/#bwauthstatus and then some thousands more that are getting drastically underweighted, per the "Bandwidth Auth Statistics" graphs at the bottom of https://consensus-health.torproject.org/graphs.html Relay operators are sad that their relays are being useless, and thinking about how maybe they should shut them off if nobody's going to use them. I hear from GeKo that the sbws devs are aiming to fix the sbws issues by end-of-April. That's great, but I wonder if there are some short term hacks we can do that will help until then. Option 1: dizum, dannenberg, or tor26 start up a torflow. I'm guessing they would have done this already if they were going to. Option 2: maatuska, longclaw, or bastet switch from sbws to torflow. Is this an workable option for any of you? Option 3: Any of you besides Faravahar start hourly importing a copy of moria1's weights: https://freehaven.net/~arma/bwscan.V3BandwidthsFile and you vote them as though you were running your own torflow, but you don't need your own torflow. Option 3 is pretty wild at first glance -- it violates some trust and independence assumptions. But for those who aren't running a bwauth, you're already not being listened to about bandwidth weights. So I think this would be a fine hack in the short term to rescue the network, while we wait for sbws. Any takers? :) Here's the simple two-step process for testing the idea: (1) Set a "45 0-23 * * *" cron line to wget the above freehaven url. (2) In your torrc, set "V3BandwidthsFile /path/to/that/bwfile" If you like the idea, and it's just the wget that's too sketchy for you, I can set up an ssh account that just dumps the file at you when you present the right ssh key. Or for super overkill, you'll notice that moria1's (signed) vote has these two lines it: bandwidth-file-headers timestamp=1586162183 bandwidth-file-digest sha256=24+52C1ItwnAyBTtBteyy6tjxk8JnUpQ/XZx3YStEXE so with some stem or shell programming we should be able to verify the file itself, rather than just verifying the place it came from. We could be getting away from "short-term hack" there though. :) --Roger ----- End forwarded message -----

1 1

Relay in a stop/start loop
by Totor be 08 Apr '20

08 Apr '20

Hi list I have upgraded recently my relays (totorbe*) to CentOS8 + tor 0.4.2.7 and they all seemed to run properly This morning, I just noticed a weird behavior on one of them (no idea since when this is going on) When starting tor, it goes to the point of IP identification and then starts shutting down ("Interrupt: we have stopped accepting new connections...") It attempts then to restart immediately and loops start --> interrupt --> start etc... Any idea where too start investigating?? [root@totorbex tor]# cat notices.log Apr 06 10:32:47.000 [notice] Starting with guard context "default" Apr 06 10:32:47.000 [notice] Signaled readiness to systemd Apr 06 10:32:47.000 [notice] Interrupt: we have stopped accepting new connections, and will shut down in 30 seconds. Interrupt again to exit now. Apr 06 10:32:47.000 [notice] Guessed our IP address as 82.212.170.79 (source: 128.31.0.34). Apr 06 10:32:48.000 [notice] Delaying directory fetches: We are hibernating or shutting down. Apr 06 10:33:17.000 [notice] Clean shutdown finished. Exiting. Apr 06 10:33:18.000 [notice] Tor 0.4.2.7 opening log file. Apr 06 10:33:18.719 [notice] Tor 0.4.2.7 running on Linux with Libevent 2.1.8-stable, OpenSSL 1.1.1c, Zlib 1.2.11, Liblzma 5.2.4, and Libzstd 1.4.4. Apr 06 10:33:18.719 [notice] Tor can't help you if you use it wrong! Learn how to be safe at https://www.torproject.org/download/download#warning Apr 06 10:33:18.719 [notice] Read configuration file "/usr/share/tor/defaults-torrc". Apr 06 10:33:18.719 [notice] Read configuration file "/etc/tor/torrc". Apr 06 10:33:18.723 [notice] Based on detected system memory, MaxMemInQueues is set to 5791 MB. You can override this by setting MaxMemInQueues by hand. Apr 06 10:33:18.724 [notice] Opening Socks listener on 127.0.0.1:9050 Apr 06 10:33:18.725 [notice] Opened Socks listener on 127.0.0.1:9050 Apr 06 10:33:18.725 [notice] Opening Control listener on 127.0.0.1:9051 Apr 06 10:33:18.725 [notice] Opened Control listener on 127.0.0.1:9051 Apr 06 10:33:18.725 [notice] Opening OR listener on 0.0.0.0:9001 Apr 06 10:33:18.725 [notice] Opened OR listener on 0.0.0.0:9001 Apr 06 10:33:18.725 [notice] Opening Directory listener on 0.0.0.0:9030 Apr 06 10:33:18.725 [notice] Opened Directory listener on 0.0.0.0:9030 Apr 06 10:33:18.000 [notice] Not disabling debugger attaching for unprivileged users. Apr 06 10:33:20.000 [notice] Parsing GEOIP IPv4 file /usr/share/tor/geoip. Apr 06 10:33:20.000 [notice] Parsing GEOIP IPv6 file /usr/share/tor/geoip6. Apr 06 10:33:20.000 [notice] Configured to measure statistics. Look for the *-stats files that will first be written to the data directory in 24 hours from now. Apr 06 10:33:21.000 [notice] Your Tor server's identity key fingerprint is 'TotorBEx E514A3818BC87E87B0B82B6494672F69CED5350D' Apr 06 10:33:21.000 [notice] Bootstrapped 0% (starting): Starting Apr 06 10:34:00.000 [notice] Starting with guard context "default" Apr 06 10:34:00.000 [notice] Signaled readiness to systemd Apr 06 10:34:00.000 [notice] Interrupt: we have stopped accepting new connections, and will shut down in 30 seconds. Interrupt again to exit now. Apr 06 10:34:00.000 [notice] Guessed our IP address as 82.212.170.79 (source: 128.31.0.34). Apr 06 10:34:01.000 [notice] Delaying directory fetches: We are hibernating or shutting down. Apr 06 10:34:30.000 [notice] Clean shutdown finished. Exiting. Apr 06 10:34:31.000 [notice] Tor 0.4.2.7 opening log file. Apr 06 10:34:31.721 [notice] Tor 0.4.2.7 running on Linux with Libevent 2.1.8-stable, OpenSSL 1.1.1c, Zlib 1.2.11, Liblzma 5.2.4, and Libzstd 1.4.4. Apr 06 10:34:31.721 [notice] Tor can't help you if you use it wrong! Learn how to be safe at https://www.torproject.org/download/download#warning Apr 06 10:34:31.721 [notice] Read configuration file "/usr/share/tor/defaults-torrc". Apr 06 10:34:31.721 [notice] Read configuration file "/etc/tor/torrc". Apr 06 10:34:31.725 [notice] Based on detected system memory, MaxMemInQueues is set to 5791 MB. You can override this by setting MaxMemInQueues by hand. Apr 06 10:34:31.726 [notice] Opening Socks listener on 127.0.0.1:9050 Apr 06 10:34:31.726 [notice] Opened Socks listener on 127.0.0.1:9050 Apr 06 10:34:31.726 [notice] Opening Control listener on 127.0.0.1:9051 Apr 06 10:34:31.727 [notice] Opened Control listener on 127.0.0.1:9051 Apr 06 10:34:31.727 [notice] Opening OR listener on 0.0.0.0:9001 Apr 06 10:34:31.727 [notice] Opened OR listener on 0.0.0.0:9001 Apr 06 10:34:31.727 [notice] Opening Directory listener on 0.0.0.0:9030 Apr 06 10:34:31.727 [notice] Opened Directory listener on 0.0.0.0:9030 Apr 06 10:34:31.000 [notice] Not disabling debugger attaching for unprivileged users. Apr 06 10:34:33.000 [notice] Parsing GEOIP IPv4 file /usr/share/tor/geoip. Apr 06 10:34:33.000 [notice] Parsing GEOIP IPv6 file /usr/share/tor/geoip6. Apr 06 10:34:33.000 [notice] Configured to measure statistics. Look for the *-stats files that will first be written to the data directory in 24 hours from now. Apr 06 10:34:34.000 [notice] Your Tor server's identity key fingerprint is 'TotorBEx E514A3818BC87E87B0B82B6494672F69CED5350D' Apr 06 10:34:34.000 [notice] Bootstrapped 0% (starting): Starting Apr 06 10:35:13.000 [notice] Starting with guard context "default" Apr 06 10:35:13.000 [notice] Signaled readiness to systemd Apr 06 10:35:13.000 [notice] Interrupt: we have stopped accepting new connections, and will shut down in 30 seconds. Interrupt again to exit now.

3 3

Jump to page:

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

tor-relays