On Mittwoch, 10. Juli 2024 00:32:04 CEST Osservatorio Nessuno via tor-relays wrote:
we are planning to get some hardware to run a physical Tor exit node, starting with a 1Gbps dedicated, unmetered uplink (10Gbps downlink). We will also route a /24 on it, so we will have large availability of addresses to run multiple instances. We have been running a few exit nodes so far, but never on our own hardware.
Your bottleneck is the 1G uplink. For comparison, I have 2x Xeon E5-2680v2 10C/20T and 256Gb RAM 2x 10G nic (LACP bond) and I can not achieve 10G throughput with it. As a rule of thumb, I would always count one instance per thread or core. I have 40T and 40 tor exit instances.
F3Netze has specified the hardware in Contact info: https://metrics.torproject.org/rs.html#search/185.220.100.
Which is the bandwith limit per core/Tore instance? Or what can we expect to be the bottleneck?
That depends on the CPU clock speed. Fast Ryzen or Epyc's can do 50-70 MiB/s per core/instance.
Due to some other requirements we need for some experiments (SFP ports, coreboot support, etc) we can mainly choose between these 2 CPUs: Intel i5-1235U Intel i7-1255U
The cost between the two models is significant enough in our case to pick the i7 only if it's really useful.
In both cases with 32GB of DDR5 RAM (we can max to 64 if needed, but is it?).
Should this allow us to saturate the uplink?
Guards need more resources than exits since the introduction of congestion- control and because of DDoS I would use 64GB RAM for a guard. With your IP space and 1G uplink, I would take the i5 with 32Gb, save the money and maybe add a second server later. Or if you build the hardware yourself, look for a used Epyc or Ryzen server. 16 or 32 core with high _base_ clock. Used server hardware from the data center is like new.
To summarize, with this bandwith, this hardware and a /24 how many Tor exit nodes should be ideal to run considering that each of them could have their own address?
https://metrics.torproject.org/rs.html#search/185.220.101. We are 5 relay orgs sharing a /24. Currently 5x 2x10G(or 25G) With now 8 relays per IP, over 2000 instances can run in a /24 subnet. It would be nice if you share the subnet with 1-2 other relay operators.