11:18 PM, deadcow@tuta.io wrote:
Hi everyone, first time ever using mailing lists. Please let me know if something I'm doing wrong.
I'd like to run a middle relay. I'm using Linux mint 19
The question. Can i set up relay through VPN? (nordvpn) Or if i want relay i have to stop using vpn? Thank you for help
Google, Facebook, The government and others are spying on your emails! DO YOU LIKE IT? If not, CHANGE! Securely sent with Tutanota. Claim your encrypted mailbox today! https://tutanota.com
Hello,
Thanks for your interest in running a relay.
You say you want to run a middle relay, why do you want to run it behind a VPN in this case? Middle relays get no abuse complaints or anything as they can not be used as exit points. Maybe you can explain to us why you think you need to run your middle relay behind a VPN, do you have a particular reason? Because for Tor running a relay behind a VPN is not a + on security or privacy at all, instead it just complicates things.
Secondly, if you have justified reason to still want to use a VPN on a middle relay, here are some things you need to take into consideration as well as disadvantages:
- you will have higher latency; - the bandwidth of your relay will be of the speed of the VPN itself, and shared VPN usually are slow for high grade server connections that run 24x7 with constant bandwidth usage; - when the VPN tunnel will fail, due to an endpoint problem or internet connectivity problem or route to destination problem, etc., the relay will update its descriptor with the real IP address instead of the VPN address, and when the VPN tunnel connects again change again and so on until clients will be confused. One way around this is for your to specify 'Address' in torrc and bind to explicit <address>:<port>.
- you don't need just any VPN, you need a VPN with a public and static IP address, so that you can actually open ports on that IP address applications can bind and listen to certain ports. A normal shared VPN that just changes the IP address for browsing is not sufficient, because that does not assign a public static IP address directly.
There are VPN services out there that offer public and static IP addresses, but they are more expensive.
- you should tell the VPN provider that you plan to use the maximum available bandwidth 24x7, because all say it's unlimited because they think "nobody will use that much", but when running Tor relays this is not true.