Seeking Advice on Running Multiple Tor Relays or A Bridge
Hello Tor Community, I have some experience running a Tor relay, and I am now interested in setting up another one. I plan to do this using my home internet connection, which is an FTTH line with bandwidth up to 2 Gbps. I have read that it is possible to run multiple relays on the same node, but I am unsure how to configure this. Additionally, I am curious about what would be most beneficial for the Tor network today: a highly resilient bridge or multiple relays managed from the same node? Is it feasible to operate both at the same time? This is probably not the best idea since the bridge's IP address would be public, right? I am looking for guidance on the best course of action to support the Tor community. Thank you in advance for your assistance,Aleff.
On Sat, Jul 06, 2024 at 06:34:37PM +0000, Alessandro Greco via tor-relays wrote:
I have some experience running a Tor relay, and I am now interested in setting up another one. I plan to do this using my home internet connection, which is an FTTH line with bandwidth up to 2 Gbps.
Thanks for running a relay!
I have read that it is possible to run multiple relays on the same node, but I am unsure how to configure this.
If you're using the tor deb (e.g. on Debian or Ubuntu), it comes with a tool to set up multiple tors. "man tor-instance-create" to get started. There is also the possibility of using the fancy automated deployment tools that some of the bigger relay operators here use, which probably only makes sense if you are already familiar with these automation tools (a popular one based on ansible: https://github.com/nusenu/ansible-relayor ). In either case, make sure you have enough memory in your system to handle each Tor relay: relays can use 1 or 2 gigabytes of memory each during normal operation, but when the network is under load it can go much higher than that.
Additionally, I am curious about what would be most beneficial for the Tor network today: a highly resilient bridge or multiple relays managed from the same node?
If you have the bandwidth (which it sounds like you do), the multiple fast relays will be much more useful to the network. See also https://2019.www.torproject.org/docs/faq#RelayOrBridge
Is it feasible to operate both at the same time? This is probably not the best idea since the bridge's IP address would be public, right?
It is technically possible yes, but as you say, having a public relay on the IP address will undermine the effectiveness of your bridge on that IP address. The same logic is also why we don't recommend running two different kinds of bridges on a single IP address: if one of them gets discovered and the censor blocks by IP address, then the other will stop working too.
I am looking for guidance on the best course of action to support the Tor community. Thank you in advance for your assistance,Aleff.
Thanks for wanting to help! --Roger
Alessandro, I would recommend running bridges (opposed to relays) on a home network to avoid browing issues with your bank, news, etc as these entities often block Tor relays and not bridges. Respectfully, Gary On Saturday, July 6, 2024, 3:07:52 PM MDT, Roger Dingledine <arma@torproject.org> wrote: On Sat, Jul 06, 2024 at 06:34:37PM +0000, Alessandro Greco via tor-relays wrote:
I have some experience running a Tor relay, and I am now interested in setting up another one. I plan to do this using my home internet connection, which is an FTTH line with bandwidth up to 2 Gbps.
Thanks for running a relay!
I have read that it is possible to run multiple relays on the same node, but I am unsure how to configure this.
If you're using the tor deb (e.g. on Debian or Ubuntu), it comes with a tool to set up multiple tors. "man tor-instance-create" to get started. There is also the possibility of using the fancy automated deployment tools that some of the bigger relay operators here use, which probably only makes sense if you are already familiar with these automation tools (a popular one based on ansible: https://github.com/nusenu/ansible-relayor ). In either case, make sure you have enough memory in your system to handle each Tor relay: relays can use 1 or 2 gigabytes of memory each during normal operation, but when the network is under load it can go much higher than that.
Additionally, I am curious about what would be most beneficial for the Tor network today: a highly resilient bridge or multiple relays managed from the same node?
If you have the bandwidth (which it sounds like you do), the multiple fast relays will be much more useful to the network. See also https://2019.www.torproject.org/docs/faq#RelayOrBridge
Is it feasible to operate both at the same time? This is probably not the best idea since the bridge's IP address would be public, right?
It is technically possible yes, but as you say, having a public relay on the IP address will undermine the effectiveness of your bridge on that IP address. The same logic is also why we don't recommend running two different kinds of bridges on a single IP address: if one of them gets discovered and the censor blocks by IP address, then the other will stop working too.
I am looking for guidance on the best course of action to support the Tor community. Thank you in advance for your assistance,Aleff.
Thanks for wanting to help! --Roger _______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
> … bank, news, etc as these entities often block Tor relays … Even if it is a middle node? Why would they do that? Il dom, lug 7, 2024 alle 00:14, Gary C. New via tor-relays <tor-relays@lists.torproject.org> ha scritto: Alessandro, I would recommend running bridges (opposed to relays) on a home network to avoid browing issues with your bank, news, etc as these entities often block Tor relays and not bridges. Respectfully, Gary On Saturday, July 6, 2024, 3:07:52 PM MDT, Roger Dingledine <arma@torproject.org> wrote: On Sat, Jul 06, 2024 at 06:34:37PM +0000, Alessandro Greco via tor-relays wrote:> I have some experience running a Tor relay, and I am now interested in setting up another one. I plan to do this using my home internet connection, which is an FTTH line with bandwidth up to 2 Gbps.Thanks for running a relay!> I have read that it is possible to run multiple relays on the same node, but I am unsure how to configure this.If you're using the tor deb (e.g. on Debian or Ubuntu), it comes witha tool to set up multiple tors. "man tor-instance-create" to get started.There is also the possibility of using the fancy automateddeployment tools that some of the bigger relay operators hereuse, which probably only makes sense if you are already familiarwith these automation tools (a popular one based on ansible:https://github.com/nusenu/ansible-relayor ).In either case, make sure you have enough memory in your system tohandle each Tor relay: relays can use 1 or 2 gigabytes of memory eachduring normal operation, but when the network is under load it can gomuch higher than that.> Additionally, I am curious about what would be most beneficial for the Tor network today: a highly resilient bridge or multiple relays managed from the same node?If you have the bandwidth (which it sounds like you do), the multiplefast relays will be much more useful to the network.See also https://2019.www.torproject.org/docs/faq#RelayOrBridge>; Is it feasible to operate both at the same time? This is probably not the best idea since the bridge's IP address would be public, right?It is technically possible yes, but as you say, having a public relayon the IP address will undermine the effectiveness of your bridge onthat IP address.The same logic is also why we don't recommend running two differentkinds of bridges on a single IP address: if one of them gets discoveredand the censor blocks by IP address, then the other will stop working too.> I am looking for guidance on the best course of action to support the Tor community.> Thank you in advance for your assistance,Aleff.Thanks for wanting to help!--Roger_______________________________________________tor-relays mailing listtor-relays@lists.torproject.orghttps://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
On Saturday, July 6, 2024, 11:13:53 PM MDT, Alessandro Greco via tor-relays <tor-relays@lists.torproject.org> wrote:
… bank, news, etc as these entities often block Tor relays … Even if it is a middle node? Yes... Even if it's a Middle Relay. Why would they do that? They are either ignorant, indifferent, or malicious to the purposes of a Middle Relay and block any known Tor relays.
There are ways around the issue using a VPN, Reverse Proxy, etc, but I found that running bridges on a home network is more suitable. Good luck in whichever path you decide to pursue. Respectfully, Gary Il dom, lug 7, 2024 alle 00:14, Gary C. New via tor-relays <tor-relays@lists.torproject.org> ha scritto: Alessandro, I would recommend running bridges (opposed to relays) on a home network to avoid browing issues with your bank, news, etc as these entities often block Tor relays and not bridges. Respectfully, Gary On Saturday, July 6, 2024, 3:07:52 PM MDT, Roger Dingledine <arma@torproject.org> wrote: On Sat, Jul 06, 2024 at 06:34:37PM +0000, Alessandro Greco via tor-relays wrote:
I have some experience running a Tor relay, and I am now interested in setting up another one. I plan to do this using my home internet connection, which is an FTTH line with bandwidth up to 2 Gbps.
Thanks for running a relay!
I have read that it is possible to run multiple relays on the same node, but I am unsure how to configure this.
If you're using the tor deb (e.g. on Debian or Ubuntu), it comes with a tool to set up multiple tors. "man tor-instance-create" to get started. There is also the possibility of using the fancy automated deployment tools that some of the bigger relay operators here use, which probably only makes sense if you are already familiar with these automation tools (a popular one based on ansible: https://github.com/nusenu/ansible-relayor ). In either case, make sure you have enough memory in your system to handle each Tor relay: relays can use 1 or 2 gigabytes of memory each during normal operation, but when the network is under load it can go much higher than that.
Additionally, I am curious about what would be most beneficial for the Tor network today: a highly resilient bridge or multiple relays managed from the same node?
If you have the bandwidth (which it sounds like you do), the multiple fast relays will be much more useful to the network. See also https://2019.www.torproject.org/docs/faq#RelayOrBridge
Is it feasible to operate both at the same time? This is probably not the best idea since the bridge's IP address would be public, right?
It is technically possible yes, but as you say, having a public relay on the IP address will undermine the effectiveness of your bridge on that IP address. The same logic is also why we don't recommend running two different kinds of bridges on a single IP address: if one of them gets discovered and the censor blocks by IP address, then the other will stop working too.
I am looking for guidance on the best course of action to support the Tor community. Thank you in advance for your assistance,Aleff.
Thanks for wanting to help! --Roger _______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays _______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
On Samstag, 6. Juli 2024 20:34:37 CEST Alessandro Greco via tor-relays wrote:
I have some experience running a Tor relay, and I am now interested in setting up another one. I plan to do this using my home internet connection, which is an FTTH line with bandwidth up to 2 Gbps. I have read that it is possible to run multiple relays on the same node, but I am unsure how to configure this.
The most important steps from "man tor-instance-create" systemctl stop tor <- if already running tor-instance-create 00 tor-instance-create 01 systemctl enable tor@00 systemctl enable tor@01 systemctl mask tor@default systemctl daemon-reload Configure torrc in /etc/tor/instances/* and then start individually or all together: systemctl start tor
Additionally, I am curious about what would be most beneficial for the Tor network today: a highly resilient bridge or multiple relays managed from the same node?
If you set up a relay with residential IP, it would be very good if you set up a bridge specifically for Turkmenistan first. Use this torrc-example fron Gus: https://forum.torproject.org/t/tor-relays-help-turkmens-to-bypass-internet-c... Mail your bridge line to: frontdesk@torproject.org Unfortunately, this bridge is usually discovered after a few weeks and then you can reconfigure it. (Relay or bridge) Please note Gary's post! If your provider already has a Tor tag in the BGP database like mine, then most likely the entire AS of Turkmenistan is blocked. :-( https://bgp.tools/as/8422 -- ╰_╯ Ciao Marco! Debian GNU/Linux It's free software and it gives you freedom!
participants (4)
-
Alessandro Greco -
boldsuck -
Gary C. New -
Roger Dingledine