Please excuse any poor wording, networking is not my strong suit;) i understand my ??'s are basic but it wont take me long & I'll be sharing any knowledge I gain here.
1) have 4 extra unused devices, 2 android & 2 older laptops running Xubuntu & Lubuntu that can run full time & my 2 primary machines(android tab and Debian laptop). With only so much bandwidth, what helps best in that situation? a. fewer(1-2) devices offering more BW each, or b. more(4-7) devices each offering less BW to the network.
2) Reachability: The only way I was able to any of the relays I tried to setup to be reachable from the outside was to log into my router(D-link dir-615) & put the device in the DMZ. I don't know how to solve the issue the right way(Port-Forwarding?, etc.) or other means. I'm not worried about my extra devices as I don't use them, but, **I don't know what the security implications are to *users of a relay or bridge sitting in such a vulnerable place & to my network & the box's I do care about. Currently just left one non-exit relay in the DMZ until I can find better solution. Running great.
Sorry so long & for anyone who replied to my last post, I had set up a new email and created a new keypair & not paying attention included the wrong key info. thank you all. grep@gmx.us
On Tue, Aug 27, 2013 at 1:11 PM, That Guy grep@gmx.us wrote:
- have 4 extra unused devices, 2 android & 2 older laptops running
Xubuntu & Lubuntu that can run full time & my 2 primary machines(android tab and Debian laptop). With only so much bandwidth, what helps best in that situation? a. fewer(1-2) devices offering more BW each, or b. more(4-7) devices each offering less BW to the network.
Would all these devices be behind a single external IP address (if that question makes sense)? They'd all be behind the same router (as I take it); in all probability, that would in most cases mean they'd all share the same external / WAN IP address.
Is that the case? If yes, you should try and not run more than two Tor relays behind the same WAN IP. That's because the directory authorities (which compose and sign lists of relays that Tor user clients then download to compose circuits of) won't like this, afaik.
In any case, it does kind of matter what's your realistic overall download and upload throughput / bandwidth.
Port forwarding would make the most amount of sense, I guess.
Each of those devices, having Tor instances running on them, will have a torrc config file. Probably under /etc/tor/torrc, or /usr/local/etc/tor/torrc (you can also probably use Vidalia for this.) In that file, there will be a line
#ORPort 9001
You will need to (after uncommenting the line) set different ports in each of the Tor instances you're running, and then port-forward that same port (that's the most easy way) to each of the devices. Basically, "external port" (e.g. 9001) -> forward to local IP of the device in question -> 9001.
Try and set the ORPort to 443 on one of the devices, if possible. (This might mean you'll have to run Tor as root, or will need to change capabilities.) In any case, the ports will have to differ, the way I see it.
--
Kostas.
0x0e5dce45 @ pgp.mit.edu
tor-relays@lists.torproject.org