(This is a copy of the email I BCC'd to each relay operator on the draft fallback directory list. Please email me to add your relays.)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
Dear Tor Relay Operator,
One or more of your relays have been selected as fallback directory mirrors[0] for the next tor release. Please keep the relay available on the same addresses, ports, and identity key (fingerprint) for the next 2 years.
This is a draft list.[3] I can make changes for the next week. Next weekend, I will send another email to those operators whose relays have been added or removed. (Otherwise, you're on the list.)
We are taking 3 relays per operator, if you only have 1 or 2 on the list, please email me to add more.
Wondering why your relay didn't make the list? Search the selection log[4] for its fingerprint.
If the log says: * in neither blacklist nor whitelist, email me to add your relay. (I run a script that checks relays, then outputs a list.)
If it says: * not a candidate: version delivers stale consensuses, * not a candidate: version not recommended, * not a candidate: changed address/port recently (on 0.2.7.6 or earlier), or * outdated consensus, upgrade to 0.2.8.9 or later, or 0.2.9.5-alpha or later.
If it says: * bandwidth too low, * download too slow, * HTTP Error 503: Directory busy, * or some sort of download connection error, it might help to give your relay more memory or bandwidth. (And please make sure it's still running!)
If it says: * not a candidate: changed address/port recently, * not a candidate: guard avg too low, * not a candidate: running avg too low, or * not a candidate: v2dir avg too low, your relay needs to be consistently up with high bandwidth to help clients. Try keeping it stable for 6-12 months, and it might be selected next time.
But don't worry, your relay(s) are still helping the tor network, even if they are not selected as a fallback.
Tim
[0]: https://trac.torproject.org/projects/tor/wiki/doc/FallbackDirectoryMirrors [3]: https://trac.torproject.org/projects/tor/attachment/ticket/18828/draft_fallb... (or [8] if you want to see what the git commit will look like) [4]: https://trac.torproject.org/projects/tor/attachment/ticket/18828/draft_fallb... [8]: https://github.com/teor2345/tor/blob/new-fallbacks-028-v2/src/or/fallback_di...
From: teor teor2345@gmail.com Subject: Call for Tor Fallback Directories Date: 4 December 2016 at 21:44:39 AEDT To: tor-relays@lists.torproject.org
Dear Tor Relay Operator,
Your relay(s) can help tor clients find the tor network by becoming a fallback directory mirror.[0]
These mirrors are hard-coded into tor's source code, like the directory authorities. We have 80 fallbacks, but we want 200 for the next release.
Fallbacks need to have: - - the same IP address(es) and ports for the next 2 years, - - the same relay identity key for the next 2 years, - - good uptime (at least 95%), and - - good bandwidth and network connectivity (we estimate an extra 25GB per month).
Please email me to add your relays that fit these criteria to the list. If you are BCC'd on this email, it looks like you have at least one relay that could become a fallback. You can also email me if you know your relay will be changing address or key, and I'll make sure we don't choose it.
We are keeping the fallback lists from the last release[1][2].
So if you have emailed me before about becoming a fallback, there is no need to email again. But please let me know if your relay details have changed. (I did not BCC relay operators who are already on the fallback lists, unless their relay details changed.)
In a week or two, I will run a script to select the hard-coded list for the release.
If you're interested, here's some background to this request:
The latest list[3] and log[4] of candidates was generated using the instructions in [5] from scripts/maint/updateFallbackDirs.py on my GitHub branch[6]. (This branch has some bug fixes compared to what's in master.) We're tracking this work in [7].
(links updated to the latest code and relay list) [0]: https://trac.torproject.org/projects/tor/wiki/doc/FallbackDirectoryMirrors [1]: https://github.com/teor2345/tor/blob/fallbacks-201612-v4/scripts/maint/fallb... [2]: https://github.com/teor2345/tor/blob/fallbacks-201612-v4/scripts/maint/fallb... [3]: https://trac.torproject.org/projects/tor/attachment/ticket/18828/draft_fallb... [4]: https://trac.torproject.org/projects/tor/attachment/ticket/18828/draft_fallb... [5]: https://trac.torproject.org/projects/tor/wiki/doc/UpdatingFallbackDirectoryM... [6]: https://github.com/teor2345/tor/blob/fallbacks-201612-v4/scripts/maint/updat... [7]: https://trac.torproject.org/projects/tor/ticket/18828
T
T
On Sun, 11 Dec 2016 23:45:42 +1100 teor teor2345-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org wrote:
One or more of your relays have been selected as fallback directory mirrors[0] for the next tor release. Please keep the relay available on the same addresses, ports, and identity key (fingerprint) for the next 2 years.
Does ipv6 connectivity matter at all for the purposes of being a fallback directory mirror? I can see of course it's not required, but I'm not sure if an ipv6 address would be used at all (as a directory mirror). That is, if I added a v6 addr to a relay in that list, would that help anything, or not yet?
I assume that adding a v6 address does not violate the "keep the same address/port/key for the next 2 years" requirement. Is that correct?
On 12 Dec. 2016, at 05:08, Andrew Deason adeason@dson.org wrote:
On Sun, 11 Dec 2016 23:45:42 +1100 teor teor2345-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org wrote:
One or more of your relays have been selected as fallback directory mirrors[0] for the next tor release. Please keep the relay available on the same addresses, ports, and identity key (fingerprint) for the next 2 years.
Does ipv6 connectivity matter at all for the purposes of being a fallback directory mirror? I can see of course it's not required, but I'm not sure if an ipv6 address would be used at all (as a directory mirror). That is, if I added a v6 addr to a relay in that list, would that help anything, or not yet?
It helps clients configured to use dual-stack IPv6: ClientPreferIPv6ORPort 1
And clients configured to use IPv6 only: ClientUseIPv4 0 UseMicrodescriptors 0
But as they are manual configs, not many clients use them yet. We want to make dual-stack easier (even automatic) on clients, but we need more IPv6 relays to preserve client privacy.
I assume that adding a v6 address does not violate the "keep the same address/port/key for the next 2 years" requirement. Is that correct?
Yes, but you need to keep *both* addresses for 2 years after you add IPv6. Let me know, and I'll add the IPv6 address to the fallback list.
T
Hey!
I do have IPv6 available, but I hadn't taken the time to actually enable it. I will look into it one of the next days and when enabled, I'll let you know about the IPv6 address.
Node: rejozenger, FP: AA0D167E03E298F9A8CD50F448B81FBD7FA80D56
Kind regards, Rejo Zenger
++ 12/12/16 08:49 +1100 - teor:
On 12 Dec. 2016, at 05:08, Andrew Deason adeason@dson.org wrote:
On Sun, 11 Dec 2016 23:45:42 +1100 teor teor2345-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org wrote:
One or more of your relays have been selected as fallback directory mirrors[0] for the next tor release. Please keep the relay available on the same addresses, ports, and identity key (fingerprint) for the next 2 years.
Does ipv6 connectivity matter at all for the purposes of being a fallback directory mirror? I can see of course it's not required, but I'm not sure if an ipv6 address would be used at all (as a directory mirror). That is, if I added a v6 addr to a relay in that list, would that help anything, or not yet?
It helps clients configured to use dual-stack IPv6: ClientPreferIPv6ORPort 1
And clients configured to use IPv6 only: ClientUseIPv4 0 UseMicrodescriptors 0
But as they are manual configs, not many clients use them yet. We want to make dual-stack easier (even automatic) on clients, but we need more IPv6 relays to preserve client privacy.
I assume that adding a v6 address does not violate the "keep the same address/port/key for the next 2 years" requirement. Is that correct?
Yes, but you need to keep *both* addresses for 2 years after you add IPv6. Let me know, and I'll add the IPv6 address to the fallback list.
T
-- Tim Wilson-Brown (teor)
teor2345 at gmail dot com PGP C855 6CED 5D90 A0C5 29F6 4D43 450C BA7F 968F 094B ricochet:ekmygaiu4rzgsk6n xmpp: teor at torproject dot org
tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
On 12 Dec. 2016, at 19:15, Rejo Zenger rejo@zenger.nl wrote:
Hey!
I do have IPv6 available, but I hadn't taken the time to actually enable it. I will look into it one of the next days and when enabled, I'll let you know about the IPv6 address.
Node: rejozenger, FP: AA0D167E03E298F9A8CD50F448B81FBD7FA80D56
Kind regards, Rejo Zenger
Thanks, that would be great!
T
Hey Tim,
My relay now should be available on both IPv4 and IPv6. But, to be honest, I don't see how I can verify the correct functioning of IPv6. Here are the details:
name rejozenger fingerprint AA0D167E03E298F9A8CD50F448B81FBD7FA80D56 ipv4 address 94.142.242.84 ipv6 address 2a02:898:24:84::1
Kind regards, Rejo Zenger
++ 12/12/16 21:39 +1100 - teor:
On 12 Dec. 2016, at 19:15, Rejo Zenger rejo@zenger.nl wrote:
Hey!
I do have IPv6 available, but I hadn't taken the time to actually enable it. I will look into it one of the next days and when enabled, I'll let you know about the IPv6 address.
Node: rejozenger, FP: AA0D167E03E298F9A8CD50F448B81FBD7FA80D56
Kind regards, Rejo Zenger
Thanks, that would be great!
T
-- Tim Wilson-Brown (teor)
teor2345 at gmail dot com PGP C855 6CED 5D90 A0C5 29F6 4D43 450C BA7F 968F 094B ricochet:ekmygaiu4rzgsk6n xmpp: teor at torproject dot org
tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
On 13 Dec. 2016, at 08:13, Rejo Zenger rejo@zenger.nl wrote:
Hey Tim,
My relay now should be available on both IPv4 and IPv6. But, to be honest, I don't see how I can verify the correct functioning of IPv6. Here are the details:
name rejozenger fingerprint AA0D167E03E298F9A8CD50F448B81FBD7FA80D56 ipv4 address 94.142.242.84 ipv6 address 2a02:898:24:84::1
Kind regards, Rejo Zenger
Hi Rejo,
Have you configured an IPv6 ORPort in your torrc?
ORPort [2a02:898:24:84::1]:9001
The directory authorities will verify your IPv6 connectivity.
Or you can use telnet (or nc):
telnet 2a02:898:24:84::1 9001
Or you can use a tor client version 0.2.8 or later:
tor ClientUseIPv4 0 UseMicrodescriptors 0 EntryGuards rejozenger
And then send some data through that client, or just read the logs to make sure it says its guard is up.
Tim
++ 12/12/16 21:39 +1100 - teor:
On 12 Dec. 2016, at 19:15, Rejo Zenger rejo@zenger.nl wrote:
Hey!
I do have IPv6 available, but I hadn't taken the time to actually enable it. I will look into it one of the next days and when enabled, I'll let you know about the IPv6 address.
Node: rejozenger, FP: AA0D167E03E298F9A8CD50F448B81FBD7FA80D56
Kind regards, Rejo Zenger
Thanks, that would be great!
T
-- Tim Wilson-Brown (teor)
teor2345 at gmail dot com PGP C855 6CED 5D90 A0C5 29F6 4D43 450C BA7F 968F 094B ricochet:ekmygaiu4rzgsk6n xmpp: teor at torproject dot org
tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
-- Rejo Zenger E rejo@zenger.nl | P +31(0)639642738 | W https://rejo.zenger.nl T @rejozenger | J rejo@zenger.nl
OpenPGP 1FBF 7B37 6537 68B1 2532 A4CB 0994 0946 21DB EFD4 XMPP OTR 271A 9186 AFBC 8124 18CF 4BE2 E000 E708 F811 5ACF Signal 82597 53935 59879 30955 36233 06160 [...] _______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
T
On 13 Dec. 2016, at 08:25, teor teor2345@gmail.com wrote:
On 13 Dec. 2016, at 08:13, Rejo Zenger rejo@zenger.nl wrote:
Hey Tim,
My relay now should be available on both IPv4 and IPv6. But, to be honest, I don't see how I can verify the correct functioning of IPv6. Here are the details:
name rejozenger fingerprint AA0D167E03E298F9A8CD50F448B81FBD7FA80D56 ipv4 address 94.142.242.84 ipv6 address 2a02:898:24:84::1
Kind regards, Rejo Zenger
Hi Rejo,
Have you configured an IPv6 ORPort in your torrc?
ORPort [2a02:898:24:84::1]:9001
The directory authorities will verify your IPv6 connectivity.
Or you can use telnet (or nc):
telnet 2a02:898:24:84::1 9001
Or you can use a tor client version 0.2.8 or later:
tor ClientUseIPv4 0 UseMicrodescriptors 0 EntryGuards rejozenger
And then send some data through that client, or just read the logs to make sure it says its guard is up.
Tim
Hi Rejo,
I see you just changed the ports on your relay. Please let me know if you are going to keep those ports. And please let me know if you get IPv6 working.
Relays need to have the same address and ports for 7 days to become fallback directory mirrors.
This means your relay won't be selected as a fallback directory mirror when I rebuild the list on the weekend, but might be selected next time someone rebuilds the list (in 6 to 12 months time).
Tim
++ 12/12/16 21:39 +1100 - teor:
On 12 Dec. 2016, at 19:15, Rejo Zenger rejo@zenger.nl wrote:
Hey!
I do have IPv6 available, but I hadn't taken the time to actually enable it. I will look into it one of the next days and when enabled, I'll let you know about the IPv6 address.
Node: rejozenger, FP: AA0D167E03E298F9A8CD50F448B81FBD7FA80D56
Kind regards, Rejo Zenger
Thanks, that would be great!
T
-- Tim Wilson-Brown (teor)
teor2345 at gmail dot com PGP C855 6CED 5D90 A0C5 29F6 4D43 450C BA7F 968F 094B ricochet:ekmygaiu4rzgsk6n xmpp: teor at torproject dot org
tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
-- Rejo Zenger E rejo@zenger.nl | P +31(0)639642738 | W https://rejo.zenger.nl T @rejozenger | J rejo@zenger.nl
OpenPGP 1FBF 7B37 6537 68B1 2532 A4CB 0994 0946 21DB EFD4 XMPP OTR 271A 9186 AFBC 8124 18CF 4BE2 E000 E708 F811 5ACF Signal 82597 53935 59879 30955 36233 06160 [...] _______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
T
-- Tim Wilson-Brown (teor)
teor2345 at gmail dot com PGP C855 6CED 5D90 A0C5 29F6 4D43 450C BA7F 968F 094B ricochet:ekmygaiu4rzgsk6n xmpp: teor at torproject dot org
T
tor-relays@lists.torproject.org
-
Andrew Deason -
Rejo Zenger -
teor