Dear Relay Operators,
I noticed there are very few US based exit nodes in the network. And more and more people are jumping on the same set of AS numbers in Europe.
I am not if the reason is lack of Tor friendly ISPs or people are just too freaked out about the summer of Snowden.
I think it's very wrong to assume that EU countries are not part of the world-wide-wiretap, packets are going through a few internet exchanges anyways.
I have been hosting/operating Faravahar (one of the authority directory servers) at Rethem Hosting (rethemhosting.net) for a couple of years now, and never had any issues.
I also just brought up 2 exit nodes there: https://atlas.torproject.org/#details/A5B1C342B316C2AE5695B903CED18F619A8361... https://atlas.torproject.org/#details/6FFCDF910C32D620FCC6EEF7A8A57F3E9A2346...
If anyone is interested in running fast Tor Exit nodes at Rethem Hosting. Feel free to contact me directly, so I can make proper referral/introductions. Rethem Hosting is also able to provide hosting In IceLand, but you get the most bang for your buck in the US datacenter.
Thank you for contributing to Tor.
All the best, SiNA
# Consensus Weights Advertised Bandwidth Guard Probability Middle Probability Exit Probability Nickname Fingerprint Exit Guard Country Autonomous System 1.5958% 0.0000% 0.0000% 0.0000% 4.8946% (11 other relay groups) 17.6751% 0.0000% 0.0000% 0.0000% 54.2124% (total in selection) 1 4.1722% 0.0000% 0.0000% 0.0000% 12.7968% * (26 relays) (26) (22) FR (4) 2 3.8256% 0.0000% 0.0000% 0.0000% 11.7338% * (19 relays) (19) (16) DE (6) 3 2.1098% 0.0000% 0.0000% 0.0000% 6.4712% * (10 relays) (10) (8) NL (6) 4 1.4620% 0.0000% 0.0000% 0.0000% 4.4843% * (5 relays) (5) (5) RO (1) 5 0.9090% 0.0000% 0.0000% 0.0000% 2.7881% * (6 relays) (6) (5) SE (4) 6 0.8788% 0.0000% 0.0000% 0.0000% 2.6955% * (4 relays) (4) (4) CH (2) 7 0.8560% 0.0000% 0.0000% 0.0000% 2.6255% * (3 relays) (3) (3) LU (1) 8 0.6510% 0.0000% 0.0000% 0.0000% 1.9967% * (1 relays) (1) (1) LR (1) 9 0.6433% 0.0000% 0.0000% 0.0000% 1.9731% * (10 relays) (10) (8) US (10) 10 0.5715% 0.0000% 0.0000% 0.0000% 1.7528% * (2 relays) (2) (2) GB (1)
Hi SiNA,
On 11/22/2014 01:08 AM, SiNA Rabbani wrote:
Dear Relay Operators,
I noticed there are very few US based exit nodes in the network. And more and more people are jumping on the same set of AS numbers in Europe.
[...]
Thank you, SiNA. A reminder to relay operators: Diversity is important. A very good paper everyone should read is "Traffic Correlation on Tor by Realistic Adversaries" [1].
Compass [2] is very useful in at least determining country- and AS-level diversity. It would be nice to have more than just a feeling of when to rule out a potential ISP and/or country, but I would at least try to avoid any of the popular AS.
lowendbox.com is not a bad source for virtual machine hosting. If you plan to run an exit relay, it is imperative that you ask the ISP beforehand, and you should read the Exit Guidelines [3]. Add the answer of the ISP to the GoodBadRelays wiki page [4]. For non-exit relays, I wouldn't ask or tell the ISP, they don't have to know. When you pick a cheap provider with "unlimited" (fair use) bandwidth, make sure you contact the ISP beforehand to find out how much constant traffic they are actually ok with, and configure your relay accordingly. The hibernation options are quite useful in that regard.
For larger exits (dedicated, higher bandwidth), webhostingtalk.com can be a good source. It is generally cheaper to pool money and rent a bigger server. Ideally, you find some people around you. For example, if you have a local hackerspace or makerspace nearby, you should leave contact info and ask if there's interest to collectively run a larger relay. I always wanted to get "Tor User & Relay Operator Groups" going. A quite outdated and lame attempt is a wiki page on the torservers wiki [5].
The next step may be to set up an organization around your exit(s). Many groups chose the non-profit model [6]. This type of organization is surprisingly easy to create and manage, but it does produce overhead. Think a bit about who wants to play accountant and all that.
After a while, you might consider joining the Torservers.net reimbursement partnership. While the program does not formally require you to have an organization, we do prefer them, simply because they are a sign of a more stable environment. For more information, see [7].
[1] http://freehaven.net/anonbib/#ccs2013-usersrouted [2] https://compass.torproject.org/ [3] https://trac.torproject.org/projects/tor/wiki/doc/TorExitGuidelines [4] https://trac.torproject.org/projects/tor/wiki/doc/GoodBadISPs [5] https://www.torservers.net/wiki/usergroups [6] https://www.torservers.net/partners.html [7] https://blog.torservers.net/20130917/reimbursement-for-exit-operators.html
On 11/21/2014 07:08 PM, SiNA Rabbani wrote:
Dear Relay Operators,
I noticed there are very few US based exit nodes in the network. And more and more people are jumping on the same set of AS numbers in Europe.
[snip]
If anyone is interested in running fast Tor Exit nodes at Rethem Hosting. Feel free to contact me directly, so I can make proper referral/introductions. Rethem Hosting is also able to provide hosting In IceLand, but you get the most bang for your buck in the US datacenter.
I am interested in running a fast exit node in the US.
That said, there is precious little information on Rethem's web site (http://www.rethemhosting.net/) to indicate that they would be open to that. They don't say anything about what plans might be offered, where the server would be located, or what forms of payment are accepted.
Their web site is non-SSL and the only method of contact is via the notoriously insecure e-mail. I like graphics of binary numbers and circuit board traces as much as the next guy, but their site doesn't give much information to the potential customer.
And with your servers running for less than 3 days apiece, I think it is too early to say if Rethem is a good venue for hosting a Tor node.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
I also share the thought that more US exit power is welcomed in the Tor network.
However, the fact that there is more exit power in the EU compared to the US has nothing to do with the legal implications of running a Tor exit, it's as simple as bandwidth is a lot cheaper in the EU than in the US. And for small relays run at home, US, as opposite to the EU, has asymmetric internet lines, with download speed considerably higher than upload speed - they think for a residential line you should only consume content, not create. Since a Tor relay needs to be able to receive as much as it sends, this is a bottleneck.
Depending on your budget, Voxility has a datacenter in the US. Unfortunately they provide only enterprise class servers with prices directly proportional to the class. Maybe we can manage to pool $ in order to create a bigger node with this provider if we find enough people.
On 11/23/2014 2:10 AM, Steve Snyder wrote:
On 11/21/2014 07:08 PM, SiNA Rabbani wrote:
Dear Relay Operators,
I noticed there are very few US based exit nodes in the network. And more and more people are jumping on the same set of AS numbers in Europe.
[snip]
If anyone is interested in running fast Tor Exit nodes at Rethem Hosting. Feel free to contact me directly, so I can make proper referral/introductions. Rethem Hosting is also able to provide hosting In IceLand, but you get the most bang for your buck in the US datacenter.
I am interested in running a fast exit node in the US.
That said, there is precious little information on Rethem's web site (http://www.rethemhosting.net/) to indicate that they would be open to that. They don't say anything about what plans might be offered, where the server would be located, or what forms of payment are accepted.
Their web site is non-SSL and the only method of contact is via the notoriously insecure e-mail. I like graphics of binary numbers and circuit board traces as much as the next guy, but their site doesn't give much information to the potential customer.
And with your servers running for less than 3 days apiece, I think it is too early to say if Rethem is a good venue for hosting a Tor node.
_______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
I would happily chip in to a node like that. One thing, though, about USA is their fickleness when shown a legal letter. I increased VPSs to more than ten paid a year in advance with GreenValueHost because they were so helpful they even reinstalled Tor and sorted some Linux problems for me. Then they banned Tor. I can only imagine that their spines collapsed at a threat.
So USA can be fast and cheap but beware when they agree Tor is acceptable because there are poor trade practices laws to get refunds and rights.
Robert
I also share the thought that more US exit power is welcomed in the Tor network.
.....
Depending on your budget, Voxility has a datacenter in the US. Unfortunately they provide only enterprise class servers with prices directly proportional to the class. Maybe we can manage to pool $ in order to create a bigger node with this provider if we find enough people.
On Sat, 22 Nov 2014 16:35:18 -0800, I beatthebastards@inbox.com wrote:
So USA can be fast and cheap but beware when they agree Tor is acceptable because there are poor trade practices laws to get refunds and rights.
FWIW I spun up a Tor exit node on VULTR. I pro-actively informed them I was doing so by creating a support ticket with this text:
"Just giving you guys a heads up that I've setup a new Tor exit node.
It's using the ReducedExitPolicy detailed here:
https://trac.torproject.org/projects/tor/wiki/doc/ReducedExitPolicy
The reduced exit policy has been successful in eliminating the vast majority of DMCA complains according to this Tor blog post:
https://blog.torproject.org/running-exit-node
If there are any complaints about traffic from this node, please alert me immediately so I can deal with them. I have a dedicated email setup for this purpose at tor@sysfu.com.
Regards, Seth"
The response was a simple "Thank you for the update."...so they seem pretty cool about it.
If you look at https://torstatus.rueckgr.at/ you'll see a half dozen other nodes running on VULTR.
The starter $5/mo size gets you 1000GB of bandwidth per month, can't beat that with a stick.
Another thing I like about VULTR is that you can install your own custom OS via an ISO or iPXE script. Also none of that fixed kernel nonsense I dealt with at Digital Ocean. And they accept Bitcoin.
That fact that thousands of average joe sysadmins can now spin up a powerful Tor relay or exit node, on the operating system of their choice, for $5/mo payable in Bitcoin...I think that's a big deal.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Just checked them now, that is great if they will allow you to run Tor exit nodes on such cheap virtual machines. 5$ for 1000GB is a good deal for US traffic, and bitcoin accepted is an important pro. But I am concerned if they will sustain Tor exits on the long term. If the Tor relay will consume more bandwidth they might start shouting about it since more virtual machines share a network port, and they will want to maximize how many VMs they can assign to a port in order to maximize profit. Not to mention if the relay will be under DDoS attack.
I saw many cheap cloud providers which claimed to support Tor, yet after little time just when the relay was becoming popular and known in the consensus, service terminated. Hope VULTR will not follow this way.
On 11/23/2014 2:56 AM, Seth wrote:
On Sat, 22 Nov 2014 16:35:18 -0800, I beatthebastards@inbox.com wrote:
So USA can be fast and cheap but beware when they agree Tor is acceptable because there are poor trade practices laws to get refunds and rights.
FWIW I spun up a Tor exit node on VULTR. I pro-actively informed them I was doing so by creating a support ticket with this text:
"Just giving you guys a heads up that I've setup a new Tor exit node.
It's using the ReducedExitPolicy detailed here:
https://trac.torproject.org/projects/tor/wiki/doc/ReducedExitPolicy
The reduced exit policy has been successful in eliminating the vast majority of DMCA complains according to this Tor blog post:
https://blog.torproject.org/running-exit-node
If there are any complaints about traffic from this node, please alert me immediately so I can deal with them. I have a dedicated email setup for this purpose at tor@sysfu.com.
Regards, Seth"
The response was a simple "Thank you for the update."...so they seem pretty cool about it.
If you look at https://torstatus.rueckgr.at/ you'll see a half dozen other nodes running on VULTR.
The starter $5/mo size gets you 1000GB of bandwidth per month, can't beat that with a stick.
Another thing I like about VULTR is that you can install your own custom OS via an ISO or iPXE script. Also none of that fixed kernel nonsense I dealt with at Digital Ocean. And they accept Bitcoin.
That fact that thousands of average joe sysadmins can now spin up a powerful Tor relay or exit node, on the operating system of their choice, for $5/mo payable in Bitcoin...I think that's a big deal.
On Sat, 22 Nov 2014 17:05:53 -0800, s7r s7r@sky-ip.org wrote:
I am concerned if they will sustain Tor exits on the long term. If the Tor relay will consume more bandwidth they might start shouting about it since more virtual machines share a network port, and they will want to maximize how many VMs they can assign to a port in order to maximize profit. Not to mention if the relay will be under DDoS attack.
I share all these concerns and s'pose we'll find out eventually.
The Choopa (VULTR parent company) network infrastructure is fairly robust from what I gathered reading many many posts about the service on lowendtalk.com.
I saw many cheap cloud providers which claimed to support Tor, yet after little time just when the relay was becoming popular and known in the consensus, service terminated. Hope VULTR will not follow this way.
I think the VPS providers are more likely to fold in the face of pressure. Too big and they're likely gutless and/or compromised.
There's probably a sweet spot that's willing to "Throw down for freedom" somewhere in the middle. (Sonic.net for example)
I should have also mentioned in my previous post I put the following in /etc/tor/torrc
# Bandwidth and data caps AccountingStart day 19:45 # calculate once a day at 7:45pm AccountingMax 33 GBytes # 33GB X 30 days = 10GB shy of 1000GB/mo. RelayBandwidthRate 3000 KBytes RelayBandwidthBurst 3750 KBytes # allow higher bursts but maintain average
If you are looking for good solution, I'm testing right now http://roundabove.com, running one exit node with exit rules provided from https://trac.torproject.org/projects/tor/wiki/doc/ReducedExitPolicy.
Tor's uptime is 11 days 12:00 hours, with 194 circuits open. I've sent 182.16 GB and received 178.18 GB.
Only what you need to do on your system is to set new hostnames in /etc/rc.local. I use servernames without logging from this this list http://wiki.opennicproject.org/Tier2 (France).
On 23 November 2014 at 02:58, Seth list@sysfu.com wrote:
On Sat, 22 Nov 2014 17:05:53 -0800, s7r s7r@sky-ip.org wrote:
I am concerned if they will sustain Tor exits on the long term. If the
Tor relay will consume more bandwidth they might start shouting about it since more virtual machines share a network port, and they will want to maximize how many VMs they can assign to a port in order to maximize profit. Not to mention if the relay will be under DDoS attack.
I share all these concerns and s'pose we'll find out eventually.
The Choopa (VULTR parent company) network infrastructure is fairly robust from what I gathered reading many many posts about the service on lowendtalk.com.
I saw many cheap cloud providers which claimed to support Tor, yet
after little time just when the relay was becoming popular and known in the consensus, service terminated. Hope VULTR will not follow this way.
I think the VPS providers are more likely to fold in the face of pressure. Too big and they're likely gutless and/or compromised.
There's probably a sweet spot that's willing to "Throw down for freedom" somewhere in the middle. (Sonic.net for example)
I should have also mentioned in my previous post I put the following in /etc/tor/torrc
# Bandwidth and data caps AccountingStart day 19:45 # calculate once a day at 7:45pm AccountingMax 33 GBytes # 33GB X 30 days = 10GB shy of 1000GB/mo. RelayBandwidthRate 3000 KBytes RelayBandwidthBurst 3750 KBytes # allow higher bursts but maintain average
tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
On Sat, 22 Nov 2014 18:46:18 -0800, ZEROF security@netmajstor.com wrote:
I use servernames without logging from this this list http://wiki.opennicproject.org/Tier2 (France).
Great resource of logless DNS servers, I'm a big fan of OpenNIC.
Have you bothered to encrypt DNS traffic by setting up dnscrypt-proxy or the like? These days it's something I include as standard.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
Hi Seth,
I saw some info just yesterday, but it's not in actual server configuration. Can you provide some good resource for setting dnscrypt-proxy? And no logging DNS's is good to protect end users.
On 23 November 2014 at 04:05, Seth list@sysfu.com wrote:
On Sat, 22 Nov 2014 18:46:18 -0800, ZEROF security@netmajstor.com wrote:
I use servernames without logging from this this list http://wiki.opennicproject.org/Tier2 (France).
Great resource of logless DNS servers, I'm a big fan of OpenNIC.
Have you bothered to encrypt DNS traffic by setting up dnscrypt-proxy or the like? These days it's something I include as standard.
tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
On Sat, 22 Nov 2014 19:13:17 -0800, ZEROF security@netmajstor.com wrote:
I saw some info just yesterday, but it's not in actual server configuration. Can you provide some good resource for setting dnscrypt-proxy? And no logging DNS's is good to protect end users.
That was a long night bleary night but IIRC I used the Arch wiki https://wiki.archlinux.org/index.php/Dnscrypt
It's pretty straightforward for the most part. Install the package, set it to run at boot, configure the desired target DNS server(s), and edit /etc/resolv.conf to use the local DNScrypt proxy (e.g. nameserver 127.0.0.1) On OpenBSD I had to manually edit the /etc/rc.d/dnscrypt_proxy script to change the DNS servers.
To do it right, you'll also want to insert a caching resolver (such as Unbound) into the DNS lookup chain.
On Sat, 22 Nov 2014 19:13:17 -0800, ZEROF security@netmajstor.com wrote:
I saw some info just yesterday, but it's not in actual server configuration. Can you provide some good resource for setting dnscrypt-proxy? And no logging DNS's is good to protect end users
A caveat: You should probably avoid using the default OpenDNS servers with dnscrypt-proxy.
From the 'Bad Relays' wiki page https://trac.torproject.org/projects/tor/wiki/doc/badRelays
"The most common misconfiguration I have seen is using OpenDNS as a host's nameserver with what I think is the OpenDNS default config. Services such as OpenDNS lie to you, under the name of protecting you. The result is for instance getting redirected to their webpage when you want to visit evil sites such as https://www.torproject.org/."
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
I'm not using opendns. OpenNic and OpenDNS are not same thing.
On 23 November 2014 at 23:59, Seth wrote: On Sat, 22 Nov 2014 19:13:17 -0800, ZEROF wrote:
I saw some info just yesterday, but it's not in actual server configuration. Can you provide some good resource for setting dnscrypt-proxy? And no logging DNS's is good to protect end users A caveat: You should probably avoid using the default OpenDNS servers with dnscrypt-proxy.
From the 'Bad Relays' wiki page
https://trac.torproject.org/projects/tor/wiki/doc/badRelays
"The most common misconfiguration I have seen is using OpenDNS as a host's nameserver with what I think is the OpenDNS default config. Services such as OpenDNS lie to you, under the name of protecting you. The result is for instance getting redirected to their webpage when you want to visit evil sites such as https://www.torproject.org/."
_______________________________________________ tor-relays mailing listtor-relays@lists.torproject.orghttps://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
- --http://www.backbox.orghttp://www.pentester.iz.rs
On Sun, 23 Nov 2014 16:53:03 -0800, ZEROF security@netmajstor.com wrote:
I'm not using opendns. OpenNic and OpenDNS are not same thing.
I'm aware of the distinction.
What I was trying to point out for the benefit of people just getting started with dnscrypt-proxy, is that by default it uses OpenDNS servers.
At least it has in every environment that I've set it up in so far.
http://blog.censurfridns.dk/en
Pretty sure this is no fon.
On 24 November 2014 at 02:18, Seth list@sysfu.com wrote:
On Sun, 23 Nov 2014 16:53:03 -0800, ZEROF security@netmajstor.com wrote:
I'm not using opendns. OpenNic and OpenDNS are not same thing.
I'm aware of the distinction.
What I was trying to point out for the benefit of people just getting started with dnscrypt-proxy, is that by default it uses OpenDNS servers.
At least it has in every environment that I've set it up in so far.
tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Seth said:
On Sat, 22 Nov 2014 18:46:18 -0800, ZEROF security@netmajstor.com wrote:
I use servernames without logging from this this list http://wiki.opennicproject.org/Tier2 (France).
Great resource of logless DNS servers, I'm a big fan of OpenNIC.
I'm not a fan of OpenNIC because they were, and probably still are, running open resolvers. That means the servers are wide open to be used for reflection attacks, cache poisening and likely numerous other attacks. And they didn't support DNSSEC. And if they aren't logging anything, how do they stop the attacks?
http://www.opennicproject.org/ says "so at least you are not tracked through your DNS requests." Saying it doesn't make it true. DNS wasn't designed with privacy built in, so how can they actually do that?
Have you bothered to encrypt DNS traffic by setting up dnscrypt-proxy or the like? These days it's something I include as standard.
Does a project exist that supports encryption and pooling the recursive queries, and DNSSEC, other than OpenDNS?
Chuck
On Sat, 22 Nov 2014 21:48:21 -0800, Chuck Peters cp@axs.org wrote:
I'm not a fan of OpenNIC because they were, and probably still are, running open resolvers. That means the servers are wide open to be used for reflection attacks, cache poisening and likely numerous other attacks. And they didn't support DNSSEC. And if they aren't logging anything, how do they stop the attacks?
Was not aware of the open resolver attack vector issues with OpenNIC. Could they be stopped by rate limiting?
Does a project exist that supports encryption and pooling the recursive queries, and DNSSEC, other than OpenDNS?
Don't know off-hand but maybe DNSchain is worth a look? http://okturtles.com/
On 11/22/2014 06:58 PM, Seth wrote:
<SNIP>
I should have also mentioned in my previous post I put the following in /etc/tor/torrc
# Bandwidth and data caps AccountingStart day 19:45 # calculate once a day at 7:45pm AccountingMax 33 GBytes # 33GB X 30 days = 10GB shy of 1000GB/mo. RelayBandwidthRate 3000 KBytes RelayBandwidthBurst 3750 KBytes # allow higher bursts but maintain average
How much throughput do you get with your VPS, 1000 GB/mo or 2000 GB/mo?
As I read comments in torrc, AccountingMax "applies separately to sent and received bytes, not to their sum", and so "setting '4 GB' may allow up to 8 GB total before hibernating".
On Sat, 22 Nov 2014 22:42:15 -0800, Mirimir mirimir@riseup.net wrote:
How much throughput do you get with your VPS, 1000 GB/mo or 2000 GB/mo?
The 1000 GB/mo applies to whichever value is greater, input or output. So far the Tor node is pushing less than 1.5GB per day. Takes a while for traffic to ramp up apparently.
As I read comments in torrc, AccountingMax "applies separately to sent and received bytes, not to their sum", and so "setting '4 GB' may allow up to 8 GB total before hibernating".
Yes, others have raised this issue as well and I will look into it.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
That is, because in almost all cases, providers allow unmetered incoming traffic to your server but keep count and accounting on outgoing traffic from your server, which is why the torrc setting acts the way it does.
On 11/23/2014 7:58 PM, Seth wrote:
On Sat, 22 Nov 2014 22:42:15 -0800, Mirimir mirimir@riseup.net wrote:
How much throughput do you get with your VPS, 1000 GB/mo or 2000 GB/mo?
The 1000 GB/mo applies to whichever value is greater, input or output. So far the Tor node is pushing less than 1.5GB per day. Takes a while for traffic to ramp up apparently.
As I read comments in torrc, AccountingMax "applies separately to sent and received bytes, not to their sum", and so "setting '4 GB' may allow up to 8 GB total before hibernating".
Yes, others have raised this issue as well and I will look into it. _______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
On 11/23/2014 11:05 AM, s7r wrote:
That is, because in almost all cases, providers allow unmetered incoming traffic to your server but keep count and accounting on outgoing traffic from your server, which is why the torrc setting acts the way it does.
That would be great! I'll confirm with the provider.
I'm also wondering what to set for RelayBandwidthRate for an exit. I see some old threads on this list, and a question at Tor.SE, but find nothing that's clear and persuasive.
Assuming that the 1000 GB/mo limit applies to just outgoing traffic, throughput would need to average ca. 0.4 MB/sec. However, median advertised exit bandwidth from Tor Metrics is ca. 1 MB/sec, so it seems unlikely that an exit advertising 0.4 MB/sec would be used very heavily. And so actual usage would be far less than 0.4 MB/sec.
Conversely, setting RelayBandwidthRate to 3 MB/sec would ultimately lead to heavy use. But with full utilization at 250 GB per day, the relay would hibernate after just four days. There must be some intermediate value that would bring average usage to 0.4 MB/sec.
What is the optimal RelayBandwidthRate for a 1000 GB/mo VPS? I'm guessing that it's about 1 MB/sec.
On 11/23/2014 7:58 PM, Seth wrote:
On Sat, 22 Nov 2014 22:42:15 -0800, Mirimir mirimir@riseup.net wrote:
How much throughput do you get with your VPS, 1000 GB/mo or 2000 GB/mo?
The 1000 GB/mo applies to whichever value is greater, input or output. So far the Tor node is pushing less than 1.5GB per day. Takes a while for traffic to ramp up apparently.
As I read comments in torrc, AccountingMax "applies separately to sent and received bytes, not to their sum", and so "setting '4 GB' may allow up to 8 GB total before hibernating".
Yes, others have raised this issue as well and I will look into it. _______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
If the only limit is consumed monthly traffic, and not the bandwidth your relays consumes daily (e.g. you use your VPS only for Tor) it is not recommended to use RelayBandwidthRate. Better use AccountingMax, and your relay will work at full speed until it hits the accounting limit, then go into hibernation. It will wake up at a random time in the next accounting period.
As the Tor manual says, it's better to have a fast relay available some of the time instead of having a slow relay available all the time.
Just use AccountingMax and do not forget there are other factors as well which count in the speed of a relay, such as CPU, RAM, network - a VPS (share resources machine) is unlikely to achieve maximum resources usage. Give it a try with AccountingMax (so you are sure it won't bypass the limit set by your provider and you don't have to pay extra) and see what what speed it reaches.
On 11/24/2014 5:24 AM, Mirimir wrote:
On 11/23/2014 11:05 AM, s7r wrote:
That is, because in almost all cases, providers allow unmetered incoming traffic to your server but keep count and accounting on outgoing traffic from your server, which is why the torrc setting acts the way it does.
That would be great! I'll confirm with the provider.
I'm also wondering what to set for RelayBandwidthRate for an exit. I see some old threads on this list, and a question at Tor.SE, but find nothing that's clear and persuasive.
Assuming that the 1000 GB/mo limit applies to just outgoing traffic, throughput would need to average ca. 0.4 MB/sec. However, median advertised exit bandwidth from Tor Metrics is ca. 1 MB/sec, so it seems unlikely that an exit advertising 0.4 MB/sec would be used very heavily. And so actual usage would be far less than 0.4 MB/sec.
Conversely, setting RelayBandwidthRate to 3 MB/sec would ultimately lead to heavy use. But with full utilization at 250 GB per day, the relay would hibernate after just four days. There must be some intermediate value that would bring average usage to 0.4 MB/sec.
What is the optimal RelayBandwidthRate for a 1000 GB/mo VPS? I'm guessing that it's about 1 MB/sec.
On 11/23/2014 7:58 PM, Seth wrote:
On Sat, 22 Nov 2014 22:42:15 -0800, Mirimir mirimir@riseup.net wrote:
How much throughput do you get with your VPS, 1000 GB/mo or 2000 GB/mo?
The 1000 GB/mo applies to whichever value is greater, input or output. So far the Tor node is pushing less than 1.5GB per day. Takes a while for traffic to ramp up apparently.
As I read comments in torrc, AccountingMax "applies separately to sent and received bytes, not to their sum", and so "setting '4 GB' may allow up to 8 GB total before hibernating".
Yes, others have raised this issue as well and I will look into it. _______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
_______________________________________________
tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
_______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
On 11/24/2014 03:06 AM, s7r wrote:
If the only limit is consumed monthly traffic, and not the bandwidth your relays consumes daily (e.g. you use your VPS only for Tor) it is not recommended to use RelayBandwidthRate. Better use AccountingMax, and your relay will work at full speed until it hits the accounting limit, then go into hibernation. It will wake up at a random time in the next accounting period.
As the Tor manual says, it's better to have a fast relay available some of the time instead of having a slow relay available all the time.
Just use AccountingMax and do not forget there are other factors as well which count in the speed of a relay, such as CPU, RAM, network - a VPS (share resources machine) is unlikely to achieve maximum resources usage. Give it a try with AccountingMax (so you are sure it won't bypass the limit set by your provider and you don't have to pay extra) and see what what speed it reaches.
OK, then. But in that case, and given that the provider states the throughput limit as "1000 GB per month", I would want to use monthly accounting, in order to be in synch with them:
AccountingStart month 1 00:00 AccountingMax 900 GBytes
Yes? That way, with no RelayBandwidthRate limit, relay utilization will presumably increase for two or three months, until AccountingMax is exceeded, and the relay hibernates. Subsequently, it will tend toward an equilibrium, with some mix of bandwidth and activity/month that depends on the configuration of the directory authorities.
If I used daily accounting, the relay might end up hibernating every day. That would be worse, right? Also, I'm imagining that this might lead to lower average throughput, because the relay would show up as unstable? Is that correct?
More generally, should AccountingStart (day vs week vs month) match the accounting period used by the service provider?
Thanks.
On 11/24/2014 5:24 AM, Mirimir wrote:
On 11/23/2014 11:05 AM, s7r wrote:
That is, because in almost all cases, providers allow unmetered incoming traffic to your server but keep count and accounting on outgoing traffic from your server, which is why the torrc setting acts the way it does.
That would be great! I'll confirm with the provider.
I'm also wondering what to set for RelayBandwidthRate for an exit. I see some old threads on this list, and a question at Tor.SE, but find nothing that's clear and persuasive.
Assuming that the 1000 GB/mo limit applies to just outgoing traffic, throughput would need to average ca. 0.4 MB/sec. However, median advertised exit bandwidth from Tor Metrics is ca. 1 MB/sec, so it seems unlikely that an exit advertising 0.4 MB/sec would be used very heavily. And so actual usage would be far less than 0.4 MB/sec.
Conversely, setting RelayBandwidthRate to 3 MB/sec would ultimately lead to heavy use. But with full utilization at 250 GB per day, the relay would hibernate after just four days. There must be some intermediate value that would bring average usage to 0.4 MB/sec.
What is the optimal RelayBandwidthRate for a 1000 GB/mo VPS? I'm guessing that it's about 1 MB/sec.
On 11/23/2014 7:58 PM, Seth wrote:
On Sat, 22 Nov 2014 22:42:15 -0800, Mirimir mirimir@riseup.net wrote:
How much throughput do you get with your VPS, 1000 GB/mo or 2000 GB/mo?
The 1000 GB/mo applies to whichever value is greater, input or output. So far the Tor node is pushing less than 1.5GB per day. Takes a while for traffic to ramp up apparently.
As I read comments in torrc, AccountingMax "applies separately to sent and received bytes, not to their sum", and so "setting '4 GB' may allow up to 8 GB total before hibernating".
Yes, others have raised this issue as well and I will look into it. _______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
_______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 11/24/2014 7:32 PM, Mirimir wrote:
On 11/24/2014 03:06 AM, s7r wrote:
If the only limit is consumed monthly traffic, and not the bandwidth your relays consumes daily (e.g. you use your VPS only for Tor) it is not recommended to use RelayBandwidthRate. Better use AccountingMax, and your relay will work at full speed until it hits the accounting limit, then go into hibernation. It will wake up at a random time in the next accounting period.
As the Tor manual says, it's better to have a fast relay available some of the time instead of having a slow relay available all the time.
Just use AccountingMax and do not forget there are other factors as well which count in the speed of a relay, such as CPU, RAM, network - a VPS (share resources machine) is unlikely to achieve maximum resources usage. Give it a try with AccountingMax (so you are sure it won't bypass the limit set by your provider and you don't have to pay extra) and see what what speed it reaches.
OK, then. But in that case, and given that the provider states the throughput limit as "1000 GB per month", I would want to use monthly accounting, in order to be in synch with them:
AccountingStart month 1 00:00 AccountingMax 900 GBytes
Yes? That way, with no RelayBandwidthRate limit, relay utilization will presumably increase for two or three months, until AccountingMax is exceeded, and the relay hibernates. Subsequently, it will tend toward an equilibrium, with some mix of bandwidth and activity/month that depends on the configuration of the directory authorities.
Sounds about right. If you have 1000GB from your provider, why set it to 900? You can put 995 GBytes without any problems, since 5GB per month is more than enough for management / administration and time to time regular operating system updates.
If I used daily accounting, the relay might end up hibernating every day. That would be worse, right? Also, I'm imagining that this might lead to lower average throughput, because the relay would show up as unstable? Is that correct?
More generally, should AccountingStart (day vs week vs month) match the accounting period used by the service provider?
It does not matter really, as for traffic consumption will have the same effect. If you have 1000GB per month you can either set accounting period of 995GBytes per month or accounting period of 248GBytes per week - it will still prevent your relay to consume more than 1000GBytes per month... As a personal thought, I think it's much better to have a monthly accounting period as your provider accounts your traffic, this way you relay will go into hibernation one time per month rather than 4 times (after the end of each accounting period Tor goes into hibernation and waits for a random time until it 'wakes up' again).
Thanks.
On 11/24/2014 5:24 AM, Mirimir wrote:
On 11/23/2014 11:05 AM, s7r wrote:
That is, because in almost all cases, providers allow unmetered incoming traffic to your server but keep count and accounting on outgoing traffic from your server, which is why the torrc setting acts the way it does.
That would be great! I'll confirm with the provider.
I'm also wondering what to set for RelayBandwidthRate for an exit. I see some old threads on this list, and a question at Tor.SE, but find nothing that's clear and persuasive.
Assuming that the 1000 GB/mo limit applies to just outgoing traffic, throughput would need to average ca. 0.4 MB/sec. However, median advertised exit bandwidth from Tor Metrics is ca. 1 MB/sec, so it seems unlikely that an exit advertising 0.4 MB/sec would be used very heavily. And so actual usage would be far less than 0.4 MB/sec.
Conversely, setting RelayBandwidthRate to 3 MB/sec would ultimately lead to heavy use. But with full utilization at 250 GB per day, the relay would hibernate after just four days. There must be some intermediate value that would bring average usage to 0.4 MB/sec.
What is the optimal RelayBandwidthRate for a 1000 GB/mo VPS? I'm guessing that it's about 1 MB/sec.
On 11/23/2014 7:58 PM, Seth wrote:
On Sat, 22 Nov 2014 22:42:15 -0800, Mirimir mirimir@riseup.net wrote:
How much throughput do you get with your VPS, 1000 GB/mo or 2000 GB/mo?
The 1000 GB/mo applies to whichever value is greater, input or output. So far the Tor node is pushing less than 1.5GB per day. Takes a while for traffic to ramp up apparently.
As I read comments in torrc, AccountingMax "applies separately to sent and received bytes, not to their sum", and so "setting '4 GB' may allow up to 8 GB total before hibernating".
Yes, others have raised this issue as well and I will look into it. _______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
_______________________________________________
tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
_______________________________________________ tor-relays mailing
list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
_______________________________________________
tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
_______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
On 11/22/2014 05:56 PM, Seth wrote:
On Sat, 22 Nov 2014 16:35:18 -0800, I beatthebastards@inbox.com wrote:
So USA can be fast and cheap but beware when they agree Tor is acceptable because there are poor trade practices laws to get refunds and rights.
FWIW I spun up a Tor exit node on VULTR. I pro-actively informed them I was doing so by creating a support ticket with this text:
"Just giving you guys a heads up that I've setup a new Tor exit node.
<SNIP>
Do you mind if I steal/paraphrase your letter?
They might find it odd. Any thoughts on that?
On Sat, 22 Nov 2014 17:29:35 -0800, Mirimir mirimir@riseup.net wrote:
Do you mind if I steal/paraphrase your letter?
That's why I put it up, so others can use it. Knock yourself out.
On Nov 22, 2014, at 4:21 PM, s7r s7r@sky-ip.org wrote:
Depending on your budget, Voxility has a datacenter in the US. Unfortunately they provide only enterprise class servers with prices directly proportional to the class. Maybe we can manage to pool $ in order to create a bigger node with this provider if we find enough people.
I’d be interested in chipping into this.
Would this server suitable for an exit node? Might be a bit on the slow side with 2GB of DDR2 and a Pentium D 940 https://www.voxility.com/shop/hosting/discounted/Supermicro-5015M-LFF https://www.voxility.com/shop/hosting/discounted/Supermicro-5015M-LFF
Price-wise it would be ~$200 to buy the server (after purchasing a disk for it), $70 setup fee, and $56/month to colocate in Los Angeles or Miami.
That’d be ~$950 for the first year, and $672/year for the following years.
The colocation isn’t cheap to say the least, and it only gives 5TB/month unless we want to pay more per month; https://www.voxility.com/shop/colocation/los-angeles/Equipment-Colocation-in... https://www.voxility.com/shop/colocation/los-angeles/Equipment-Colocation-in-Los-Angeles-(Equinix-LA1)#Network
Regards, Syrup-tan~
On Nov 22, 2014, at 4:21 PM, s7r s7r@sky-ip.org wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
I also share the thought that more US exit power is welcomed in the Tor network.
However, the fact that there is more exit power in the EU compared to the US has nothing to do with the legal implications of running a Tor exit, it's as simple as bandwidth is a lot cheaper in the EU than in the US. And for small relays run at home, US, as opposite to the EU, has asymmetric internet lines, with download speed considerably higher than upload speed - they think for a residential line you should only consume content, not create. Since a Tor relay needs to be able to receive as much as it sends, this is a bottleneck.
Depending on your budget, Voxility has a datacenter in the US. Unfortunately they provide only enterprise class servers with prices directly proportional to the class. Maybe we can manage to pool $ in order to create a bigger node with this provider if we find enough people.
On 11/23/2014 2:10 AM, Steve Snyder wrote:
On 11/21/2014 07:08 PM, SiNA Rabbani wrote:
Dear Relay Operators,
I noticed there are very few US based exit nodes in the network. And more and more people are jumping on the same set of AS numbers in Europe.
[snip]
If anyone is interested in running fast Tor Exit nodes at Rethem Hosting. Feel free to contact me directly, so I can make proper referral/introductions. Rethem Hosting is also able to provide hosting In IceLand, but you get the most bang for your buck in the US datacenter.
I am interested in running a fast exit node in the US.
That said, there is precious little information on Rethem's web site (http://www.rethemhosting.net/) to indicate that they would be open to that. They don't say anything about what plans might be offered, where the server would be located, or what forms of payment are accepted.
Their web site is non-SSL and the only method of contact is via the notoriously insecure e-mail. I like graphics of binary numbers and circuit board traces as much as the next guy, but their site doesn't give much information to the potential customer.
And with your servers running for less than 3 days apiece, I think it is too early to say if Rethem is a good venue for hosting a Tor node.
_______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
-----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (MingW32)
iQEcBAEBAgAGBQJUcSiMAAoJEIN/pSyBJlsRIikH/R0ikZ8flX2FyuezmgwcGAvM NPxQ4tjzb2nHLH64woKch4dr3hAfJDU62lZXcOkBiRq8PcotojZYuPkIz6SLzn4d 6WU0oVqyvBd1PhtaCQIDh+3kxs9LOOM+FDkhnbvgi1ma9MbvrYfc1CpvyE1coTUc ulWN7Cw9N7A/aYDnOGAyOM45oXgANWI2Ha48g7T+oZuniYeTnC1qQB7FnWjx0ud6 PSTD8zaZTB/vVlxfqVS/dS2H3kbXYuKHZe3Yoz5WCzf8GDR5WilrowivfNdQoezQ ZxvBS7F/lc5cDQ5fZIJxi0fuH6Hq20AWWvTwOOLzcdqUPzoSA6PF3z+Ir87KcN8= =1e8/ -----END PGP SIGNATURE----- _______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
On 11/25/2014 02:29 PM, Syrup-tan wrote:
The colocation isn’t cheap to say the least, and it only gives 5TB/month unless we want to pay more per month;
This may the largest logistical problem I've encountered when looking for dedicated servers intended to be exit nodes. For most providers, even expensive and powerful servers (16+ GB of RAM, 8+ cores) will come with 2-10 TB of monthly bandwidth. Because much cheaper servers can saturate a 100 Mbps link (IIRC) and thereby greatly exceed those limits, buying such packages just doesn't make sense. The additional bandwidth prices are usually strangely high, too. The pricing is often progressive - each additional terabyte costs more than the last.
If anyone knows of a good way of finding high-bandwidth budget dedicated servers (a search term or a list of providers, for example), please share. I expected there to be more of a market for this kind of thing than I've found.
Turns out the colocation costs $672/year for the network, and another $780/year for power, so I don’t think Voxility is very feasible for an exit node without bargaining with them.
If anyone knows of a good way of finding high-bandwidth budget dedicated servers (a search term or a list of providers, for example), please share. I expected there to be more of a market for this kind of thing than I've found.
I recently rented a dedi from Online.net http://online.net/ (http://www.online.net/en/dedicated-server/dedibox-xc http://www.online.net/en/dedicated-server/dedibox-xc) which offers unmetered b/w, but I’ve heard bad things about the network. I’ll do some testing this weekend on whether or not I can get the full 150Mb/s link.
On Nov 27, 2014, at 5:39 PM, Libertas libertas@mykolab.com wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
On 11/25/2014 02:29 PM, Syrup-tan wrote:
The colocation isn’t cheap to say the least, and it only gives 5TB/month unless we want to pay more per month;
This may the largest logistical problem I've encountered when looking for dedicated servers intended to be exit nodes. For most providers, even expensive and powerful servers (16+ GB of RAM, 8+ cores) will come with 2-10 TB of monthly bandwidth. Because much cheaper servers can saturate a 100 Mbps link (IIRC) and thereby greatly exceed those limits, buying such packages just doesn't make sense. The additional bandwidth prices are usually strangely high, too. The pricing is often progressive - each additional terabyte costs more than the last.
If anyone knows of a good way of finding high-bandwidth budget dedicated servers (a search term or a list of providers, for example), please share. I expected there to be more of a market for this kind of thing than I've found. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQIcBAEBCAAGBQJUd9JIAAoJELxHvGCsI27NrXkQAJrXBrP7gdtQAyU0s7qukHaA I2armmeyEkPMWYwPWlH3MAONgqthM8HhvClf1bgRcVF+EmkGoX8bWxQFB3Lmafq/ ewbdKqnFa1m3KXUOZ1qZCJFPUP/8dBgpRbaWvwB5qUzKxXkdsDm/aaRuoGnu0NHr KhiCoslwJ5AhbB0p2JSz/lrKBL08wRHzlcBr4BWTNff5UMkXh3A+P3XJ8+yaGka2 tLP1IAvP5H/PIUv/Mvw+l+5OWgUZcmDjKOkq/F1rFpJaEaYW9ZJ2dYXzlEUdUWWy u4LpT5K8DolfdxtTjznMydqG/48WBLoYBygJwXe7uHUkj0vz/5l0VTu9EDO1ihAo FdjMO34GYUoXmiFj9J0Nq51JGs6HAtXOy3c+0+AcX0b21X5JpZ/Bq2qbjqxwMDOU oWGSdAyHdZVap6tT2w/WQOularC1A13QdLJodQkehYFLKfZJjQmsI9uCGqWvZXSi 2kI9NNshxXZ8ZZ/iPkUV+F2kka5HMoaLfc+IPrR6aUFzOigrsJrG69qwOxYmworu VQ9YW6rkKhKVhob9AAsuvyCC/pHCJRIaoJMyQ/jmSY8gjOOoZVJhPGzjuyQTCl5y eUyRmDmpxJv8xzRG0TdW3+x9nD0E77pzlwiNUnz3P9OY0hLXuWIAQTuBb/7dw5p3 5AZhkQ+qziv/sHIXjjuo =41yu -----END PGP SIGNATURE----- _______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Someone may wish to look into Rokubear, I remember them being mentioned as Tor Exit friendly a few years back. -Jason
On 11/28/2014 01:54 AM, Syrup-tan wrote:
Turns out the colocation costs $672/year for the network, and another $780/year for power, so I don’t think Voxility is very feasible for an exit node without bargaining with them.
If anyone knows of a good way of finding high-bandwidth budget dedicated servers (a search term or a list of providers, for example), please share. I expected there to be more of a market for this kind of thing than I've found.
I recently rented a dedi from Online.net http://Online.net (http://www.online.net/en/dedicated-server/dedibox-xc) which offers unmetered b/w, but I’ve heard bad things about the network. I’ll do some testing this weekend on whether or not I can get the full 150Mb/s link.
On Nov 27, 2014, at 5:39 PM, Libertas <libertas@mykolab.com mailto:libertas@mykolab.com> wrote:
On 11/25/2014 02:29 PM, Syrup-tan wrote:
The colocation isn’t cheap to say the least, and it only gives 5TB/month unless we want to pay more per month;
This may the largest logistical problem I've encountered when looking for dedicated servers intended to be exit nodes. For most providers, even expensive and powerful servers (16+ GB of RAM, 8+ cores) will come with 2-10 TB of monthly bandwidth. Because much cheaper servers can saturate a 100 Mbps link (IIRC) and thereby greatly exceed those limits, buying such packages just doesn't make sense. The additional bandwidth prices are usually strangely high, too. The pricing is often progressive - each additional terabyte costs more than the last.
If anyone knows of a good way of finding high-bandwidth budget dedicated servers (a search term or a list of providers, for example), please share. I expected there to be more of a market for this kind of thing than I've found.
tor-relays mailing list tor-relays@lists.torproject.org mailto:tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
sorry was https://www.rokabear.com/ not roku -Jason
On 11/28/2014 01:56 AM, jason@icetor.is wrote:
Someone may wish to look into Rokubear, I remember them being mentioned as Tor Exit friendly a few years back. -Jason
On 11/28/2014 01:54 AM, Syrup-tan wrote:
Turns out the colocation costs $672/year for the network, and another $780/year for power, so I don’t think Voxility is very feasible for an exit node without bargaining with them.
If anyone knows of a good way of finding high-bandwidth budget dedicated servers (a search term or a list of providers, for example), please share. I expected there to be more of a market for this kind of thing than I've found.
I recently rented a dedi from Online.net http://Online.net (http://www.online.net/en/dedicated-server/dedibox-xc) which offers unmetered b/w, but I’ve heard bad things about the network. I’ll do some testing this weekend on whether or not I can get the full 150Mb/s link.
On Nov 27, 2014, at 5:39 PM, Libertas <libertas@mykolab.com mailto:libertas@mykolab.com> wrote:
On 11/25/2014 02:29 PM, Syrup-tan wrote:
The colocation isn’t cheap to say the least, and it only gives 5TB/month unless we want to pay more per month;
This may the largest logistical problem I've encountered when looking for dedicated servers intended to be exit nodes. For most providers, even expensive and powerful servers (16+ GB of RAM, 8+ cores) will come with 2-10 TB of monthly bandwidth. Because much cheaper servers can saturate a 100 Mbps link (IIRC) and thereby greatly exceed those limits, buying such packages just doesn't make sense. The additional bandwidth prices are usually strangely high, too. The pricing is often progressive - each additional terabyte costs more than the last.
If anyone knows of a good way of finding high-bandwidth budget dedicated servers (a search term or a list of providers, for example), please share. I expected there to be more of a market for this kind of thing than I've found.
tor-relays mailing list tor-relays@lists.torproject.org mailto:tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
They don't seem to be offering a lot of servers right now... https://clients.rokabear.com/cart.php?gid=3
niklas
On 28/11/2014 02:56, jason@icetor.is wrote:
Someone may wish to look into Rokubear, I remember them being mentioned as Tor Exit friendly a few years back. -Jason
On 11/28/2014 01:54 AM, Syrup-tan wrote:
Turns out the colocation costs $672/year for the network, and another $780/year for power, so I don’t think Voxility is very feasible for an exit node without bargaining with them.
If anyone knows of a good way of finding high-bandwidth budget dedicated servers (a search term or a list of providers, for example), please share. I expected there to be more of a market for this kind of thing than I've found.
I recently rented a dedi from Online.net http://Online.net (http://www.online.net/en/dedicated-server/dedibox-xc) which offers unmetered b/w, but I’ve heard bad things about the network. I’ll do some testing this weekend on whether or not I can get the full 150Mb/s link.
On Nov 27, 2014, at 5:39 PM, Libertas <libertas@mykolab.com mailto:libertas@mykolab.com> wrote:
On 11/25/2014 02:29 PM, Syrup-tan wrote:
The colocation isn’t cheap to say the least, and it only gives 5TB/month unless we want to pay more per month;
This may the largest logistical problem I've encountered when looking for dedicated servers intended to be exit nodes. For most providers, even expensive and powerful servers (16+ GB of RAM, 8+ cores) will come with 2-10 TB of monthly bandwidth. Because much cheaper servers can saturate a 100 Mbps link (IIRC) and thereby greatly exceed those limits, buying such packages just doesn't make sense. The additional bandwidth prices are usually strangely high, too. The pricing is often progressive - each additional terabyte costs more than the last.
If anyone knows of a good way of finding high-bandwidth budget dedicated servers (a search term or a list of providers, for example), please share. I expected there to be more of a market for this kind of thing than I've found.
tor-relays mailing list tor-relays@lists.torproject.org mailto:tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
On 28/11/2014 02:54, Syrup-tan wrote:
Turns out the colocation costs $672/year for the network, and another $780/year for power, so I don’t think Voxility is very feasible for an exit node without bargaining with them.
This isn't all that expensive for colo; it's just not on the bargain end either. Very few providers are able to offer high bandwidths at forgettable cost. And colocation is not very price-efficient if you're looking to house a single midrange server - providers buy their dedicated servers in bulk, count on reselling old hosts and have less management overhead with their homogenous infrastructure, and those cost savings trickle down to their customers.
If anyone knows of a good way of finding high-bandwidth budget dedicated servers (a search term or a list of providers, for example), please share. I expected there to be more of a market for this kind of thing than I've found.
I recently rented a dedi from Online.net http://Online.net (http://www.online.net/en/dedicated-server/dedibox-xc) which offers unmetered b/w, but I’ve heard bad things about the network. I’ll do some testing this weekend on whether or not I can get the full 150Mb/s link.
Online S.A.S. used to have a poor network, but they recently (some months ago, I think) got a new datacenter that seems to fare much better; this is also when they stopped restricting Tor nodes in their ToS. I'm speculating that any reports of poor network performance since then are from customers on their cheapest servers, which are equipped with VIA Nano CPUs and probably aren't able to sustain high network throughput in many cases.
That said, Online's network has several dozen Tor relays already (including mine, admittedly), more than any other network. Yet they have stated they do not like Tor (see the GoodBadISPs page) and if you run an exit they will kick you for receiving too many abuse complaints.
On Nov 27, 2014, at 5:39 PM, Libertas <libertas@mykolab.com mailto:libertas@mykolab.com> wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
On 11/25/2014 02:29 PM, Syrup-tan wrote:
The colocation isn’t cheap to say the least, and it only gives 5TB/month unless we want to pay more per month;
This may the largest logistical problem I've encountered when looking for dedicated servers intended to be exit nodes. For most providers, even expensive and powerful servers (16+ GB of RAM, 8+ cores) will come with 2-10 TB of monthly bandwidth. Because much cheaper servers can saturate a 100 Mbps link (IIRC) and thereby greatly exceed those limits, buying such packages just doesn't make sense. The additional bandwidth prices are usually strangely high, too. The pricing is often progressive - each additional terabyte costs more than the last.
If anyone knows of a good way of finding high-bandwidth budget dedicated servers (a search term or a list of providers, for example), please share. I expected there to be more of a market for this kind of thing than I've found. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQIcBAEBCAAGBQJUd9JIAAoJELxHvGCsI27NrXkQAJrXBrP7gdtQAyU0s7qukHaA I2armmeyEkPMWYwPWlH3MAONgqthM8HhvClf1bgRcVF+EmkGoX8bWxQFB3Lmafq/ ewbdKqnFa1m3KXUOZ1qZCJFPUP/8dBgpRbaWvwB5qUzKxXkdsDm/aaRuoGnu0NHr KhiCoslwJ5AhbB0p2JSz/lrKBL08wRHzlcBr4BWTNff5UMkXh3A+P3XJ8+yaGka2 tLP1IAvP5H/PIUv/Mvw+l+5OWgUZcmDjKOkq/F1rFpJaEaYW9ZJ2dYXzlEUdUWWy u4LpT5K8DolfdxtTjznMydqG/48WBLoYBygJwXe7uHUkj0vz/5l0VTu9EDO1ihAo FdjMO34GYUoXmiFj9J0Nq51JGs6HAtXOy3c+0+AcX0b21X5JpZ/Bq2qbjqxwMDOU oWGSdAyHdZVap6tT2w/WQOularC1A13QdLJodQkehYFLKfZJjQmsI9uCGqWvZXSi 2kI9NNshxXZ8ZZ/iPkUV+F2kka5HMoaLfc+IPrR6aUFzOigrsJrG69qwOxYmworu VQ9YW6rkKhKVhob9AAsuvyCC/pHCJRIaoJMyQ/jmSY8gjOOoZVJhPGzjuyQTCl5y eUyRmDmpxJv8xzRG0TdW3+x9nD0E77pzlwiNUnz3P9OY0hLXuWIAQTuBb/7dw5p3 5AZhkQ+qziv/sHIXjjuo =41yu -----END PGP SIGNATURE----- _______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org mailto:tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
On Thursday, November 27, 2014 8:39pm, "Libertas" libertas@mykolab.com said: [snip]
If anyone knows of a good way of finding high-bandwidth budget dedicated servers (a search term or a list of providers, for example), please share. I expected there to be more of a market for this kind of thing than I've found.
How many instances could this run?
Intel E3-1240 Dedicated Server Special
Server Location: Buffalo USA Processor: Intel Xeon E3-1240 V2 3.40 GHz HDD: 500GB 7200RPM RAM: 16GB DDR3 Bandwidth: 10TB Monthly Traffic IP: /29 Port Speed: 1Gbit
Price: $119/Month Sale Price: $59/month
Robert
10TB/month is 30Mbit/s. You will have reached those 10TBs long before coming close to maxing out a single CPU core. I'd estimate that a single E3-1240 CPU core can deliver between 150Mbit/s and 250Mbit/s.
The specs on that server are fine, it's just not a lot of bandwidth.
Tom
I schreef op 28/11/14 om 23:40:
How many instances could this run?
Intel E3-1240 Dedicated Server Special
Server Location: Buffalo USA Processor: Intel Xeon E3-1240 V2 3.40 GHz HDD: 500GB 7200RPM RAM: 16GB DDR3 Bandwidth: 10TB Monthly Traffic IP: /29 Port Speed: 1Gbit
Price: $119/Month Sale Price: $59/month
Robert
tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
On 11/28/2014 11:50 PM, Tom van der Woerdt wrote:
10TB/month is 30Mbit/s. You will have reached those 10TBs long before coming close to maxing out a single CPU core. I'd estimate that a single E3-1240 CPU core can deliver between 150Mbit/s and 250Mbit/s.
The specs on that server are fine, it's just not a lot of bandwidth.
Tom
right - OTOH currently just 50% of the advertised bandwidth is really used by the tor network (at least at my exit relay) so 30 MBit/s is ok, or ?
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
That hardware is serious overkill for 10 TB/month, as others have mentioned. That sale price is a great deal, though, and the really high CPU clock rate will make the latency really low assuming the network connection is fast.
It might be a good move if the sale price lasts a while. If you'd have to switch up to the list price eventually and you aren't planning on paying for far more than 10 TB/mo, though, I'd suggest looking for much cheaper hardware.
On 11/28/2014 05:40 PM, I wrote:
How many instances could this run?
Intel E3-1240 Dedicated Server Special
Server Location: Buffalo USA Processor: Intel Xeon E3-1240 V2 3.40 GHz HDD: 500GB 7200RPM RAM: 16GB DDR3 Bandwidth: 10TB Monthly Traffic IP: /29 Port Speed: 1Gbit
Price: $119/Month Sale Price: $59/month
Robert
_______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
On 11/28/2014 11:40 PM, I wrote:
How many instances could this run?
Intel E3-1240 Dedicated Server Special
Server Location: Buffalo USA Processor: Intel Xeon E3-1240 V2 3.40 GHz HDD: 500GB 7200RPM RAM: 16GB DDR3 Bandwidth: 10TB Monthly Traffic IP: /29 Port Speed: 1Gbit
fully overpowered ;-)
I do own a dedicated 4-core (+ 4 cores with hyper threading) system, and just 1 processor is used at 10 % at lowest available cpu frequency level (1.6 GHz) for a band width of 30 MBit/s.
On 11/22/14 1:08 AM, SiNA Rabbani wrote:
Dear Relay Operators,
I noticed there are very few US based exit nodes in the network. And more and more people are jumping on the same set of AS numbers in Europe.
For who want to taste unusual place Tor Exit: https://www.exoticvps.com/
Send a postcard from your Tor Relay in Libya, Nepal, Uzbekistan, Cyprus, Papua New Guinea, Belarus, Liechteinstein, Dominican Republic, Jersey, Vietnam, Moldova, Kazakhstan, Cambodia, Lebanon, Panama, Saudi Arabia, San Marino, Malta, Slovakia, Oman, Bermuda, Jamaica ;P
-naif
tor-relays@lists.torproject.org
-
Chuck Peters -
Fabio Pietrosanti - lists -
I -
jason@icetor.is -
Libertas -
Mirimir -
Moritz Bartl -
Niklas Kielblock -
s7r -
Seth -
SiNA Rabbani -
Steve Snyder -
Syrup-tan -
Tom van der Woerdt -
Toralf Förster -
usprey -
ZEROF