Hi, I have a bridge running and since my ISP is changing my IP at least daily, I thought it might be a good idea to set my DynDNS in the torrc file. Is it a good idea? How do I set that? Thank you. Sina
Hi Sina,
I have a bridge running and since my ISP is changing my IP at least daily, I thought it might be a good idea to set my DynDNS in the torrc file. Is it a good idea? How do I set that?
After you setup your dyndns account, you add Address name.dyndnsdomainname.tld in your torrc, replacing the address name with the hostname, you have chosen in your DynDNS account settings. For the IP <-> dyndns domain name update/resolution you install and configure one of the DynDNS update clients. I'm using ddclient under Ubuntu*. Runa told me some time ago, that it is not possible, to combine your bridge with obfsproxy. *https://help.ubuntu.com/community/DynamicDNS -- Ciao Kai
Hi Kai, thanks for your reply.
After you setup your dyndns account, you add Address name.dyndnsdomainname.tld in your torrc, replacing the address name with the hostname, you have chosen in your DynDNS account settings.
Okay. What about OutboundBindAdress, does that have to be set?
For the IP <-> dyndns domain name update/resolution you install and configure one of the DynDNS update clients. I'm using ddclient under Ubuntu*.
I have this already setup with dd-wrt, so no problem there. Thanks, Sina
On 05/03/13 19:40, Sina Eetezadi wrote:
Hi Kai,
thanks for your reply.
After you setup your dyndns account, you add Address name.dyndnsdomainname.tld in your torrc, replacing the address name with the hostname, you have chosen in your DynDNS account settings. Okay. What about OutboundBindAdress, does that have to be set? You should only need to set OutboundBindAddress if the system running tor has more than one public IP address and the one you want tor to use is not the primary IP address of your outbound network interface as that will be the address your operating system will use by default.
The answer is more likely no if your IP is dynamic to be honest, generally multiple IP's would be something ISP's would normally set up statically, and for an additional price.
For the IP <-> dyndns domain name update/resolution you install and configure one of the DynDNS update clients. I'm using ddclient under Ubuntu*. I have this already setup with dd-wrt, so no problem there.
Thanks,
Sina
_______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Simply download DynDNS or No-IP, make sure it works, and set your subdomain/domain-name in the torrc file. On Tue, Mar 5, 2013 at 12:31 PM, Sina Eetezadi <sina.eetezadi@gmail.com>wrote:
Hi,
I have a bridge running and since my ISP is changing my IP at least daily, I thought it might be a good idea to set my DynDNS in the torrc file. Is it a good idea? How do I set that?
Thank you.
Sina _______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
So I did that. To my surprise Vidalia shows still my IP adress, as the URL to be shared. Does that mean also the other distribution mechanisms use my ip? Since it is constantly changing that would kinda contradict the use of DynDNS. My idea was precisely to use DynDNS so that users who have my bridge in their config can use it for a long time. Thank you for clarification.
Simply download DynDNS or No-IP, make sure it works, and set your subdomain/domain-name in the torrc file.
On Tue, Mar 5, 2013 at 12:31 PM, Sina Eetezadi <sina.eetezadi@gmail.com <mailto:sina.eetezadi@gmail.com>> wrote:
Hi,
I have a bridge running and since my ISP is changing my IP at least daily, I thought it might be a good idea to set my DynDNS in the torrc file. Is it a good idea? How do I set that?
Thank you.
Sina _______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org <mailto:tor-relays@lists.torproject.org> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
_______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Unfortunately the directories do use IP addresses not hostnames, this does mean there is a small time lag between a change and the new IP becoming available to clients but that would not in fact be eliminated by DynDNS either, it's quite easy to see why when you think of the process that has to happen for a DynDNS update to reach an end user: 1. Your local update software has to notice that your IP has changed, generally a check happens ever few minutes (Around 5 mins mostly). 2. Update client pushes update to DynDNS servers over HTTP. 3. Scripting on the DynDNS server runs an update on the authoritative DNS server which then updates the Master zonefile. 4. Secondary authoritative DNS servers run their regular update job to pull changes from the master. 5. DNS caches around the world need to have their TTL timer run to 0, until this happens they continue to serve the old data from the caches. Only after 5 happens do the caching servers finally stop using the old information and request the data from the Master and Slave DNS servers, someone here can perhaps explain the process of a similar update with the bridge directory but I suspect the timeframe for it to happen could potentially be similar the main relay directory is almost certainly slower because the consensus is only built once per hour but bridges are listed separately. The unfortunate fact is a change of IP address is disruptive to clients there is no obvious means to eliminate the problem either, this is why dynamic IP addresses are not ideal for any kind of server. Any system attempting to maintain connectivity for a dynamic server always has to make tradeoffs the main one between bandwidth/CPU and downtime for each change event because the faster clients poll for updated information the harder the hit on the central server. If you really want to avoid this one option is to minimize the frequency of the change by keeping your internet connected your IP will only change if you disconnect from the internet and stop sending DHCP renews to your ISP server, depending how sticky your address is it can be possible to keep an IP for a long time, my dynamic IP was assigned after the last time I had an internet outage back in October last year for example and has been renewed every hour since. As for a complete solution the only option is to get a static IP address for that you need to contact your service provider most can provide the service on request typically for a nominal charge (£1-2 per month per address or similar). Almost certainly the provider will be able to do it if they also provide business services sometimes pure residential providers can't or more accurately refuse to do so (Any DHCP server capable of managing effectively the pool of a normal ISP can have reserved addresses configured if the provider wished to provide the service) mine is unfortunately in this camp which is why I get left with the keep it as long as possible option. I can't help to wonder as to their logic half the time it hardly conserves addresses when it changes at most once or twice a year anyway, or they could choose to get paid every month for the one off act of having some trainee tech write a line of text in a config file once. On 06/03/13 05:09, Sina Eetezadi wrote:
So I did that. To my surprise Vidalia shows still my IP adress, as the URL to be shared. Does that mean also the other distribution mechanisms use my ip? Since it is constantly changing that would kinda contradict the use of DynDNS. My idea was precisely to use DynDNS so that users who have my bridge in their config can use it for a long time.
Thank you for clarification.
Simply download DynDNS or No-IP, make sure it works, and set your subdomain/domain-name in the torrc file.
On Tue, Mar 5, 2013 at 12:31 PM, Sina Eetezadi <sina.eetezadi@gmail.com <mailto:sina.eetezadi@gmail.com>> wrote:
Hi,
I have a bridge running and since my ISP is changing my IP at least daily, I thought it might be a good idea to set my DynDNS in the torrc file. Is it a good idea? How do I set that?
Thank you.
Sina _______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org <mailto:tor-relays@lists.torproject.org> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
_______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
_______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
I get the whole system and certainly for a middle or exit relay the ip address is the one to work with. For a birdge however I thought differently, because I thought that if someone gets my bridge adress then he will put it into his config file. Now if my ip adress changes, again that entry in the config file is invalid, even though my bridge is running. Or simple, since bridges are not dynamically updated I thought using DynDNS would make sense. ------- Original message -------
From: Matt Joyce <toradmin@mttjocy.co.uk> To: tor-relays@lists.torproject.org Sent: 6.3.'13, 1:15
Unfortunately the directories do use IP addresses not hostnames, this does mean there is a small time lag between a change and the new IP becoming available to clients but that would not in fact be eliminated by DynDNS either, it's quite easy to see why when you think of the process that has to happen for a DynDNS update to reach an end user:
1. Your local update software has to notice that your IP has changed, generally a check happens ever few minutes (Around 5 mins mostly). 2. Update client pushes update to DynDNS servers over HTTP. 3. Scripting on the DynDNS server runs an update on the authoritative DNS server which then updates the Master zonefile. 4. Secondary authoritative DNS servers run their regular update job to pull changes from the master. 5. DNS caches around the world need to have their TTL timer run to 0, until this happens they continue to serve the old data from the caches.
Only after 5 happens do the caching servers finally stop using the old information and request the data from the Master and Slave DNS servers, someone here can perhaps explain the process of a similar update with the bridge directory but I suspect the timeframe for it to happen could potentially be similar the main relay directory is almost certainly slower because the consensus is only built once per hour but bridges are listed separately.
The unfortunate fact is a change of IP address is disruptive to clients there is no obvious means to eliminate the problem either, this is why dynamic IP addresses are not ideal for any kind of server. Any system attempting to maintain connectivity for a dynamic server always has to make tradeoffs the main one between bandwidth/CPU and downtime for each change event because the faster clients poll for updated information the harder the hit on the central server. If you really want to avoid this one option is to minimize the frequency of the change by keeping your internet connected your IP will only change if you disconnect from the internet and stop sending DHCP renews to your ISP server, depending how sticky your address is it can be possible to keep an IP for a long time, my dynamic IP was assigned after the last time I had an internet outage back in October last year for example and has been renewed every hour since.
As for a complete solution the only option is to get a static IP address for that you need to contact your service provider most can provide the service on request typically for a nominal charge (£1-2 per month per address or similar). Almost certainly the provider will be able to do it if they also provide business services sometimes pure residential providers can't or more accurately refuse to do so (Any DHCP server capable of managing effectively the pool of a normal ISP can have reserved addresses configured if the provider wished to provide the service) mine is unfortunately in this camp which is why I get left with the keep it as long as possible option. I can't help to wonder as to their logic half the time it hardly conserves addresses when it changes at most once or twice a year anyway, or they could choose to get paid every month for the one off act of having some trainee tech write a line of text in a config file once.
On 06/03/13 05:09, Sina Eetezadi wrote:
So I did that. To my surprise Vidalia shows still my IP adress, as the URL to be shared. Does that mean also the other distribution mechanisms use my ip? Since it is constantly changing that would kinda contradict the use of DynDNS. My idea was precisely to use DynDNS so that users who have my bridge in their config can use it for a long time.
Thank you for clarification.
Simply download DynDNS or No-IP, make sure it works, and set your subdomain/domain-name in the torrc file.
On Tue, Mar 5, 2013 at 12:31 PM, Sina Eetezadi <sina.eetezadi@gmail.com <mailto:sina.eetezadi@gmail.com>> wrote:
Hi,
I have a bridge running and since my ISP is changing my IP at least daily, I thought it might be a good idea to set my DynDNS in the torrc file. Is it a good idea? How do I set that?
Thank you.
Sina _______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org <mailto:tor-relays@lists.torproject.org> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
_______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
_______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
On Wed, Mar 6, 2013, at 05:09 AM, Sina Eetezadi wrote:
So I did that. To my surprise Vidalia shows still my IP adress, as the URL to be shared. Does that mean also the other distribution mechanisms use my ip? Since it is constantly changing that would kinda contradict the use of DynDNS. My idea was precisely to use DynDNS so that users who have my bridge in their config can use it for a long time.
Thank you for clarification.
If users could look up your bridge IP as it changes, so could the people trying to block it. GD -- http://www.fastmail.fm - Access your email from home and the web
participants (5)
-
Bill Ding -
Geoff Down -
Matt Joyce -
ml@kairaven.de -
Sina Eetezadi