[tor-bugs] #26891 [Obfuscation/meek]: Problem running meek server without CDN, stuck at Performing bandwidth self-test...done

Tor Bug Tracker & Wiki blackhole at torproject.org
Fri Jul 20 16:40:08 UTC 2018 

#26891: Problem running meek server without CDN, stuck at Performing bandwidth
self-test...done
----------------------------------+-------------------------
     Reporter:  weiruo            |      Owner:  dcf
         Type:  enhancement       |     Status:  new
     Priority:  Medium            |  Milestone:
    Component:  Obfuscation/meek  |    Version:
     Severity:  Normal            |   Keywords:  meek server
Actual Points:                    |  Parent ID:
       Points:                    |   Reviewer:
      Sponsor:                    |
----------------------------------+-------------------------
 **I am trying to run a meek server, and this is what I have done for the
 test:**

 I have a domain (for example, call it example.com) and I manually applied
 for Let's Encrypt SSL certificate, so I can visit the website through
 https://example.com.

 **Here is the torrc:**

 BridgeRelay 1
 ORPort 9001
 ExtORPort auto
 SocksPort 0
 ExitPolicy reject *:*

 ServerTransportListenAddr meek 0.0.0.0:443

 ServerTransportPlugin meek exec /usr/local/bin/meek-server --cert
 /etc/letsencrypt/live/example.com/fullchain.pem --key
 /etc/letsencrypt/live/example.com/privkey.pem --log /var/log/tor/meek-
 server.log

 **However, when I enter "tor -f torrc", it stuck here:**
 Jul 20 15:29:53.566 [notice] Tor 0.3.2.10 (git-0edaa32732ec8930) running
 on Linux with Libevent 2.1.8-stable, OpenSSL 1.0.2g, Zlib 1.2.11, Liblzma
 5.2.2, and Libzstd 1.3.1.
 Jul 20 15:29:53.567 [notice] Tor can't help you if you use it wrong! Learn
 how to be safe at https://www.torproject.org/download/download#warning
 Jul 20 15:29:53.567 [notice] Read configuration file "/xxx/torrc".
 Jul 20 15:29:53.574 [notice] Your ContactInfo config option is not set.
 Please consider setting it, so we can contact you if your server is
 misconfigured or something else goes wrong.
 Jul 20 15:29:53.574 [notice] Based on detected system memory,
 MaxMemInQueues is set to 739 MB. You can override this by setting
 MaxMemInQueues by hand.
 Jul 20 15:29:53.576 [notice] Scheduler type KIST has been enabled.
 Jul 20 15:29:53.576 [notice] Opening OR listener on 0.0.0.0:9001
 Jul 20 15:29:53.576 [notice] Opening Extended OR listener on 127.0.0.1:0
 Jul 20 15:29:53.577 [notice] Extended OR listener listening on port 40651.
 Jul 20 15:29:54.000 [warn] Failed to open GEOIP file /usr/share/tor/geoip.
 We've been configured to see which countries can access us as a bridge,
 and we need GEOIP information to tell which countries clients are in. Do
 you have the tor-geoipdb package installed?
 Jul 20 15:29:54.000 [warn] Failed to open GEOIP file
 /usr/share/tor/geoip6.  We've been configured to see which countries can
 access us as a bridge, and we need GEOIP information to tell which
 countries clients are in. Do you have the tor-geoipdb package installed?
 Jul 20 15:29:54.000 [notice] Configured to measure directory request
 statistics, but no GeoIP database found. Please specify a GeoIP database
 using the GeoIPFile option.
 Jul 20 15:29:54.000 [warn] You are running Tor as root. You don't need to,
 and you probably shouldn't.
 Jul 20 15:29:56.000 [notice] Your Tor server's identity key fingerprint is
 'Unnamed E8094BFxxxxxxxxxx5C1E'
 Jul 20 15:29:56.000 [notice] Your Tor bridge's hashed identity key
 fingerprint is 'Unnamed BBAA6xxxxxxxxxAA811B'
 Jul 20 15:29:56.000 [notice] Bootstrapped 0%: Starting
 Jul 20 15:30:03.000 [notice] Starting with guard context "default"
 Jul 20 15:30:03.000 [notice] Bootstrapped 80%: Connecting to the Tor
 network
 Jul 20 15:30:03.000 [notice] Bootstrapped 85%: Finishing handshake with
 first hop
 Jul 20 15:30:04.000 [warn] Server managed proxy encountered a method
 error. (meek listen tcp 0.0.0.0:443: bind: address already in use)
 Jul 20 15:30:04.000 [warn] Managed proxy at '/usr/local/bin/meek-server'
 failed the configuration protocol and will be destroyed.
 Jul 20 15:30:04.000 [notice] Bootstrapped 90%: Establishing a Tor circuit
 Jul 20 15:30:06.000 [notice] Tor has successfully opened a circuit. Looks
 like client functionality is working.
 Jul 20 15:30:06.000 [notice] Bootstrapped 100%: Done
 Jul 20 15:30:06.000 [notice] Now checking whether ORPort
 45.xxx.xxx.xxx:9001 is reachable... (this may take up to 20 minutes --
 look for log messages indicating success)
 Jul 20 15:30:09.000 [notice] Self-testing indicates your ORPort is
 reachable from the outside. Excellent. Publishing server descriptor.
 Jul 20 15:31:14.000 [notice] Your network connection speed appears to have
 changed. Resetting timeout to 60s after 18 timeouts and 442 buildtimes.
 Jul 20 15:31:20.000 [notice] Performing bandwidth self-test...done.

 **And then it has no output and seems not working. Besides the above one,
 once I also got the output:**

 ...
 Jul 20 08:24:27.000 [notice] Performing bandwidth self-test...done.
 Jul 20 09:23:17.000 [notice] No circuits are opened. Relaxed timeout for
 circuit 30 (a Measuring circuit timeout 3-hop circuit in state doing
 handshakes with channel state open) to 60000ms. However, it appears the
 circuit has timed out anyway.

 **What's wrong with my steps in setting the meek server? What should I do
 next to set up a meek server, either for use or for test?
 Must I use CDN to domain fronting it?**
 By the way, is it possible to use meek without domain fronting if the
 domain has not been filtered?
 May be I misunderstood something in
 https://trac.torproject.org/projects/tor/wiki/doc/meek#Howtorunameek-
 serverbridge and meek's README and I am sorry for that.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/26891>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list