[tor-dev] Using routers as bridges

Runa A. Sandvik runa.sandvik at gmail.com
Thu Jul 14 12:22:11 UTC 2011

On Thu, Jul 14, 2011 at 1:03 PM, Rob van der Hoeven
<robvanderhoeven at ziggo.nl> wrote:
> Hi folks,


> Bridges serve as "unknown" entry points to the TOR network. For this,
> part of the TOR network nodes are reserved and unlisted. This is not
> good for the performance of the network, and because the network is
> relatively small i think the unlisted-nodes strategy will only be a
> short term solution.

Roger wrote a good blog post about strategies for getting more bridge
addresses: https://blog.torproject.org/blog/strategies-getting-more-bridge-addresses
(you may have seen this already, it was written three months ago).

> At the moment i'm working on my own FreedomBox. From this work i got the
> following idea: Why not use the DNAT function of a router to forward TOR
> traffic to a TOR node? This way you don't need unlisted nodes anymore. A
> router-bridge does not have to be a full TOR node....
> Unfortunately the standard DNAT functionality of most routers only
> support DNAT from the internet to internal addresses. So you need
> modified firmware to make this work. Maybe a (slightly modified?)
> version of OpenWRT will work.

Have you heard about the Torouter project? We are currently working on
two versions; the DreamPlug for technical users who don't mind doing
some hacking on their own, and the Excito B3 for non-tech users. We
have documented the project here:
https://trac.torproject.org/projects/tor/wiki/doc/Torouter - Maybe
this is something you'd like to help with?

> Router-bridges have a second advantage over real TOR nodes. They can be
> easily moved. If a router-bridge gets blocked, you can simply give the
> router-bridge to a friend.

You could also just change the IP address of the Tor relay (probably
easier to do if it's a VPS than if you have it at home).

Runa A. Sandvik

More information about the tor-dev mailing list