[tor-dev] Call for a big fast bridge (to be the meek backend)
David Fifield
david at bamsoftware.com
Thu Sep 25 05:41:17 UTC 2014
On Mon, Sep 15, 2014 at 07:12:23PM -0700, David Fifield wrote:
> The meek pluggable transport is currently running on the bridge I run,
> which also happens to be the backend bridge for flash proxy. I'd like to
> move it to a fast relay run by an experienced operator. I want to do
> this both to diffuse trust, so that I don't run all the infrastructure,
> and because my bridge is not especially fast and I'm not especially
> adept at performance tuning.
>
> All you will need to do is run the meek-server program, add some lines
> to your torrc, and update the software when I ask you to. The more CPU,
> memory, and bandwidth you have, the better, though at this point usage
> is low enough that you won't even notice it if you are already running a
> fast relay. I think it will help if your bridge is located in the U.S.,
> because that reduces latency from Google App Engine.
>
> The meek-server plugin is basically just a little web server:
> https://gitweb.torproject.org/pluggable-transports/meek.git/tree/HEAD:/meek-server
A couple of other requirements have shown themselves in helping set up a
meek-server relay.
The first is that it has to be a 0.2.5.x version of tor. This is so that
the ExtORPort option will be supported. The ExtORPort option is needed
in order to collect statistics on pluggable transports (see #4773). One
of the lines you will have to add to torrc is:
ExtORPort auto
If your tor does not support the option, you will see in the log:
[warn] Failed to parse/validate config: Unknown option 'ExtORPort'. Failing.
The second requirement is that the relay needs to have either
BridgeRelay or DirPort set. If neither of these options is set, the
relay will not be a directory cache, and clients will not be able to
bootstrap past "20%: Asking for networkstatus consensus." As I
understand it, #12538 will make it so that every relay is a directory
cache, but it is not committed yet.
I'll check back privately with the people who offered to run a relay and
check if setting these options is okay.
David Fifield
More information about the tor-dev
mailing list