[tor-relays] How to diagnose lack of traffic on bridge?

Ondrej Mikle ondrej.mikle at gmail.com
Fri Oct 26 22:17:08 UTC 2012


On 10/25/2012 10:33 PM, Steve Snyder wrote:
> I have a bridge that gets no traffic.  I don't mean "hardly any" traffic; I mean none.
> 
> The contents of bridge-stats are always empty except for the date, which advances once per day.  In the state file the last date, apart from daily accounting entries, is a EntryGuardAddedBy entry from 09 Sep 2012.  Yeah, that's six weeks ago.
> 
> The log file contains only a weekly notice of log file rotation and a daily notice of bandwidth self-test.  I never see errors or even warnings in the log.
> 
> My bridge is not unstable.  It has been running continuously for the last 25 days, which is pretty typical for this bridge.
> 
> I understand that bridges can be identified and their IP addresses blocked.  But I am not lacking traffic just from China, or just from Iran, or just from any other entity.  It doesn't seem likely that my IP address has been blacklisted by *everybody*.

Does the "Heartbeat" in tor.log say anything about circuits seen?

Also, there is an option called ExitPortStatistics which you can turn on (by
default it's off). Linus Nordberg said there was a bug which should be fixed
since 0.2.4.4 with the client statistics (not sure if it's implemented in
0.2.2.x and 0.2.3.x).

I don't know if there is a simpler way to check it, but it can be done over Tor
control port (or control socket). First you'll need the content of control
cookie in hex to be able to connect (depends on what authentication is set in
torrc, but cookie default I think), for example using this:

$ xxd -c 256 -ps /var/run/tor/control.authcookie
000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f

Then connect to control port (by default 9051) using netcat:

$ nc localhost 9051

Write these two commands to see the stats (bridge needs to be running for at
least 24 hours to get a meaningful value), the string after AUTHENTHICATE is the
cookie from above:

AUTHENTHICATE 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f
GETINFO status/clients-seen

The output should look something like this if it worked:

AUTHENTHICATE 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f
250 OK
GETINFO status/clients-seen
250-status/clients-seen=TimeStarted="2012-10-19 21:24:18"
CountrySummary=cn=16,??=8,ca=8,fr=8,ir=8,nl=8,sy=8,tw=8,us=8 IPVersions=v4=8,v6=40
250 OK

Somebody said on the #tor-dev channel that "bridges tend to get forgotten",
which I am not sure what it meant. Maybe they get handed out less?

Ondrej

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 490 bytes
Desc: OpenPGP digital signature
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20121027/a4067ebf/attachment.pgp>


More information about the tor-relays mailing list