[tor-relays] Planning a relay

thomaswhite at riseup.net thomaswhite at riseup.net
Fri Dec 5 23:05:18 UTC 2014


Is it possible that your relay can be online for those 22-25 days 
straight and then hibernate for the rest of the month instead, or must 
it be the case of every few days? If it could be online for that period 
as a single block that would be far better.

Also you are correct on the physical safety of the device, which is why 
running it at home or in a secure environment (ie a good datacenter) is 
the best approach. However, physical and even server security isn't the 
threat to anonymity, the intelligence agencies can gather almost as much 
information from tapping the backbone cables and IXP's as they would 
running their own or hijacking yours. Generally datacenters are 
recommended rather than running it at home as it is usually cheaper, 
lower risk of your door being busted down (of which I have experience in 
being the target of raids) and it more stable.

I would not at all recommend you use a VPN to route your relay traffic 
through as this merely passes the burden onto somebody else who may not 
be entirely comfortable with you doing this without asking in advance. 
Furthermore, it offers no more security to the circuits your relay is a 
part of and I would argue it could actually hurt anonymity since you are 
giving a third party access to the traffic information of your server.

Also, Tor Project only really recommends bridges be run in the Amazon 
cloud due to the small deployment and low cost, with the IP included in 
that and for bridges the IP is the real resource as opposed to disk 
space, bandwidth or CPU power. Therefore it enables lots of new bridges 
to be brought online easily, cheaply and without the complications or 
additional considerations that would be required in bringing online an 
exit relay for example.

-T

On 2014-12-05 22:13, TT wrote:
>> >"I guess the first question should be whether such a relay would be welcome on the Tor network in the first place? I am aware that connecting to Tor through a VPN isn't generally recommended, but what about running a relay through one? Better idea, or a ridiculously bad one?"
>> It isn't a better idea, certainly; but it isn't so bad as to throw it 
>> out entirely. Since all non-exit communications are encrypted, there 
>> wouldn't be any huge "no-nos" as far as that is concerned.
>> 
>> However, with an exit node, (some) communications aren't encrypted. It 
>> really boils down to whether or not you trust your provider. However, 
>> the same can be said with a VPS provider! I would not be concerned 
>> about it; please add your relay to the network.
>> 
>> >"Second, while it would run on a (nearly) dedicated 100mbit connection, i do not have dedicated equipment. The machine needs to be taken offline between every 2-4 weeks, for some days at a time. Frequent OS updates also often require reboots in addition to this downtime. So much for a stable flag, but more importantly i need to know if this behavior is undesirable for running middle/exit relays? If so, would a bridge be better suitable with the tools i have at hand?"
>> 
>> The main reason we strive for stable, rock-solid relays is for 
>> connectivity. If you have ever used SSH/IRC via Tor, you know how 
>> annoying it is when you get disconnected. This is likely because one 
>> of the 3 relays went offline. I would say a machine that goes offline 
>> every 2-4 days would be beyond acceptable; but one that goes offline 
>> every few hours is ridiculous. Just keep in mind that everytime you 
>> shut down your system, you close a lot of folk's connections, and some 
>> software wasn't made to handle that without it being a pain in the ass 
>> (ie PuTTY; you'll have to retype your password).
>> 
>> You shouldn't have to power off that often. If so, consider 
>> reconfiguring your OS or switching your OS to a more stable one; my 
>> favorite is FreeBSD, never have to reboot for anything, but I'm not 
>> going to start preaching here.
>> 
>> >bridges
>> I have no experience running a bridge, and I don't feel rather 
>> comfortable telling you the wrong information. I would perform a few 
>> more searches.
>> 
>> 
>> Feel free to reply and I should be able to get back to you in a timely 
>> manner.
> 
> Thanks for the reply. Regarding the downtime, it isn't about issues
> with stability or performance, it's about physically removing the
> device for a couple days at a time. The machine will be incapable of
> running the relay during that period, and i'm afraid there is simply
> no other way around that currently. As i said, this would only happen
> once or twice a month so the average uptime should be around 22-25
> days out of every 30. I have tested running a relay a year or two ago,
> and i recall Vidalia giving you an option to shutdown gracefully. Is
> this behavior present in the current Tor installation as well, when
> shutting down from the terminal? Naturally this would be the preferred
> way to shutdown a node.
> 
> Regarding trust issues, i suppose you could say the same about running
> any cloud instances with Amazon, yet this is endorsed by the Tor
> Project. Only, in that case you cannot even guarantee physical safety
> for the machines, which in this case i could. But isn't it the same
> otherwise, you have no idea whether the cloud host is or is not
> snooping around exit traffic? My information about this is very
> limited, feel free to correct me anytime i go astray.
> 
> I'll continue reading about bridges, but i welcome anyone
> knowledgeable about them to contribute their experiences. I find tech
> talk very difficult to digest, even though the Tor Project documents
> are laid out in an orderly fashion.
> _______________________________________________
> tor-relays mailing list
> tor-relays at lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays


More information about the tor-relays mailing list