[tor-relays] do not run Tor client and OR relay together!

starlight.2015q3 at binnacle.cx starlight.2015q3 at binnacle.cx
Sun Aug 16 21:14:42 UTC 2015

I think separate packages are good idea
--is about making it easier for regular
users to configure Tor with less pain.

'openssh' provides a good example,
as it come with three component

openssh (core files)

so one would have


where the client and server packages
would configure separate run-time directories,
'torrc's and boot-system start/stop scripts
for the respective instances.  The 'tor'
binary would appear in the tor-core component.

I am confident of the analysis regarding
how easy it is to isolate client circuit
establishment cells from other relay traffic.
Is rather obvious--just look at the debug
trace 'channel_write_packed_cell' lines
associated with circuit establishment
and how they stand-out temporally
from the relay channel_write_packed_cell()
lines.  Unfortunately the log-to-file
feature does not include fractional
seconds, but it's glaring even with
whole-second resolution.

At 23:47 8/16/2015 +0300, you wrote:
>Shipping tor-client and tor-relay as separate
>packages is the worst thing we could do, since
>it's the same thing with just one config line more
>or less. It will mess things up terribly.
>We don't know that just yet, we are getting to
>fast from one thing to another - wait until proper
>review over that ticket and we'll see what needs
>to be done / if something needs to be done.
>On 8/16/2015 8:50 PM, Ana Lucia Cortez wrote:
>> On 16.08.2015 at 17:36, starlight.2015q3 at binnacle.cx wrote:
>>> Anyone who has configured a Tor SOCKS5
>>> client to run in a 'tor' instance that also
>>> operates as an OR relay should isolate the
>>> client to a separate client-only process.
>>> The client function disturbs relay traffic
>>> forwarding in a manner that lends itself to
>>> confirmation analysis.
>>> See bug 16585, particularly comment 5 and onward:
>>> Perhaps read comment 10 first.
>> It would be nice to have both installed as services by the 
>> or two different deb-packages for tor-client and tor-relay.
>> Apart from the fact that they run the
>> same binary they are quite different
>> to configure and setup.
>> Maybe that would help to make it easier
>> to run relays and hidden services on
>> the same machine.
>> _______________________________________________
>> tor-relays mailing list
>> tor-relays at lists.torproject.org
>tor-relays mailing list
>tor-relays at lists.torproject.org

More information about the tor-relays mailing list