[tor-relays] High speed Tor relay advice
Green Dream
greendream848 at gmail.com
Sun Aug 14 20:54:22 UTC 2016
Hi i3,
Thanks for running relays! Agreed you will want to run multiple instances
to make the most of your host.
The Xeon E5-2620v3 does have AES-NI, which is good.
Other items to consider:
- On most linux/unix systems the ulimits will be set too low by default. On
debian-like linux, higher limits for Tor might look like the following in
/etc/security/limits.conf:
debian-tor soft nofile 64000
debian-tor hard nofile 64000
- There are a lot of possible syctl tweaks. You could check out
https://raw.githubusercontent.com/torservers/server-config-templates/master/sysctl.conf.
I use these values on my non-exit relays:
net.core.wmem_max = 12582912
net.core.rmem_max = 12582912
net.ipv4.tcp_rmem = 10240 87380 12582912
net.ipv4.tcp_wmem = 10240 87380 12582912
net.ipv4.conf.default.send_redirects = 1
net.ipv4.conf.all.rp_filter = 0
net.ipv4.conf.all.send_redirects = 0
kernel.sysrq = 0
net.ipv4.icmp_echo_ignore_broadcasts = 1
net.ipv4.conf.all.accept_redirects = 0
net.ipv4.icmp_ignore_bogus_error_responses = 1
net.ipv4.tcp_no_metrics_save = 1
net.ipv4.tcp_moderate_rcvbuf = 1
net.ipv4.tcp_tw_recycle = 1
net.ipv4.tcp_fin_timeout = 4
net.ipv4.tcp_keepalive_time = 60
net.ipv4.tcp_keepalive_intvl = 10
net.ipv4.tcp_keepalive_probes = 3
net.ipv4.ip_local_port_range = 1025 65530
net.core.somaxconn = 20480
net.ipv4.tcp_timestamps = 0
fs.file-max = 64000
- You should install ntp make sure your clock is synced.
- You should install a local DNS resolver (unbound, named, dnsmasq,
something along those lines).
This guide has a lot of helpful info:
https://www.torservers.net/wiki/setup/server
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20160814/2e3364a7/attachment.html>
More information about the tor-relays
mailing list