[tor-relays] [tor-r at elays] What's a "useful" relay?

Ivan Markin twim at riseup.net
Sat Dec 24 00:09:00 UTC 2016


Rana:
> Those opinions were backed by technical arguments, here are a few:
> 
> -  the numerous small relays that change their IP addresses burden
> the network unnecessarily with frequent re-publishing of their
> descriptors -  small relays that carry a small number of circuits
> actually DESTROY anonymity since the small number of circuits going
> through them makes it easier to de-anonymize traffic; -  anonymity is
> much better served by a few large relays since they carry a lot of
> circuits simultaneously, and for this reason DirAuths try to saturate
> them before they direct traffic to small relays -  the connections
> through small relays are quickly saturated, making using the internet
> a horribly slow and unpleasant experience - Isis, the bridge db and
> bridge authority operator, has asked Tor people who make decisions
> NOT to recommend that people run bridges on their small residential
> connections, because the need to re-distribute information about
> changed IP addresses is a major hurdle towards bridge adoption
> 
> Or as one DirAuth operator summarized it: "On balance, the very small
> relays do not contribute enough resources compared to the associated
> costs to be worthwhile."
> 
> All of which is exactly the opposite of what you are saying and what
> was also my intuitive opinion.

Yes, I agree here that bad relays are actually bad.
If relays change their address frequently they tear down all the
circuits. Bad. Relays that are too slow and unable to catch up with most
of the network flow (have small number of circuits) are bad. Poor
connectivity is also bad.
All these concerns are truly legit. Thanks for summarizing them!

This hugely depends on your definition of "small". If one is running a
relay from their refrigerator or dishwasher that connects to the
Internet over GPRS - there is no good. One shouldn't do that.
By the way this definition is moving target; what is called "small"
today isn't what was called "small" 2 years ago.
If you feel that your setup is intrinsically bad then it's better to
make something else cool from it.

> Or as one DirAuth operator summarized it: "On balance, the very
> small relays do not contribute enough resources compared to the
> associated costs to be worthwhile."

This is true for "very small" relays, yes.

> All of which is exactly the opposite of what you are saying and what
> was also my intuitive opinion.

It isn't totally opposite. I ran a relay quite a while ago on RPi
(Pi1B+, FreeBSD) and it was pretty good at it. Not so fast as
"full-blown" ones but still (something around 1.2MBps). After reasonable
period of time it had ~7000 open connections.

> So I am interested to know if there are solid, TECHNICALLY SOUND
> opinions in favor of use of small relays. If running a small relay is
> just for feeling good and displaying political support for privacy
> rights, then I am outta here. I feel good already and I have other
> means of expressing my political support.

I do agree with you, one should know if their relay is actually useful
and won't harm the network. Sorry if I sound not so technically.

If you have modern ARM then you have NEON so ChaCha20 should be better
that AES. That said slow relays may become a bit faster.
Location diversity as self-hosting is another argument (recall tons of
OVH VPS relays).

Some best practices definitely would be awesome to have about running on
common (embedded) hardware. Clear notification like "your Commodore 64
is to slow to be a good relay" would also be useful.

--
Ivan Markin


More information about the tor-relays mailing list