[tor-relays] New Relay Online/Working on AWS Cloud Torproject

teor teor2345 at gmail.com
Fri Dec 22 10:15:57 UTC 2017


> On 22 Dec 2017, at 21:08, Gary Smith <jaffacakemonster53 at gmail.com> wrote:
> 
> Hello.
> 
> I use AWS to test the alpha release, on the free tier. If you dont mind me asking, I am interested to know what you are doing to avoid a bill Amazon bill at the end of the month.
> 
> I think I had about 30GB data transfer or so & a few other things and they sent me a bill for USD 0.70 ish (not at lot I know lol), but potentially it could be in the thousands of dollars or more if you are not careful. Is there a region that is "best" to use? AWS' internet is pretty fast, I transfered a file from 12GB file from Google Drive using Chrome in the VM in about 15 or so seconds.

I use AccountingMax, and set it about 1GB below the limit.

Make sure you choose the right AccountingRule for AWS.
(Some providers use max upload or download, and some use sum.)

T

> Also I noted that there are many entries in /var/log/auth.log that many people try to connect via SSH (username byebye is a popular one for some reason), more connection attempts than my home internet connection gets perhaps
> 
> Many Thanks.
> 
> On Wed, Dec 20, 2017 at 2:35 PM, Conrad Rockenhaus <conrad at rockenhaus.com> wrote:
> 
> 
>> On Dec 20, 2017, at 5:01 AM, teor <teor2345 at gmail.com> wrote:
>> 
>> 
>> On 20 Dec 2017, at 20:59, Conrad Rockenhaus <conrad at rockenhaus.com> wrote:
>> 
>>> ConradsAWSRelay was started back up on a new AWS instance running Amazon Linux and it’s hash is now 9F7F05699131E1E2A22F70B83E8CBB4671F5FEE2. I have upgraded to Tor 0.3.1.9…. I had issues with getting the libevent development header dependencies resolved on Amazon Linux so I just compiled it on Red Hat and brought it over. More than likely I overlooked something and caused a cascade of failures from there, anyway, it’s up.
>>> 
>>> Additionally, I brought up ConradsAWSExit, 1B47E33F9D422CC97BD2DDA1F082BFF2FC58E79A, to help out with that area. I may bandwidth limit this one depending on load,  I will have to wait and see how much traffic it gets since I don’t have unlimited $$$ to allocate to my new hobby :).
>> 
>> Yes, running nodes at AWS can be expensive.
>> I'm also interested to see what abuse complaints you get.
> 
> I’m mainly running this stuff on AWS because AWS is my playground for the new Cloud based solution I’m working on, just because I can start instances up with Amazon Linux, FreeBSD, Debian, etc. I am interested to see what the abuse process is as well. I will ensure that the costs are controlled so I’m not out of pocket too much.
> 
> Eventually the permanent home will be moved to the new cabinet I’m going to be renting at a datacenter near my home.
> 
>> 
>>> If someone could take another look and provide me any feedback/constructive criticism about these two nodes, I would greatly appreciate it.
>> 
>> Since you control multiple relays, please set MyFamily on all of them:
>> 
>> MyFamily fingerprint1,fingerprint2
>> 
>> This is important because they are in different IPv4 /16s.
>> (It will be even more important if one has the Guard flag, and the other
>> has the Exit flag.)
> 
> Done, should see it in atlas within the hour.
> 
>> 
>> Does AWS have native IPv6 yet?
>> 
>> If so, please set on both relays:
>> 
>> ORPort [IPv6]:Port
>> 
>> And on the Exit:
>> 
>> IPv6Exit 1
>> 
>> You could connect to IPv6 using a nearby free tunnel service
>> (Hurricane Electric is good, and has good peering with AWS),
>> but this is not as fast or reliable as native IPv6.
>> 
>> But as a learning experience, it's a good way to get IPv6.
>> 
> 
> I see that AWS does have native IPv6, but I have to get it enabled on my VPC before I can get these two instances up on IPv6. I will let y’all know when that’s done.
> 
> 
>>> Thank you for everyone’s advise! I also appreciate the input regarding the revitalization of the Cloud project again. Another person has also volunteered to assist in the project so hopefully things should start moving here pretty soon!
>> 
>> That's exciting.
>> It would be great for people to be able to choose between multiple
>> providers. Free VPSs are a great way to learn how to set up a relay.
>> 
>> The biggest issue with the cloud image was that it wasn't kept up
>> to date. I wonder if there's a way of doing that automatically.
>> 
>> I also wonder if there's a way of giving people a BSD image option
>> as well.
> 
> My intent with the new cloud image architecture is to provide a multi-arch, portable, fast, and secure solution that will deploy tor relays. Another person has volunteered to assist me with this so with three people working on this I do hope that we will be able to keep things up to date, but my main goal is to have that somewhat automated.
> 
> Speaking of which, I do wonder what the thoughts are on this idea. I would like to have two derivatives of the cloud package, one for novices and one for those who do not consider themselves novices. The novice package will be centrally managed by Puppet, so all the user has to do is spin up an instance, updates will be handled by the master.
> 
> The non-novice package will be managed by chef. My main question is what are the thoughts on using Puppet? Would that be an acceptable solution for a non-novice solution or is that too much of a risk?
> 
> Thanks,
> 
> Conrad
> 
>> 
>> T
>> _______________________________________________
>> tor-relays mailing list
>> tor-relays at lists.torproject.org
>> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
> 
> 
> _______________________________________________
> tor-relays mailing list
> tor-relays at lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
> 
> 
> _______________________________________________
> tor-relays mailing list
> tor-relays at lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

T

--
Tim Wilson-Brown (teor)

teor2345 at gmail dot com
PGP C855 6CED 5D90 A0C5 29F6 4D43 450C BA7F 968F 094B
ricochet:ekmygaiu4rzgsk6n
xmpp: teor at torproject dot org
------------------------------------------------------------------------



-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: Message signed with OpenPGP
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20171222/69c7c5e3/attachment.sig>


More information about the tor-relays mailing list