[tor-relays] About relay size

Scott Bennett bennett at sdf.org
Mon Oct 2 18:19:59 UTC 2017 

grarpamp <grarpamp at gmail.com> wrote:

> On Mon, Oct 2, 2017 at 3:53 AM, Santiago <santiagorr at riseup.net> wrote:
> >> And you can only have 2 tor instances per public IPv4 address.
> >
> > Why? Is there any place where I can find this kind of info?
>
> Read the archives of this list linked at the bottom of every message.
> As an operator you'll find lots more interesting subjects there too.
>
> > Maybe it's another issue, but I have recently tried to run a second
> > relay behind the same IPv4 address than my first relay, and the
> > connection quality strongly diminished. I suppose my ISP equipment was
> > not able to handle the two relays on NAT, but I would need to
> > investigate further.

     Huh?  What kind of ISP NATs its customers' connections?  Your ISP
should be assigning your machine/router a legitimate, unique IPv4 address.
The assignment is often, even usually, a temporary assignment via DHCP,
but it should not be a private address.  If NAT is a factor, that should
happen at the boundary of your own private network, not at an ISP's facility.
>
> Lots of hardware for use in the home, whether ISP provided or bought
> from wherever by the user, has been known to fall over under load,
> cable / dsl / fiber modems, whether in bridge or router modes, wifi, etc.
>
> For tor you need to test with tens to hundreds of TCP connections
> or more in parallel. The simple online "speedtests" don't do that.
> One way is to load up increasing numbers of opensource Unix iso's,
> conference videos, whatever... into whatever torrent client and watch
> the stats. If upon passing the expected / required number of connections,
> it starts falling significantly off the maximum recorded speed, never recovers
> when unloaded, locks up, reboots, melts / smokes / combusts, etc...
> then try another brand.

     I'll second the above comments.  Most of those little router boxes are
running some form of LINUX or FreeBSD as an embedded configuration, which
includes swapping and paging being disabled due to the absence of secondary
storage.  All of them have limited RAM.  One typical problem with running tor
on a NATed machine behind such a device is that the NAT table grows until all
of the real memory on the device has been consumed and there is no more room
for new NAT entries.
>
> Or instead of router mode, try bridge mode feeding into any old pc running
> [Free]BSD / Linux to do the functions of routing, wifi, firewall, nat,
> dhcp, dns,
> etc... this may often perform better and give more flexibility.

     Yes, and because there is secondary storage (HDD and/or SSD), paging
is available if the routing functions' memory needs grow larger than the
available real memory.  Home electronics store routers cannot hold a candle
to a full OS with a decent packet filter.


                                  Scott Bennett, Comm. ASMELG, CFIAG
**********************************************************************
* Internet:   bennett at sdf.org   *xor*   bennett at freeshell.org  *
*--------------------------------------------------------------------*
* "A well regulated and disciplined militia, is at all times a good  *
* objection to the introduction of that bane of all free governments *
* -- a standing army."                                               *
*    -- Gov. John Hancock, New York Journal, 28 January 1790         *
**********************************************************************

More information about the tor-relays mailing list