[tor-relays] 300mbps FreeBSD Tor relay on HPE MicroServer Gen10 (AMD X3421)
Felix
zwiebel at quantentunnel.de
Sat Dec 29 15:29:16 UTC 2018
Hi Neel
> My relay runs FreeBSD 11.2 and Tor runs in a "jail".
Jails are perfect for that! I observed the host Freebsd tcp stack is
strong enough for more than 500Mbit/s in AND out.
> I am using AESNI and Tor is configured to use OpenSSL cryptodev.
Does crypto run? On log info you should find the following entry during
start:
[info] crypto_openssl_init_engines: Initializing dynamic OpenSSL engine
"dynamic" acceleration support.
[info] crypto_openssl_init_engines: Loaded dynamic OpenSSL engine "dynamic".
After finding this message you can switch to notice and restart.
> * I want to keep using FreeBSD on my server and do not want to run Linux
+1
> * I would prefer to have a single instance, but can use multiple if I have to
It's BSD, so may-be consider to go for libressl from ports (which does
not support the crypto engine). And then use 2 instances per ip. Better
for diversity ;)
> * My server supports hardware accelerated AES and SHA. I am using this on FreeBSD with the aesni kernel module and Tor with "HardwareAccel 1" and "AccelName cryptodev"
A toorc can look like:
RelayBandwidthRate 0
RelayBandwidthBurst 0
HardwareAccel 1
AccelName dynamic
Log info file /var/log/tor/info
--
Cheers from 35c3 , Felix
More information about the tor-relays
mailing list