[tor-relays] Tor Guard Relay

Neel Chauhan neel at neelc.org
Thu Jun 7 20:54:19 UTC 2018

On 2018-06-07 14:08, Keifer Bly wrote:
> Thanks. How much bandwidth and uptime do I need to become a guard 
> relay?
> Sent from my iPhone
Bandwidth requirments:

> A guard is the first relay in the chain of 3 relays building a Tor 
> circuit.
> A middle relay is neither a guard nor an exit, but acts as the second 
> hop
> between the two. To become a guard, a relay has to be stable and fast 
> (at
> least 2MByte/s) otherwise it will remain a middle relay.

Source: https://trac.torproject.org/projects/tor/wiki/TorRelayGuide

For the "Stable" flag:

>   "Stable" -- A router is 'Stable' if it is active, and either its 
> Weighted
>   MTBF is at least the median for known active routers or its Weighted 
>   corresponds to at least 7 days. Routers are never called Stable if 
> they are
>   running a version of Tor known to drop circuits stupidly.  
> (
>   through are stupid this way.)

Source: https://gitweb.torproject.org/torspec.git/tree/dir-spec.txt

Looking that you have Charter as your ISP, and Charter is a cable ISP, 
upstream speeds are usually limited. This means that unless your cable 
company gives at least 16 megabits of upload speed, you cannot become a 
guard. Also, many parts of the US have cable broadband, but not fiber, 
so they're stuck with slow upload speeds for now, and if they want to be 
a Tor relay, may not have the Guard flag unless they have a higher speed 
package hopefully with enough upload bandwidth (and it may only be 
between 16-35 mbps upload).

CableLabs (who maintains DOCSIS, the standard for cable modems) is 
working on a new technology called Full Duplex DOCSIS 3.1 which 
supposedly makes cable broadband have similar upload speeds to fiber 

Source: https://www.cablelabs.com/full-duplex-docsis/

Sadly, it's not a reality yet, so for a few more years you'll probably 
have to live with slow upload speeds until it comes (provided that cable 
companies deploy full duplex tech).

If you really want the Guard flag right now, another option is to get an 
unmetered VPS. Some networks like OVH, Online.net/Scaleway, Hetzner, and 
Digital Ocean are very popular for relays and many in the Tor community 
consider that new relays should avoid "popular" networks.

Two good VPS providers to consider include ITL and BuyVM (I have two 
VPSes each with both for exits). You could also look at other unmeterd 
providers like Contabo and Trabia as well.

You could also check if your phone company or another provider (like 
Google) has fiber in your area, but considering that you're in the US, 
many Americans have cable as their only high speed option (because most 
telcos refuse to deploy fiber).

Hope this helps.

-Neel Chauhan



>> On Jun 7, 2018, at 5:39 AM, Neel Chauhan <neel at neelc.org> wrote:
>> The guard flag gets automatically assigned to you if you have enough 
>> bandwidth and uptime. You usually don't get to choose. You can still 
>> influence it by inducing downtime or limiting bandwidth (but both will 
>> be counterproductive). There are no risks in being a guard node, 
>> unlike being an exit. That's why web hosts are okay with guard nodes 
>> but not exits, and also why you can be a guard node on a broadband 
>> connection without getting complaints from your ISP. Abuse complaints 
>> don't go to a guard node, it goes to exits as exits connect directly 
>> to requested non-onion websites and guards don't.
>> -Neel Chauhan
>> ===
>> https://www.neelc.org/
>>> On 2018-06-06 14:42, Keifer Bly wrote:
>>> Hello, I have one question.
>>> I have been running my relay “torland” at
>>> http://torstatus.blutmagie.de/router_detail.php?FP=db1af6477bb276b6ea5e72132684096eee779d30
>>> For roughly 3 months now (I am unsure exactly how many days). While 
>>> my
>>> relay is marked “fast” and “stable” currently, it has never
>>> been marked as a “guard” relay. I believe being a “guard”
>>> relay requires at least 10mb/s for relay speed, but am wondering, do 
>>> I
>>> need to configure my torrc file to allow it to be used as a guard
>>> relay and are there any risks for doing this (like there are in
>>> running in exit relay)? Thank you.
>>> _______________________________________________
>>> tor-relays mailing list
>>> tor-relays at lists.torproject.org
>>> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
>> _______________________________________________
>> tor-relays mailing list
>> tor-relays at lists.torproject.org
>> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
> _______________________________________________
> tor-relays mailing list
> tor-relays at lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

More information about the tor-relays mailing list