[tor-relays] firewall ports needed to run a middle relay
neel at neelc.org
Fri Apr 26 02:05:19 UTC 2019
If you have fiber to the home or another symmetrical speed broadband
connection (like some wireless ISPs like Webpass), you may have a lot of
upstream speed. In this case it's perfect for Tor relays. If you do,
invest in a good router with a big enough NAT table if you don't have
one, flash custom firmware if your router supports it and is powerful
enough, or reuse your old desktop as a pfSense box. I have Verizon FiOS
FTTH and use a Linksys WRT1900AC running OpenWRT instead of a Verizon
Some ISPs may force you to use their router, like AT&T in some parts of
the US who forces 802.X authentication to use VDSL/FTTH that is only
spoken on their router.
But your uplink probably is crappy if you have cable, DSL, or fixed
On 2019-04-25 17:48, nusenu wrote:
> torix at protonmail.com:
>> I need to move to a new router, which, unlike the old Verizon home
>> router, doesn't have a quick DMZ host to which I attach the tor
>> telay's local ip address. So I think I need to do port forwarding,
>> and for that what rules do I need? My torrc config has: ControlPort
>> 9052 ORPort 8443 DirPort 8080
>> So I forwarded 8443 and just in case, 8080. But the number of my
>> connexions kept dropping, so I put it back in the DMZ and it started
>> getting new ones again. Trying to figure out if I screwed up the
>> config gui, or if I need to add other ports. Did I miss a port?
> Forwarding the ORPort and DirPort (if you set one) is all you need
> but home broadband uplinks frequently are not made for the amount of
> concurrent sessions a tor relay usually has to handle.
> So failures might still happen even if you setup the port-forwarding
> part correctly.
> tor-relays mailing list
> tor-relays at lists.torproject.org
More information about the tor-relays