[tor-relays] Bridge Questions, Best Practices

Eddie stunnel at attglobal.net
Wed Dec 18 20:12:03 UTC 2019


Just setting up a new bridge, on a new VPS, to complement the relay I 
run at home and have a couple of questions regarding best practices.

I set the bridge up from scratch, so it has no connections back to my 
relay fingerprint etc. as I understand that's "a bad thing".

I've seen a few comments mentioning the lack of obfs4 bridges using port 
443, so as I don't run any kind of webserver on the VPS I can do this.  
I also wanted to run an obfuscated bridge on port 80, but it seems that 
you can only run a single instance of obfs4. Searching around, the most 
common setup I found was this:

ServerTransportListenAddr obfs3 [::]:80
ServerTransportListenAddr obfs4 [::]:443

Is this the best way to support both port 80 and 443, or is there a 
better way.

Next, the ORPort.  There seems to be confusing information about setting 
this up, in conjunction with obfs4proxy.  Again, my setup:

ORPort 9001
ORPort [--my public ipv6 address--]:9002

Again, is the the best way, as I've seen some information that says 
avoid 9001, but others say it's OK to use for a bridge, with obfs4proxy.


More information about the tor-relays mailing list