[tor-relays] Running gigabit relay

Neel Chauhan neel at neelc.org
Fri Jul 26 19:08:11 UTC 2019 

About having a relay on gigabit symmetrical FTTH, you don't just need a 
good server, you also need a good NAT router unless you want to use your 
server as a NAT router as well.

I don't have Sonic or Gigabit Fiber (from any ISP), but I have 300mbps 
symmetrical Verizon FiOS in Brooklyn, NY running a Tor middle relay. A 
Linksys running OpenWrt and many low-power Mini PC "firewall" boxes were 
a bottleneck even on 300 Mbps for Tor, despite having a powerful Xeon 
4108 HPE ProLiant ML110 Gen10 and having no Verizon router in my setup. 
I dabbled with using my ML110 as a PF firewall (I run FreeBSD), but 
yesterday, I installed a HP ProDesk 400 G4 as an OPNsense firewall 
(because I didn't want a single point of failure, and so I can remotely 
access iLO).

So your firewall needs to be more powerful than an average one because 
at least for me Tor has ~10000 connections at once, and that is with Tor 
only measuring half my 300Mbps. Your Gigabit will mean far more than 
that running Tor. So a low power HP T620 Plus or Qotom box won't work as 
a firewall in this case.

My "bottleneck" could also be Verizon's peering that Sonic may not have. 
After all, Sonic supports Net Neutrality and Verizon opposes NN.

About the server, I have a powerful HPE ProLiant as mentioned earlier, 
but like other said at minimum you need a i5/i7 CPU, or an equivalent 
Xeon or AMD CPU. So this means no NUCs or HPE MicroServers.

-Neel

===

https://www.neelc.org/

On 2019-07-26 01:31, Mitar wrote:
> Hi!
> 
> I have Sonic Fiber which offers gigabit symmetric connection. I am
> thinking of using it for gigabit Tor relay, but I wonder what would be
> good hardware to use for something like that. Information I have found
> [1] is from 2010 so I wonder if there are any updates? Is there any
> simple small box I could use? Like Intel NUC? Information here [2]
> says that one can get 400 Mbps with AES-NI. And so with two processes
> limit per my public IP this would be around 800 Mbps then. Is this
> still a reasonable expectation? Do I have to care about the network
> card to serve gigabit (besides its being nominally gigabit)? What
> would be memory requirements for such a device?
> 
> [1] https://www.mail-archive.com/or-talk@freehaven.net/msg14159.html
> [2] https://www.torservers.net/wiki/setup/server
> 
> 
> Mitar

More information about the tor-relays mailing list