[tor-relays] bride&relay one host
Roger Dingledine
arma at torproject.org
Fri Mar 22 07:19:01 UTC 2019
On Fri, Mar 22, 2019 at 02:43:13AM +0100, lists at for-privacy.net wrote:
> Can you run a bride and a middle-relay together on a host?
> I mean for the safety of users. IPv6 is usually a /64 network and the
> various IPv4 are usually also from a subnet.
Answer #1: if they're using different IP addresses, sure, go for it.
Answer #2: if they're using the same IP address, you can do it
technically, but it's probably not a good move.
Some years ago, it used to be that China blocked Tor relays and bridges
by blocking the particular IP:port they listened on.
But in the past year or two, they switched to just blackholing the IP
address if there's a Tor thing on it.
So, that means when they learn the relay IP address and blackhole it,
if your bridge is on that same IP address, the bridge becomes unreachable
too. Not the best outcome.
And, while you're thinking about bridge blocking, here are many other
angles to learn about:
https://blog.torproject.org/research-problems-ten-ways-discover-tor-bridges
Hope that helps,
--Roger
More information about the tor-relays
mailing list