[tor-relays] Relay Or/Dirport Unreachable
Felix
zwiebel at quantentunnel.de
Thu Mar 19 08:45:29 UTC 2020
Hi Kathi
Am 19.03.2020 um 02:28 schrieb Kathi:
> Modem Zyxel C3000 _was_ set to port forward on 9001, 9030, and 9050
Port forwarding for Or/Dirport is necessary. A forward of 9050 (in its
default usage) is not good. It's a SocksPort. If somebody finds it ey
can use it as open Proxy.
> IP 192.XXX.X.X
Fine, it's your non public LAN address.
> after much struggling/research to open ports 9001/9030
Good.
> NOTE: I know tor.Nyx should not be run as root, I get that.
> Tor/Nyx are running as root. I don’t know how to use
> debian-tor as usr. Nyx shows in it’s configuration as usr
> debian-tor. Su debian-tor produces a rollover back to root
> usr prompt.
By default Tor installs as a no-login user 'debian-tor'. So su does not
work. Better don't run Tor as root, try to run the Tor daemon under
'debian-tor'.
> Nyx – No complaints, running as default. After just two
> minutes of operation the relay was running at 2 MB/s with
> bursts up to 3 MB/s. After the obligatory/frustrating twenty
> minute wait for or/dirport hand shaking I get:orport/dirport
> unreachable…. Adnauseum!
Is this after you moved the relay (torrc + keys) ? I read it like you
moved only the torrc.
The Tor keys identify the relay. They wanna be moved too. And the Tor
process needs to have access to it, adopt user/group ownership.
[] https://support.torproject.org/operators/upgrade-or-move/
> Changed IP address to one given by tor, still unreachable.
How du you mean by: Tor gave you address ?
> Lastly, I removed the 900l/9030 ports from the modem
> and installed 6969 as the orport.
I am not sure why it didn't work with 9001/9030.
> Changed GUFW, verified the changes took place, changed
> ip to real world IP 63.xxx.xxx.xxx in torrc.
> Hand shaking to the orport was almost immediate.
> Right now, the relay after twenty hours of operation is
> tortusing along at 20 B/s.
My understanding is you wanted to move a figured out and running relay
from your domain area to an external provider.
Which is possible. If you move the relay please move the keys and adopt
the torrc right and to your needs. If the keys are not moved correctly
Tor generates new keys and puts you back to start position. That can
cause low bandwidth consensus/usage at the new begin.
> Which to me is pure BS.
We try to fix that.
It is helpful if you post the fingerprint and torrc file here.
Thanks for working hard to get the relay run.
Good luck!
--
Cheers, Felix
More information about the tor-relays
mailing list