[tor-relays] ORPort NoAdvertise & NoListen Not Working
Gary C. New
garycnew at yahoo.com
Tue Aug 17 13:43:22 UTC 2021
All:
After reviewing several packet-traces of Tor bound directly to the Public Address:Port vs Tor bound to the Private Address:Port and Advertising the Public Address:Port, I believe I may have found the the issue.
It appears that when Tor is bound directly to the Public Address:Port, the initial measurement connections are initiated from External Tor Nodes via High-Ports to the Public Address:Port over TLSv1.2 or TLSv1.3 successfully passing self-test. However, when Tor is bound to the Private Address:Port and Advertising the Public Address:Port, the initial measurement connections are initiated from External Tor Nodes via High-Ports to the Public Address:Port over TLSv1.0. Tor does not like the TLSv1.0 connections and Resets the them; thus, failing the self-test.
The question is... Why are the initial measurement connections initiated from External Tor Nodes via High-Ports with the Private Address:Port binding and Public Advertised Address:Port combination over TLSv1.0?
Has anyone successfully implemented the Private Address:Port binding and Public Advertised Address:Port combination that successfully passes self-test whom would be kind enough to share their configuration?
Is there a way to force the External Tor Nodes that initiate the measurement connections to use TLSv1.2 or TLSv1.3 with the Private Address:Port binding and Public Advertised Address:Port combination?
Thanks, again, for your assistance.
Respectfully,
Gary
On Saturday, August 14, 2021, 2:47:01 AM PDT, Gary C. New <garycnew at yahoo.com> wrote:
David,
The ISP has port 9001 blocked to the Public Address.
Do the ports have to be the same, when using NoAdvertise & NoListen with the ORPort directive?
Thanks!
Gary
On Saturday, August 14, 2021, 12:20:36 AM MDT, David Figuera <dfb at mm.st> wrote:
> ORPort 198.91.60.78:443 NoListen
> ORPort 192.168.0.1:9001 NoAdvertise
Why two different ports?
_______________________________________________
tor-relays mailing list
tor-relays at lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20210817/3531c1ee/attachment.htm>
More information about the tor-relays
mailing list