[tor-relays] Failed upgrade

s7r s7r at sky-ip.org
Wed Mar 24 07:41:01 UTC 2021 

Hello,

You have some wrong torrc options.

They used to work because we didn't had a clear logic, there has been a 
lot of improvements made since IPv6 Address auto discovery was implemented.

Please see my corrections in line as well as explanations. Hope they 
make sense.

r1610091651 wrote:
> Hi
> 
> FYI
> 
> So I've upgraded tor package from 0.4.4.6 to 0.4.5.7-1~xenial+1. No 
> other changes.
> Yet on startup tor is complaining about mis-configuration:
> 
> Mar 23 20:55:02.928 [notice] Read configuration file 
> "/usr/share/tor/tor-service-defaults-torrc".
> Mar 23 20:55:02.929 [notice] Read configuration file "/etc/tor/torrc".
> Mar 23 20:55:02.932 [warn] Configuration port ORPort 9443 superseded by 
> ORPort <local-ip>:9443
> Mar 23 20:55:02.932 [warn] We are listening on an ORPort, but not 
> advertising any ORPorts. This will keep us from building a router 
> descriptor, and make us impossible to use.
> Mar 23 20:55:02.932 [warn] Failed to parse/validate config: 
> Misconfigured server ports
> Mar 23 20:55:02.932 [err] Reading config failed--see warnings above.
> 
> config:
> ORPort <local-ip>:9443 NoAdvertise

This is ok, you configured and explicit IP address.

> ORPort 9443 NoListen IPv4Only

This is not ok, the NoAdvertise ORPort is explicit <local-ip> but this 
is wildcard to all interfaces.

IPv4Only either you use it for both NoListen and NoAdvertise ORPort 
either you don't use it at all since you use AddressDisableIPv6.

This line should be:
ORPort <public-ip>:9443 NoListen

> AddressDisableIPv6 1

This is OK. Or you can use IPv4Only for both ORPort entries and it will 
have the same effect.

> OutboundBindAddress <local-ip>

This is also OK.

> 
> This config is according to spec and worked with 4.4.6.
> 
> Seems to be related to thes issues, except for me it's blocking: tor 
> fails to start.
> https://gitlab.torproject.org/tpo/core/tor/-/issues/40300 
> <https://gitlab.torproject.org/tpo/core/tor/-/issues/40300>
> https://gitlab.torproject.org/tpo/core/tor/-/issues/40302 
> <https://gitlab.torproject.org/tpo/core/tor/-/issues/40302>
> 
> I had to add 0.0.0.0 as ip to make tor start, although that's not 
> documented...
> ORPort <local-ip>:9443 NoAdvertise
> ORPort 0.0.0.0:9443 <http://0.0.0.0:9443> NoListen IPv4Only


Please try with my example and remove 0.0.0.0 as it's not our scope, we 
are trying to configure explicit binding IP addresses. Let me know if 
this works for you -- it should be a correct configuration.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 495 bytes
Desc: OpenPGP digital signature
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20210324/95e6a780/attachment.sig>

More information about the tor-relays mailing list