[tor-relays] Does Tor work with Intel QAT acceleration

Thoughts thoughts at kevinsthoughts.com
Mon Apr 11 13:58:52 UTC 2022 

Two suggestions:

1)  Run speedtest (https://www.speedtest.net) from behind your firewall 
and verify your actual bandwidth (or at least get a good approximation 
<smile>).

2)  Check the brand of NIC in your current machine.  Intel NICs are 
reportedly much more efficient than RealTek for handling large number of 
packets - which is why they are recommended for most firewall machines.  
Suspect that logic would apply for a Tor Relay as well.

Suspect you also want a CPU with AES-NI support.  Check the specs on the 
web, AES-NI should be called out.  "cat /proc/cpuinfo | grep aes" will 
also tell you if your running some flavor of linux.

Kevin

ps. Dig around on the web for firewall hardware recommendations. I know 
I've seen some tables on throughput for pfsense, shouldn't be too hard 
to find and might throw some light on the situation.

pps.  Very jealous of your connectivity!

On 4/10/2022 2:32 PM, Andreas Bollhalder wrote:
> Hi all
>
> I have my first Tor relay up und running. It's currently installed on 
> a little desktop computer with an Intel i5 9500T CPU. My Internet 
> connection is 10Gb/s symetric. From this bandwidth, I would be able to 
> spend a good part for supporting the Tor network.
>
> With that little machine, it seems that it would max out at somewhere 
> at ~30 MBytes/s. For my definitive Tor relay hardware, I'm currently 
> researching some options, which would be capable of handling Tor 
> traffic at the rate of 200 to 300MBytes. Even it would be used 
> nowadays, but who knows whats coming in the future and I hope this 
> relay would last 5 years ore so.
>
> It looks to me, that with a normal CPU, it's impossible to reach my 
> goal. But then I encountered, that Intel has the Quick Assist 
> Technoloy (QAT) integrated in some of their products (ie. Atom C3xx8). 
> This QAT can be used with OpenSSL as a hardware accelerator for 
> encryption. There also exist dedicated PCIe cards with QAT (ie. 
> Netgate CPIC-8955).
>
> Searching the Internet, I couldn't find any information if QAT would 
> be helpful with Tor. But Tor uses the OpenSSL library and this can use 
> the QAT acceleration. Is there anyone who has tried this und can share 
> his expirience?
>
> Thanks in advance
> Andreas
>
> _______________________________________________
> tor-relays mailing list
> tor-relays at lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

More information about the tor-relays mailing list