Restrict relay to internet2

F. Fox kitsune.or at
Tue Jan 8 02:42:08 UTC 2008

Hash: SHA256

Nathaniel Fairfield wrote:
| Folks,
| I run a tor relay node (no exits) on my school's network.  Due to their
| bandwidth policy, I have to limit traffic to about 1 Gb per day.  Weak,
| I know.

Weak? Not really. I'm sure home users don't contribute too much, either
- - and every little bit helps. :-)

| HOWEVER, my school is also connected to the Abilene/Internet2 backbone,
| and they DON'T limit bandwidth usage over Internet2!

I'd check into whether Internet2 has policies relating to how it's used,
first... I get the impression it's a research network mainly at
universities. If that's the case, they may not want people fooling with
it casually. However, I could be wrong.

Another thing: How would the PKI work over Internet2? AFAIK, Tor needs
to be able to talk to an authoritative directory server; also, the
directory it gets would be full of Internet1 (as I'll refer to the
"normal" Internet here) nodes.

Clearly, an entirely new PKI would have to be set up, via forcing
options in copies of Tor (including, among other things, forcing a few
copies into authoritative directory mode). It would be an interesting
project, but it would take quite a bit of work.

One thing to remember is, even if Internet2 gets its own Tor PKI, Tor
needs a decent userbase in order to provide a respectable degree of
anonymity (and preferably a distributed geography, including as many
foreign jurisdictions as possible). Could you get enough Tor users on

Remember, anonymity loves company.

Interesting "pet project" idea, though... :-D

- --
F. Fox: A+, Network+, Security+
Owner of Tor node "kitsune"
Version: GnuPG v1.4.7 (MingW32)
Comment: Using GnuPG with Mozilla -


More information about the tor-talk mailing list