Tor server on NSLU2: ORPort unreachable

Scott Bennett bennett at cs.niu.edu
Sat Jun 7 12:31:11 UTC 2008 

     On Sat, 07 Jun 2008 14:00:05 +0300 Eugen <eugenrn at gmail.com> wrote:
>I want to run a Tor middle node on a NSLU2 device (266Mhz, 32 MB RAM).
>I installed Debian etch version on it for ARM platform, and it works great..
>
>I installed TOR package 0.1.2.19-3~bpo40+1, from backports.org 
>(etch-backports distribution).
>I configured ORport=9001, nickname=mrffgdeukg, bandwidth limits (70KB), 
>Exit policy reject=*.*. I configured also my router to port-forward 9001 
>to NSLU2.
>
>Tor starts without problems... It confirms that client functionality 
>works(but I don't use that: SocksPort=0) :
>"Jun 07 13:32:37.767 [notice] Tor has successfully opened a circuit. 
>Looks like client functionality is working."
>
>But reachability of the ORPort fails...
>
>In the following log lines, 86.122.58.89 is *currently* my router's IP, 
>and it is *dynamic* IP.

     That could be the problem right there.  Does the Address line in your
torrc currently match the actual IP address?  If not, then it means that
the test is trying to connect to an address that is not the address of
your router.  Whatever it is trying to connect to is most likely not
listening on 9001, so the connection gets denied, and the test fails.
     If you're dealing with dynamically assigned IP addresses, then you
need to set up a phony host+domainname at one of the organizations that
offers such a service.  Then you need to install a small client for updating
the address at their service whenever the address has changed.
     I use the service provided at no charge at dyndns.org and a free client
application called inadyn.  Works fine, though it's a little slow when the
address changes because inadyn only checks at checkip.org once every ten
minutes.  If the address has changed, it then sends the update to dyndns.org,
which then updates the A RR in the name server data base.  The A RR has a
TTL of 60 seconds, so the changes should get picked up quickly even when
cacheing name servers are in use.  The remaining delaying factor is that
once the A RR has been updated to reflect the new IP address, tor takes up
to ten minutes to notice that change and reinitialize everything.  Check the
web site at www.dyndns.org for more information.  There are other services
out there, too, if you look for them.


                                  Scott Bennett, Comm. ASMELG, CFIAG
**********************************************************************
* Internet:       bennett at cs.niu.edu                              *
*--------------------------------------------------------------------*
* "A well regulated and disciplined militia, is at all times a good  *
* objection to the introduction of that bane of all free governments *
* -- a standing army."                                               *
*    -- Gov. John Hancock, New York Journal, 28 January 1790         *
**********************************************************************

More information about the tor-talk mailing list