[tor-talk] virtual private servers for Tor?

[coderman]

On Fri, Aug 26, 2011 at 4:52 PM, Martin Fick <mogulguy at yahoo.com> wrote:
> ...
> Since such discussions are generally likely to be
> highly opinion based, it would help if you gave
> technical reasons for your opinions.

there's a huge volume of history spanning years of research on this
subject in both this mailing list, the wiki, the old-wiki, and trac
tickets.  i speak from experience, and if you're curious the details
are there.

i agree it would be nice to have a singular set of pros / cons in
detail. perhaps you could aggregate and compile it? ;)


> Both of your preferred solutions will have much
> higher performance overheads than any container
> like solution (OpenVz, Vserver, lxc...).

concurrent number of open sockets. ip stack tuning parameters. other
technical constraints that make networking on these "light overhead"
container systems unworkable. the very design trade offs they make to
support larger numbers of contains per host directly reduce the
networking performance and capacity of any singular container/vm.

you must have at least X resources to participate in the Tor network
as a router.  these crippled systems don't cut it.


> no ... reason why any of those container
> solutions could not be used. I use a Vserver,
> on a very low BW link,

vserver is the best of the low overhead bunch. depending on how they
are provisioned, you've got access to the networking parameters needed
and can scale out enough sockets to be workable.

also, it would be helpful to describe how you are running your node.
the following directly affect network resource consumption and can
make or break a relay on these constrained systems:
- middle only or exit?
- serving directory or not?
- serving hidden svc descriptors or not?
- received the guard flag or not?
- using bandwidth or socket constraints in config or not?
(others)