[tor-teachers] Running relays in universities? Exit nodes, perhaps? Please share your experience!

Ian Goldberg tor at cypherpunks.ca
Tue Apr 17 21:58:11 UTC 2018


The single most important thing I had to work out was that we couldn't
use a University of Waterloo IP address; if we had, then anyone exiting
through our exit node would get access to site-licensed journals and
other library materials, which use IP-based controls.  The library also
could not provide us with a comprehensive list of such sites (otherwise
we could simply block them with an exit policy).

So most of the problem was aquiring IPv4 space not in the university's
allocation.  This took some months.  Another advantage of having your
own IP space is that you can list yourself in SWIP as the abuse contact,
so that you get the abuse notifications, and not your network admins.  I
used to get about one abuse complaint every ~3 weeks on average.  But
then this bot called "Fail2Ban" appeared, and it auto-emails much more
often.  But almost nobody configures it correctly, and the reply address
rarely is deliverable.  So there's nothing to be done with those emails,
anyway.  I still have a policy of sending a reply (starting with a form
email, slightly tweaked if they indicate they've already blocked the
node from their network) to each message, unless I already know that
that sender address cannot receive email.

We're still technically on the university's network, in that we share
the university's network uplinks.  They currently cap our bandwidth at
100 Mbps, but I'm right now negotiating to up that to 1 Gbps, based on
writing a grant proposal to provide funding for them to provision an
extra 1 Gbps over what they currently have.

Another argument is that any researcher using the Tor network for
research is at least kind of ethically obligated to contribute capacity
to the network, much in the style of PlanetLab.

We originally put up a middle node, not an exit node (as the research we
were doing at the time did not require us to be an exit), but I warned
them early on that one day I would come asking to turn on the exit flag.
The day after I got tenure, I knocked on their door and asked for that,
because I thought that would be the funniest time to do it.  :-)  As
above, it then took some months to actually make it happen.

The University of Waterloo is very supportive of its faculty.  The IT
staff really see it as their job to help us do what we need to do for
our research, which is great.
-- 
Ian Goldberg
Professor and University Research Chair
Cheriton School of Computer Science
University of Waterloo


More information about the tor-teachers mailing list