Re: [tor-relays] About relay size

[grarpamp]

> Larger, faster relays help clients achieve low-latency, high bandwidth
> connections.

This may depend? Do we have a graph of actual headroom / saturation
in the network of boxes versus consensus weight versus max box speed?
Does weight back off below historically sensed saturation levels?
Because seems even the fastest box would become high latency low
bandwidth upon saturation, and a path through three 40Mbit boxes
that are all 25% loaded might provide better performance than through
a single saturated gig box anywhere in path.
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] About relay size

[teor]

On 30 Sep 2017, at 09:55, Andy Isaacson  wrote:

>> Is it better if I run other small ones (100Mbps too) or only 1 big exit 
>> relay (1 Gbps) ? What's best for the network stability/security?
> 
> My overall analysis is that one 1Gbps relay is a better contribution to the 
> network than two 100 Mbps relays

I agree.
Larger, faster relays help clients achieve low-latency, high bandwidth
connections.

But depending on your processor speed, you might find that each tor
instance can only use about ~300Mbps before it maxes out the CPU.
(And it can take a few weeks for a new tor relay to get to the
maximum.)

So you may need 3-4 tor instances on your 1Gbps connection.
And you can only have 2 tor instances per public IPv4 address.

-- 
Tim / teor

PGP C855 6CED 5D90 A0C5 29F6 4D43 450C BA7F 968F 094B
ricochet:ekmygaiu4rzgsk6n

___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] About relay size

[Christopher]

Hi IPonU, Thanks for running a relay.

As I understand it, running one larger relay may be better. Traffic
correlation attacks by a global persistent adversary might have a harder
time due to the fact that more circuits are using one IP, rather than less
circuits spread across multiple IPs. In no way is this a cure-all, but it
might help.

Cheers


On Fri, Sep 29, 2017 at 12:37 AM IPonU  wrote:

> Hi Tor list,
>
> I'm already running a small exit node (100Mbps bandwidth) and I'm ready
> to spend more money on it, so have a question for you guys :
>
> Is it better if I run other small ones (100Mbps too) or only 1 big exit
> relay (1 Gbps) ? What's best for the network stability/security ?
>
> Thanks a lot
>
> IPonU
>
>
> ___
> tor-relays mailing list
> tor-relays@lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
>
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] About relay size

[Andy Isaacson]

On Fri, Sep 29, 2017 at 09:37:00AM +0200, IPonU wrote:
I'm already running a small exit node (100Mbps bandwidth) and I'm 
ready to spend more money on it, so have a question for you guys :


Thanks for running a relay!

Is it better if I run other small ones (100Mbps too) or only 1 big 
exit relay (1 Gbps) ? What's best for the network stability/security?


My overall analysis is that one 1Gbps relay is a better contribution to 
the network than two 100 Mbps relays, assuming other variables are held 
constant.  This choice by a single operator isn't a significant impact 
on security or stability, but in general we want


 - more operators
 - more AS diversity as share of exit bandwidth
 - more bandwidth
 - more nodes

in approximately that order of importance.  You're already nailing it on 
the first (thanks again!), I think you're not considering to add another 
AS (your new node would be on the same ISP), so it's mostly just a 
choice between 200 mbps and 1gbps, and a choice between one descriptor 
in the consensus or two descriptors.


Also, if we were very short of nodes, then adding more nodes would be a 
higher priority; but currently we seem to be more short of skilled and 
motivated operators, rather than node-limited.


-andy
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] bwauths doesn't reach reliable my relay

[Toralf Förster]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

On 09/29/2017 01:59 AM, teor wrote:
> Do you have errors in your log
no, except 1 or 2 few http errors for faharvar that a consensus upload failed 
or so.

In the mean while I got a reasonable bw back.

But b/c the were 3 "outages" within a week for about 6-8 hours each I'll still 
take a look on this.


- -- 
Toralf
PGP C4EACDDE 0076E94E
-BEGIN PGP SIGNATURE-

iI0EAREIADUWIQQaN2+ZSp0CbxPiTc/E6s3eAHbpTgUCWc5unxccdG9yYWxmLmZv
ZXJzdGVyQGdteC5kZQAKCRDE6s3eAHbpTiD2AP0fXtwnQtcH/2UDI+8bqLU2i++/
EkptSlv7oVbvkS9nEAD6Alkvx2oFPRp1oM4o0B/tirPNnLsmBU+3Uqq4ELlPXMQ=
=wdKA
-END PGP SIGNATURE-
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Info about HW Encryption on Raspberry

[Sebastian Urbach]

Hi,

You could try to set the loglevel to "debug". As far as i can remember you 
should get that info when you restart the daemon.

--
Sincerely yours / M.f.G. / Sincères salutations

Sebastian Urbach

---
Those who surrender freedom for security
will not have, nor do they deserve, either one.
---
Benjamin Franklin (1706-1790)



Am 29. September 2017 14:42:14 schrieb Fr33d0m4all :


Hi,
I have a Raspberry Pi3 that runs a Tor mid-relay and I’ve noticed that in 
the last weeks it reaches high temperatures (about 76°C) due to high CPU 
usage when Tor traffic increases. It did not reach this temperature until 
this summer (but it is not due to an higher environment temperature), so I 
don’t know if it can be related to 0.3 version. Now I’m running Tor 
0.3.1.7. Should Tor 0.3.x use Raspberry Pi3 AES-NI hardware acceleration to 
reduce high cpu usage? Is there a way to check and enable it if disabled?


# openssl speed -evp aes-256-cbc
Doing aes-256-cbc for 3s on 16 size blocks: 5560204 aes-256-cbc's in 3.00s
Doing aes-256-cbc for 3s on 64 size blocks: 1631984 aes-256-cbc's in 3.00s
Doing aes-256-cbc for 3s on 256 size blocks: 425826 aes-256-cbc's in 3.00s
Doing aes-256-cbc for 3s on 1024 size blocks: 107776 aes-256-cbc's in 3.00s
Doing aes-256-cbc for 3s on 8192 size blocks: 13489 aes-256-cbc's in 3.00s
OpenSSL 1.0.1t  3 May 2016
built on: Fri Jan 27 22:44:27 2017
options:bn(64,32) rc4(ptr,char) des(idx,cisc,16,long) aes(partial) 
blowfish(ptr)
compiler: gcc -I. -I.. -I../include  -fPIC -DOPENSSL_PIC -DOPENSSL_THREADS 
-D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -DL_ENDIAN -DTERMIO -g -O2 
-fstack-protector-strong -Wformat -Werror=format-security 
-D_FORTIFY_SOURCE=2 -Wl,-z,relro -Wa,--noexecstack -Wall 
-DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM 
-DSHA512_ASM -DAES_ASM -DGHASH_ASM

The 'numbers' are in 1000s of bytes per second processed.
type 16 bytes 64 bytes256 bytes   1024 bytes   8192 bytes
aes-256-cbc  29654.42k34815.66k36337.15k36787.54k36833.96k

Best regards,
   Fr33d0m4All
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays



___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

[tor-relays] Info about HW Encryption on Raspberry

[Fr33d0m4all]

Hi,
I have a Raspberry Pi3 that runs a Tor mid-relay and I’ve noticed that in the 
last weeks it reaches high temperatures (about 76°C) due to high CPU usage when 
Tor traffic increases. It did not reach this temperature until this summer (but 
it is not due to an higher environment temperature), so I don’t know if it can 
be related to 0.3 version. Now I’m running Tor 0.3.1.7. Should Tor 0.3.x use 
Raspberry Pi3 AES-NI hardware acceleration to reduce high cpu usage? Is there a 
way to check and enable it if disabled?

# openssl speed -evp aes-256-cbc
Doing aes-256-cbc for 3s on 16 size blocks: 5560204 aes-256-cbc's in 3.00s
Doing aes-256-cbc for 3s on 64 size blocks: 1631984 aes-256-cbc's in 3.00s
Doing aes-256-cbc for 3s on 256 size blocks: 425826 aes-256-cbc's in 3.00s
Doing aes-256-cbc for 3s on 1024 size blocks: 107776 aes-256-cbc's in 3.00s
Doing aes-256-cbc for 3s on 8192 size blocks: 13489 aes-256-cbc's in 3.00s
OpenSSL 1.0.1t  3 May 2016
built on: Fri Jan 27 22:44:27 2017
options:bn(64,32) rc4(ptr,char) des(idx,cisc,16,long) aes(partial) blowfish(ptr)
compiler: gcc -I. -I.. -I../include  -fPIC -DOPENSSL_PIC -DOPENSSL_THREADS 
-D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -DL_ENDIAN -DTERMIO -g -O2 
-fstack-protector-strong -Wformat -Werror=format-security -D_FORTIFY_SOURCE=2 
-Wl,-z,relro -Wa,--noexecstack -Wall -DOPENSSL_BN_ASM_MONT 
-DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DGHASH_ASM
The 'numbers' are in 1000s of bytes per second processed.
type 16 bytes 64 bytes256 bytes   1024 bytes   8192 bytes
aes-256-cbc  29654.42k34815.66k36337.15k36787.54k36833.96k

Best regards,
   Fr33d0m4All
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] About relay size

[IPonU]

I don't know if they accept foreign people to order (you could ask them 
by clicking on "Nous contacter ") 
The forum doesn't work in France either.


I already asked them about tor exits and they told me they were OK with 
it as long it's not spamming and it's not affecting (slowing) their network.


This ISP is already mentionned in the goodbadisp page and i'll update it 
if they shut down my relay.



Le 29/09/2017 à 13:31, Ralph Seichter a écrit :

On 29.09.2017 10:18, IPonU wrote:


http://www.digicube.fr/rapidserveurs

DigiCube notes "Offre uniquement valable pour la France métropolitaine".
Has anybody asked if non-French customers are also welcome? Have they
agreed to hosting Tor nodes, especially exits? My French is rusty, and I
could not find answers to these questions on their site, and I get only
timeouts when trying to connect to the DigiCube forum.

-Ralph

___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays


___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] About relay size

[Ralph Seichter]

On 29.09.2017 10:18, IPonU wrote:

> http://www.digicube.fr/rapidserveurs

DigiCube notes "Offre uniquement valable pour la France métropolitaine".
Has anybody asked if non-French customers are also welcome? Have they
agreed to hosting Tor nodes, especially exits? My French is rusty, and I
could not find answers to these questions on their site, and I get only
timeouts when trying to connect to the DigiCube forum.

-Ralph

___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] About relay size

[Tor Node Admin @ SechsNullDrei.org]

Hi there,

If your exit node has been online for more than two months with little hassle 
from the ISP, be sure to update the wiki at 
https://trac.torproject.org/projects/tor/wiki/doc/GoodBadISPs with your exit 
node's ISP information.  And thank you for your contribution to the Tor network.

Thank you for your email,
Isaac, t...@sechsnulldrei.org

-Original Message-
From: tor-relays [mailto:tor-relays-boun...@lists.torproject.org] On Behalf Of 
IPonU
Sent: Friday, September 29, 2017 2:37 AM
To: tor-relays
Subject: [tor-relays] About relay size

Hi Tor list,

I'm already running a small exit node (100Mbps bandwidth) and I'm ready to 
spend more money on it, so have a question for you guys :

Is it better if I run other small ones (100Mbps too) or only 1 big exit relay 
(1 Gbps) ? What's best for the network stability/security ?

Thanks a lot

IPonU


___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

[tor-relays] NTor

[Sebastian Urbach]

Dear List,

I just noticed an increase from 670k to 8.8 million NTor handshakes. CPU 
load reached the limit and Consensus Weight dropped. Something is going 
around ...


https://atlas.torproject.org/#details/4198BD138E5E11B15B05C826B427148CED7D99FE
--
Sincerely yours / M.f.G. / Sincères salutations

Sebastian Urbach

---
Those who surrender freedom for security
will not have, nor do they deserve, either one.
---
Benjamin Franklin (1706-1790)


___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] About relay size

[IPonU]

I'm not sure what you're asking so I'll show you the website : 
http://www.digicube.fr/rapidserveurs


ATM I have the cheapest (4€). So i'm not sure if I take others or if I 
take only one at the top with 1Gbps bandwidth.


I think it could be great to have multiple relays in case one is down 
but i'm not sure



Le 29/09/2017 à 09:54, John Ricketts a écrit :

Hi,

100Mbps is not a small node.  Thanks for running a relay!

When you say you’re going to spend more money on it...  do you mean 
hardware or bandwidth?


All of my relays are running as virtual machines on multiple computers 
to maximize the CPU and memory usage. If you didn’t want to virtualize 
your machines you could put two Tor nodes on the same physical box to 
maximize hardware usage.


If you’re comfortable telling us where you’re putting your money I 
suspect we can advise you better.


John
Quintex Alliance Consulting



On Sep 29, 2017, at 02:37, IPonU > wrote:



Hi Tor list,

I'm already running a small exit node (100Mbps bandwidth) and I'm 
ready to spend more money on it, so have a question for you guys :


Is it better if I run other small ones (100Mbps too) or only 1 big 
exit relay (1 Gbps) ? What's best for the network stability/security ?


Thanks a lot

IPonU


___
tor-relays mailing list
tor-relays@lists.torproject.org 
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays



___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays


___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] About relay size

[I]

Putting relays where there aren't many now would be good for diversity.



___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] About relay size

[John Ricketts]

Hi,

100Mbps is not a small node.  Thanks for running a relay!

When you say you're going to spend more money on it...  do you mean hardware or 
bandwidth?

All of my relays are running as virtual machines on multiple computers to 
maximize the CPU and memory usage. If you didn't want to virtualize your 
machines you could put two Tor nodes on the same physical box to maximize 
hardware usage.

If you're comfortable telling us where you're putting your money I suspect we 
can advise you better.

John
Quintex Alliance Consulting



On Sep 29, 2017, at 02:37, IPonU mailto:cont...@iponu.net>> 
wrote:

Hi Tor list,

I'm already running a small exit node (100Mbps bandwidth) and I'm ready to 
spend more money on it, so have a question for you guys :

Is it better if I run other small ones (100Mbps too) or only 1 big exit relay 
(1 Gbps) ? What's best for the network stability/security ?

Thanks a lot

IPonU


___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

[tor-relays] About relay size

[IPonU]

Hi Tor list,

I'm already running a small exit node (100Mbps bandwidth) and I'm ready 
to spend more money on it, so have a question for you guys :


Is it better if I run other small ones (100Mbps too) or only 1 big exit 
relay (1 Gbps) ? What's best for the network stability/security ?


Thanks a lot

IPonU


___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays