Re: [tor-relays] DoS statistics from EA4366BCDCA6167B8CFF70E41D8CD1EE9968E445

[robink]

I have changed to a non-google DNS. 
I will look into running a local resolver/unbound.

BTW, the "eventdns: All nameservers have failed.." and then quickly "...is back 
up" error has been with around for a long time, also when I was running tor 
stable. 

kind regards,
Robin

- Original message -
From: nusenu 
To: tor-relays@lists.torproject.org
Subject: Re: [tor-relays] DoS statistics from 
EA4366BCDCA6167B8CFF70E41D8CD1EE9968E445
Date: Thu, 15 Mar 2018 21:53:00 +



robink:
> Mar 15 19:15:30.000 [notice] eventdns: Nameserver 8.8.8.8:53 is back upMar 15 
> 19:15:37.000 [warn] eventdns: All nameservers have failed
> Mar 15 19:15:37.000 [notice] eventdns: Nameserver 8.8.4.4:53 is back up

thanks for running an exit relay, please use a non-google DNS resolver if you 
can.
Ideally you would run a local resolver like unbound to improve 
performance/latency/(privacy).

-- 
https://mastodon.social/@nusenu
twitter: @nusenu_

___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Email had 1 attachment:
+ signature.asc
  1k (application/pgp-signature)
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] DoS statistics from EA4366BCDCA6167B8CFF70E41D8CD1EE9968E445

[Matt Traudt]

On 3/15/18 23:38, Toralf Förster wrote:
> On 03/15/2018 10:02 PM, robink wrote:
>> Mar 15 19:03:52.000 [warn] eventdns: All nameservers have failed
>> Mar 15 19:03:52.000 [notice] eventdns: Nameserver 8.8.4.4:53 is back up
>> Mar 15 19:04:01.000 [warn] eventdns: All nameservers have failed
>> Mar 15 19:04:01.000 [notice] eventdns: Nameserver 8.8.8.8:53 is back up
>> Mar 15 19:04:08.000 [warn] eventdns: All nameservers have failed
>> Mar 15 19:04:09.000 [notice] eventdns: Nameserver 8.8.8.8:53 is back up
>> Mar 15 19:04:10.000 [warn] eventdns: All nameservers have failed
>> Mar 15 19:04:10.000 [notice] eventdns: Nameserver 8.8.4.4:53 is back up
>> Mar 15 19:04:16.000 [warn] eventdns: All nameservers have failed
>> Mar 15 19:04:16.000 [notice] eventdns: Nameserver 8.8.8.8:53 is back up
>> Mar 15 19:04:35.000 [warn] eventdns: All nameservers have failed
>> Mar 15 19:04:35.000 [notice] eventdns: Nameserver 8.8.8.8:53 is back up
> 
> Interesting, with nyx I can see similar messages here using dnsmasq as a DNS 
> cache.
> 

Not that anyone was doing so, but I would not immediately assume that
these nameserver warns/notices are at all related to the DoS (that now
seems to be over). I've seen those on my fast relays for ... ever (the
last year).

Matt
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] DoS statistics from EA4366BCDCA6167B8CFF70E41D8CD1EE9968E445

[Toralf Förster]

On 03/15/2018 10:02 PM, robink wrote:
> Mar 15 19:03:52.000 [warn] eventdns: All nameservers have failed
> Mar 15 19:03:52.000 [notice] eventdns: Nameserver 8.8.4.4:53 is back up
> Mar 15 19:04:01.000 [warn] eventdns: All nameservers have failed
> Mar 15 19:04:01.000 [notice] eventdns: Nameserver 8.8.8.8:53 is back up
> Mar 15 19:04:08.000 [warn] eventdns: All nameservers have failed
> Mar 15 19:04:09.000 [notice] eventdns: Nameserver 8.8.8.8:53 is back up
> Mar 15 19:04:10.000 [warn] eventdns: All nameservers have failed
> Mar 15 19:04:10.000 [notice] eventdns: Nameserver 8.8.4.4:53 is back up
> Mar 15 19:04:16.000 [warn] eventdns: All nameservers have failed
> Mar 15 19:04:16.000 [notice] eventdns: Nameserver 8.8.8.8:53 is back up
> Mar 15 19:04:35.000 [warn] eventdns: All nameservers have failed
> Mar 15 19:04:35.000 [notice] eventdns: Nameserver 8.8.8.8:53 is back up

Interesting, with nyx I can see similar messages here using dnsmasq as a DNS 
cache.


-- 
Toralf
PGP C4EACDDE 0076E94E



signature.asc
Description: OpenPGP digital signature
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] DoS statistics from EA4366BCDCA6167B8CFF70E41D8CD1EE9968E445

[nusenu]

robink:
> Mar 15 19:15:30.000 [notice] eventdns: Nameserver 8.8.8.8:53 is back upMar 15 
> 19:15:37.000 [warn] eventdns: All nameservers have failed
> Mar 15 19:15:37.000 [notice] eventdns: Nameserver 8.8.4.4:53 is back up

thanks for running an exit relay, please use a non-google DNS resolver if you 
can.
Ideally you would run a local resolver like unbound to improve 
performance/latency/(privacy).

-- 
https://mastodon.social/@nusenu
twitter: @nusenu_



signature.asc
Description: OpenPGP digital signature
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

[tor-relays] DoS statistics from EA4366BCDCA6167B8CFF70E41D8CD1EE9968E445

[robink]

Running tor 0.3.3.3 

Mar 15 19:00:44.000 [warn] Tried to establish rendezvous on non-OR
circuit with purpose Acting as rendezvous (pending)Mar 15 19:00:48.000 [warn] 
Tried to establish rendezvous on non-OR
circuit with purpose Acting as rendezvous (pending)Mar 15 19:01:17.000 [warn] 
Tried to establish rendezvous on non-OR
circuit with purpose Acting as rendezvous (pending)Mar 15 19:03:01.000 [warn] 
Tried to establish rendezvous on non-OR
circuit with purpose Acting as rendezvous (pending)Mar 15 19:03:52.000 [warn] 
eventdns: All nameservers have failed
Mar 15 19:03:52.000 [notice] eventdns: Nameserver 8.8.4.4:53 is back upMar 15 
19:04:01.000 [warn] eventdns: All nameservers have failed
Mar 15 19:04:01.000 [notice] eventdns: Nameserver 8.8.8.8:53 is back upMar 15 
19:04:08.000 [warn] eventdns: All nameservers have failed
Mar 15 19:04:09.000 [notice] eventdns: Nameserver 8.8.8.8:53 is back upMar 15 
19:04:10.000 [warn] eventdns: All nameservers have failed
Mar 15 19:04:10.000 [notice] eventdns: Nameserver 8.8.4.4:53 is back upMar 15 
19:04:16.000 [warn] eventdns: All nameservers have failed
Mar 15 19:04:16.000 [notice] eventdns: Nameserver 8.8.8.8:53 is back upMar 15 
19:04:35.000 [warn] eventdns: All nameservers have failed
Mar 15 19:04:35.000 [notice] eventdns: Nameserver 8.8.8.8:53 is back upMar 15 
19:04:49.000 [warn] Tried to establish rendezvous on non-OR
circuit with purpose Acting as rendezvous (pending)Mar 15 19:05:16.000 [warn] 
Tried to establish rendezvous on non-OR
circuit with purpose Acting as rendezvous (pending)Mar 15 19:06:05.000 [warn] 
Tried to establish rendezvous on non-OR
circuit with purpose Acting as rendezvous (pending)Mar 15 19:06:11.000 [warn] 
Tried to establish rendezvous on non-OR
circuit with purpose Acting as rendezvous (pending)Mar 15 19:07:06.000 [warn] 
Tried to establish rendezvous on non-OR
circuit with purpose Acting as rendezvous (pending)Mar 15 19:07:34.000 [warn] 
Tried to establish rendezvous on non-OR
circuit with purpose Acting as rendezvous (pending)Mar 15 19:07:47.000 [warn] 
Tried to establish rendezvous on non-OR
circuit with purpose Acting as rendezvous (pending)Mar 15 19:07:56.000 [warn] 
Tried to establish rendezvous on non-OR
circuit with purpose Acting as rendezvous (pending)Mar 15 19:08:04.000 [warn] 
Tried to establish rendezvous on non-OR
circuit with purpose Acting as rendezvous (pending)Mar 15 19:08:12.000 [warn] 
eventdns: All nameservers have failed
Mar 15 19:08:12.000 [notice] eventdns: Nameserver 8.8.4.4:53 is back upMar 15 
19:09:05.000 [warn] Tried to establish rendezvous on non-OR
circuit with purpose Acting as rendezvous (pending)Mar 15 19:09:15.000 [warn] 
Tried to establish rendezvous on non-OR
circuit with purpose Acting as rendezvous (pending)Mar 15 19:10:21.000 [warn] 
Tried to establish rendezvous on non-OR
circuit with purpose Acting as rendezvous (pending)Mar 15 19:10:59.000 [warn] 
Tried to establish rendezvous on non-OR
circuit with purpose Acting as rendezvous (pending)Mar 15 19:11:16.000 [warn] 
Tried to establish rendezvous on non-OR
circuit with purpose Acting as rendezvous (pending)Mar 15 19:11:42.000 [warn] 
Tried to establish rendezvous on non-OR
circuit with purpose Acting as rendezvous (pending)Mar 15 19:12:31.000 [warn] 
Tried to establish rendezvous on non-OR
circuit with purpose Acting as rendezvous (pending)Mar 15 19:13:03.000 [warn] 
Tried to establish rendezvous on non-OR
circuit with purpose Acting as rendezvous (pending)Mar 15 19:13:24.000 [warn] 
Tried to establish rendezvous on non-OR
circuit with purpose Acting as rendezvous (pending)Mar 15 19:13:30.000 [notice] 
Heartbeat: Tor's uptime is 5 days 17:59
hours, with 2819 circuits open. I've sent 621.50 GB and received
636.02 GB.Mar 15 19:13:30.000 [notice] Circuit handshake stats since last time:
19393/19393 TAP, 119870/119870 NTor.Mar 15 19:13:30.000 [notice] Since startup, 
we have initiated 0 v1
connections, 0 v2 connections, 0 v3 connections, and 110064 v4
connections; and received 35 v1 connections, 187 v2 connections, 949 v3
connections, and 621316 v4 connections.
Mar 15 19:13:30.000 [notice] DoS mitigation since startup: 0 circuits
rejected, 0 marked addresses. 0 connections closed. 64 single hop
clients refused.Mar 15 19:13:44.000 [warn] Tried to establish rendezvous on 
non-OR
circuit with purpose Acting as rendezvous (pending)Mar 15 19:14:02.000 [warn] 
Tried to establish rendezvous on non-OR
circuit with purpose Acting as rendezvous (pending)Mar 15 19:14:21.000 [warn] 
Tried to establish rendezvous on non-OR
circuit with purpose Acting as rendezvous (pending)Mar 15 19:15:29.000 [warn] 
eventdns: All nameservers have failed
Mar 15 19:15:30.000 [notice] eventdns: Nameserver 8.8.8.8:53 is back upMar 15 
19:15:37.000 [warn] eventdns: All nameservers have failed
Mar 15 19:15:37.000 [notice] eventdns: Nameserver 8.8.4.4:53 is back up

Best regards, 
Robin
___
tor-relays mailing list

Re: [tor-relays] middle relay connexions dropped in half

[torix]

Thanks; this was a really helpful reply; when the electricity goes off, one 
tends to check one's own plug rather than think the main transformer just died. 
 
Especially the capacity/latency part; I would never have gotten that by myself.


​Sent with ProtonMail Secure Email.​

‐‐‐ Original Message ‐‐‐

On March 13, 2018 10:56 PM, teor  wrote:

> > On 13 Mar 2018, at 20:51, mytormail mytorm...@posteo.net wrote:
> > 
> > I just doesn't feel right if donated capacity isn't used.
> 
> Oh, but your relay's spare capacityis used.
> 
> Just not the way you think.
> 
> A congested relay is a slow and unstable relay.
> 
> A relay with extra capacity has lower latency, and can deal with
> 
> unexpected traffic peaks.
> 
> We expect relays to use 30% - 60% of their capacity.
> 
> But I think we'd like 10% - 20% for the best latency.
> 
> Also, the network is still adjusting after the bandwidth authorities
> 
> being down for a few days, and a million extra clients leaving the
> 
> network. So it might take a few weeks for bandwidth to balance
> 
> out.
> 
> T
> 
> tor-relays mailing list
> 
> tor-relays@lists.torproject.org
> 
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays


___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Tor program

[Colin Childs]

Hi Arisbe,

Here are some resources that may come in helpful, please feel free to reach out 
directly if you need any clarification or additional resources.

1. https://www.eff.org/pages/tor-and-https 
 this interactive graphic helps 
illustrate what Tor and HTTPS do.

2. https://support-staging.torproject.org/ 
 our new support portal, and will 
eventually also live at support.torproject.org 
, however it is currently already much nicer 
than the wiki. This has answers to frequently asked questions for a number of 
topics. If you find something missing or encounter an issue with the website, 
please let us know! 

3. https://www.youtube.com/watch?v=JWII85UlzKw 
 this is an animation about how 
the Tor Browser / Tor network can protect your privacy, we also have this in a 
number of languages available on the same channel 
https://www.youtube.com/user/TheTorProject/videos 
.

4. https://media.torproject.org/  this hosts a 
number of older presentations about Tor. These may help you in putting together 
your own slide deck, if that was a direction you were going in.

5. https://tb-manual.torproject.org/  This 
is our Tor Browser user manual. This also includes some information about 
censorship circumvention and accessing onion services. This is currently 
lagging behind the current Tor Browser release slightly as we wait for 
translations of some new strings. You will find the screenshots in the “alpha” 
folder have been updated to match the current Tor Browser release.

6. https://trac.torproject.org/projects/tor/wiki/TorRelayGuide 
 this is our new 
guide to running Tor relays. This may be overly technical for your talk, 
however it will give you a good idea of how the relays in the network are run. 

> On Mar 14, 2018, at 11:40 AM, Arisbe  wrote:
> 
> Hello People,
> 
> Does anyone have a graphic or verbal discussion about the Tor network that 
> they would share?  I want to give a talk at the public library about the 
> uses, advantage and how-to's of Tor.  I want to get my facts correct before I 
> commit to this task.
> 
> Thanks
> 
> ___
> tor-relays mailing list
> tor-relays@lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] new Tor exit

[Arisbe]

I appreciate the reminder.  I think we are okay.

Arisbe


On 3/14/2018 11:23 PM, Jordan wrote:

Hi Arisbe,

Thanks for running relays! If you're running multiple relays (as 
you've suggested) it's important to run then under the same family, 
see https://www.torproject.org/docs/faq.html.en#MultipleRelays.


In regards to new relay usage, see 
https://blog.torproject.org/lifecycle-new-relay



On 03/14/2018 11:03 PM, Arisbe wrote:

Hello all,

I rolled out a new Tor exit [0] this morning West Coast U.S. time.  
It's special to me because I've negotiated the trust of a host 
company in Albania.  I was the first Tor relay in that country and 
now I'm the first exit relay there.  This trust took me a year to 
establish.  I run a number of relays-both exit and non-exit.  I run a 
dozen bridges for  people that need the ISP connectivity.  I host 
classes in Southwest Washington State to teach ordinary people how to 
be safe while they're on the internet.  I teach high-school pupils 
how to set up and operate Tor relays.


Here is my problem:  The aforementioned relay has been on for nearly 
24-hours and not a single user has frequented my doorsteps.  I have 
had seven of the nine authorities parked in this node for most of the 
time but no inbound connections (except for those referenced and two 
hackers)  and no outbound or exit connections.  There is nothing 
technically wrong with the installation so what gives.  I this an 
issue of administrative paperwork?  While I am very supportive of 
Tor, I am not with unlimited patience.  I have a job, wife and kids 
and money pit house to maintain.


Thanks for giving me a bit of advice to make this guy blossom. If I 
don't understand, I apologize to all.


Arisbe

[0]  516D1B9E22484202322828D8CAC30325030017E2

___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays




___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] new Tor exit

[Arisbe]

Holy Cow!  The new Toe exit I just crabbed about just took off. My 
apologies everyone! (23:39 PDT)


Arisbe

On 3/14/2018 11:03 PM, Arisbe wrote:

Hello all,

I rolled out a new Tor exit [0] this morning West Coast U.S. time.  
It's special to me because I've negotiated the trust of a host company 
in Albania.  I was the first Tor relay in that country and now I'm the 
first exit relay there.  This trust took me a year to establish.  I 
run a number of relays-both exit and non-exit.  I run a dozen bridges 
for  people that need the ISP connectivity.  I host classes in 
Southwest Washington State to teach ordinary people how to be safe 
while they're on the internet.  I teach high-school pupils how to set 
up and operate Tor relays.


Here is my problem:  The aforementioned relay has been on for nearly 
24-hours and not a single user has frequented my doorsteps.  I have 
had seven of the nine authorities parked in this node for most of the 
time but no inbound connections (except for those referenced and two 
hackers)  and no outbound or exit connections.  There is nothing 
technically wrong with the installation so what gives.  I this an 
issue of administrative paperwork?  While I am very supportive of Tor, 
I am not with unlimited patience.  I have a job, wife and kids and 
money pit house to maintain.


Thanks for giving me a bit of advice to make this guy blossom. If I 
don't understand, I apologize to all.


Arisbe

[0]  516D1B9E22484202322828D8CAC30325030017E2

___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays


___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] new Tor exit

[Jordan]

Hi Arisbe,

Thanks for running relays! If you're running multiple relays (as you've 
suggested) it's important to run then under the same family, see 
https://www.torproject.org/docs/faq.html.en#MultipleRelays.


In regards to new relay usage, see 
https://blog.torproject.org/lifecycle-new-relay



On 03/14/2018 11:03 PM, Arisbe wrote:

Hello all,

I rolled out a new Tor exit [0] this morning West Coast U.S. time.  
It's special to me because I've negotiated the trust of a host company 
in Albania.  I was the first Tor relay in that country and now I'm the 
first exit relay there.  This trust took me a year to establish.  I 
run a number of relays-both exit and non-exit.  I run a dozen bridges 
for  people that need the ISP connectivity.  I host classes in 
Southwest Washington State to teach ordinary people how to be safe 
while they're on the internet.  I teach high-school pupils how to set 
up and operate Tor relays.


Here is my problem:  The aforementioned relay has been on for nearly 
24-hours and not a single user has frequented my doorsteps.  I have 
had seven of the nine authorities parked in this node for most of the 
time but no inbound connections (except for those referenced and two 
hackers)  and no outbound or exit connections.  There is nothing 
technically wrong with the installation so what gives.  I this an 
issue of administrative paperwork?  While I am very supportive of Tor, 
I am not with unlimited patience.  I have a job, wife and kids and 
money pit house to maintain.


Thanks for giving me a bit of advice to make this guy blossom. If I 
don't understand, I apologize to all.


Arisbe

[0]  516D1B9E22484202322828D8CAC30325030017E2

___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays


--
Jordan
https://yui.cat/

___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] new Tor exit

[Sebastian Niehaus]

2018-03-15 7:03 GMT+01:00 Arisbe :

>
> Here is my problem:  The aforementioned relay has been on for nearly
> 24-hours and not a single user has frequented my doorsteps.



https://blog.torproject.org/lifecycle-new-relay
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

[tor-relays] new Tor exit

[Arisbe]

Hello all,

I rolled out a new Tor exit [0] this morning West Coast U.S. time.  It's 
special to me because I've negotiated the trust of a host company in 
Albania.  I was the first Tor relay in that country and now I'm the 
first exit relay there.  This trust took me a year to establish.  I run 
a number of relays-both exit and non-exit.  I run a dozen bridges for  
people that need the ISP connectivity.  I host classes in Southwest 
Washington State to teach ordinary people how to be safe while they're 
on the internet.  I teach high-school pupils how to set up and operate 
Tor relays.


Here is my problem:  The aforementioned relay has been on for nearly 
24-hours and not a single user has frequented my doorsteps.  I have had 
seven of the nine authorities parked in this node for most of the time 
but no inbound connections (except for those referenced and two 
hackers)  and no outbound or exit connections.  There is nothing 
technically wrong with the installation so what gives.  I this an issue 
of administrative paperwork?  While I am very supportive of Tor, I am 
not with unlimited patience.  I have a job, wife and kids and money pit 
house to maintain.


Thanks for giving me a bit of advice to make this guy blossom. If I 
don't understand, I apologize to all.


Arisbe

[0]  516D1B9E22484202322828D8CAC30325030017E2

___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays