Re: [tor-relays] Middle relay IP blocking
On Montag, 7. August 2023 22:28:32 CEST s7r wrote: > While all the above is true, a thing to remember is to make sure we > don't end up all renting too many VPS'es or dedicated servers in the > same places / same AS numbers - we need network diversity, Especially at the exits, which unfortunately occur in a few places and in large heaps. Approx 50%: Berlin Germany, Utrecht Netherlands, Roost Luxembourg. > it is a very > important factor, more AS numbers, more providers, more physical > locations, etc. So, running at home is super good and recommended from > this perspective, provides us with the diversity we need, You made a good list of underused ISP's on lowendtalk and on nusenu's OrNetStat there are over 500 AS where only 1 or 2 relays are running. There should be enough data centers in the world to achieve diversity even without running at home. https://nusenu.github.io/OrNetStats/#autonomous-systems-by-cw-fraction Runnig snowflake @home is a nice option. Many relays @home only have kbit/s of bandwidth. In my humble opinion, a Tor relay should offer at least 10 MB/s. > however who can afford the > hassle should definitely run a middle relay or bridge at home Yes, anyone with a good internet connection at home can do this. At least in Germany, every ISP offers its customers a http & ftp proxy. Use them in your browser or OS. This might have less of a problem running Tor relays at home. Because most websites will then see the proxy IP. > (even Exit > relay, I do run an Exit relay at my office place and I had one police > visit in like 8 years or so). @office is different than @home. I wouldn't advise anyone to run an exit at home. It's no fun when the cops ring at 6:00 am and search your whole apartment. And if you're unlucky, they take all computers, cell phones and other 'things'. -- ╰_╯ Ciao Marco! Debian GNU/Linux It's free software and it gives you freedom! signature.asc Description: This is a digitally signed message part. ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Middle relay IP blocking
On Monday, August 7, 2023, 2:28:56 PM MDT, s7r wrote: li...@for-privacy.net wrote: > On Samstag, 5. August 2023 08:40:42 CEST Marco Predicatori wrote: >> secureh...@gmail.com wrote on 8/4/23 01:46: >>> I tried reporting a similar issue a few months ago (post wasn’t approved >>> by >>> moderator). I was running a relay from my home ISP. After a short while >>> certain websites became inaccessible from other computers in my home >>> network that shared the same public IP. After trial and error with other >>> IP addresses (non-Tor) I realized commercial gateway services had >>> blacklisted our IP address. >> >> Same here, middle node. In order to access some sites, I have to shut down >> briefly my modem in order to obtain a new IP, and for a while all goes >> smoothly again. > > Hi @all, > > Just my 2 cents. Is this worth the hassle? > Calculate your power consumption 24x7x30 @home. > > For 1-5$ you can get a VPS. > This exit has 1GB RAM and 1CPU and costs $3.50/month > https://metrics.torproject.org/rs.html#details/376DC7CAD597D3A4CBB651999CFAD0E77DC9AE8C > > Search or ask for offers on LEB & LET: > https://lowendbox.com/ > https://lowendtalk.com/discussion/185210/tor-relay-bridge > > $websearch: cheap vps unlimited bandwidth > IONOS 1,-EUR/Month - 1GB RAM - 1vCore unlimited bandwidth - prepaid (=no > contract term) > https://www.ionos.de/server/vps > > Dedicated server for $15 per month: 4 Cores/4 threads - 16GB DDR3 - 5 usable > IPv4 :-) > https://www.nocix.net/cart/?id=261> > > While all the above is true, a thing to remember is to make sure we > don't end up all renting too many VPS'es or dedicated servers in the > same places / same AS numbers - we need network diversity, it is a very > important factor, more AS numbers, more providers, more physical > locations, etc. So, running at home is super good and recommended from > this perspective, provides us with the diversity we need, however not > being to login to online banking to pay an electricity bill because of a > middle relay is also way too annoying.. however who can afford the > hassle should definitely run a middle relay or bridge at home (even Exit > relay, I do run an Exit relay at my office place and I had one police > visit in like 8 years or so). Marco... Thanks for the great VPS information. In addition to network diversity, there is the fact that most individuals find it necessary to run an at Home internet connection 24 x 7 x 365. So... Other than for the reasons inspired by the subject of this post, why not just run a low-resource consuming Tor server at home, too, which meets the requirements and continual request for Tor Bridges? Moreover... In the Tor documentation describing the various relays, it might be wise to highly recommend that new at Home operators focus their resources toward Tor Bridges (opposed to Relays) to avoid this common pitfall. Just my 2¢. ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Middle relay IP blocking
li...@for-privacy.net wrote: On Samstag, 5. August 2023 08:40:42 CEST Marco Predicatori wrote: secureh...@gmail.com wrote on 8/4/23 01:46: I tried reporting a similar issue a few months ago (post wasn’t approved by moderator). I was running a relay from my home ISP. After a short while certain websites became inaccessible from other computers in my home network that shared the same public IP. After trial and error with other IP addresses (non-Tor) I realized commercial gateway services had blacklisted our IP address. Same here, middle node. In order to access some sites, I have to shut down briefly my modem in order to obtain a new IP, and for a while all goes smoothly again. Hi @all, Just my 2 cents. Is this worth the hassle? Calculate your power consumption 24x7x30 @home. For 1-5$ you can get a VPS. This exit has 1GB RAM and 1CPU and costs $3.50/month https://metrics.torproject.org/rs.html#details/376DC7CAD597D3A4CBB651999CFAD0E77DC9AE8C Search or ask for offers on LEB & LET: https://lowendbox.com/ https://lowendtalk.com/discussion/185210/tor-relay-bridge $websearch: cheap vps unlimited bandwidth IONOS 1,-EUR/Month - 1GB RAM - 1vCore unlimited bandwidth - prepaid (=no contract term) https://www.ionos.de/server/vps Dedicated server for $15 per month: 4 Cores/4 threads - 16GB DDR3 - 5 usable IPv4 :-) https://www.nocix.net/cart/?id=261 While all the above is true, a thing to remember is to make sure we don't end up all renting too many VPS'es or dedicated servers in the same places / same AS numbers - we need network diversity, it is a very important factor, more AS numbers, more providers, more physical locations, etc. So, running at home is super good and recommended from this perspective, provides us with the diversity we need, however not being to login to online banking to pay an electricity bill because of a middle relay is also way too annoying.. however who can afford the hassle should definitely run a middle relay or bridge at home (even Exit relay, I do run an Exit relay at my office place and I had one police visit in like 8 years or so). The problem here is with the people who treat 1 IP address = 1 person, this assumption which is 3 decades old should disappear once and forever. I cannot imagine what kind of an IT/security expert would use a black list (haha) that contains Tor relays (double haha) and also applies same restrictions to *middle* relays (triple haha). There are so many ways to properly handle an IP address that sends robotic/unrequested traffic which are so obvious I'm not going to spam the list to enumerate them. OpenPGP_signature Description: OpenPGP digital signature ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Middle relay IP blocking
On Samstag, 5. August 2023 08:40:42 CEST Marco Predicatori wrote: > secureh...@gmail.com wrote on 8/4/23 01:46: > > I tried reporting a similar issue a few months ago (post wasn’t approved > > by > > moderator). I was running a relay from my home ISP. After a short while > > certain websites became inaccessible from other computers in my home > > network that shared the same public IP. After trial and error with other > > IP addresses (non-Tor) I realized commercial gateway services had > > blacklisted our IP address. > > Same here, middle node. In order to access some sites, I have to shut down > briefly my modem in order to obtain a new IP, and for a while all goes > smoothly again. Hi @all, Just my 2 cents. Is this worth the hassle? Calculate your power consumption 24x7x30 @home. For 1-5$ you can get a VPS. This exit has 1GB RAM and 1CPU and costs $3.50/month https://metrics.torproject.org/rs.html#details/376DC7CAD597D3A4CBB651999CFAD0E77DC9AE8C Search or ask for offers on LEB & LET: https://lowendbox.com/ https://lowendtalk.com/discussion/185210/tor-relay-bridge $websearch: cheap vps unlimited bandwidth IONOS 1,-EUR/Month - 1GB RAM - 1vCore unlimited bandwidth - prepaid (=no contract term) https://www.ionos.de/server/vps Dedicated server for $15 per month: 4 Cores/4 threads - 16GB DDR3 - 5 usable IPv4 :-) https://www.nocix.net/cart/?id=261 -- ╰_╯ Ciao Marco! Debian GNU/Linux It's free software and it gives you freedom! signature.asc Description: This is a digitally signed message part. ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
[tor-relays] Tor Relay in Kubernetes cluster
Hi all, Is anyone running Tor relay in k8s cluster? I am trying for a few days but It does not come alive. My servers are not behind a firewall, should be and are accessible, I run two bare-metal servers in Contabo. 1 master 1 node. Docker image and helm chart that use; https://gitlab.com/nikoloskid/tor-server The logs I get; > Aug 05 21:04:55.000 [notice] Now checking whether IPv4 ORPort > 38.242.233.101:32150 is reachable... (this may take up to 20 minutes -- look > for log messages indicating success) > Aug 05 21:24:45.000 [warn] Your server has not managed to confirm > reachability for its ORPort(s) at 38.242.233.101:32150. Relays do not publish > descriptors until their ORPort and DirPort are reachable. Please check your > firewalls, ports > > , address, /etc/hosts file, etc. When i try telnet it is open to the internet > telnet 38.242.233.101 32150 > Trying 38.242.233.101... > Connected to 38.242.233.101. > Escape character is '^]'. You can see the service here; https://gitlab.com/nikoloskid/tor-server/-/raw/helm-chart-tor-relay/tor-server-helm/templates/04_service.yaml?ref_type=heads /etc/tor/torrc; > Nickname icebergk8s > Address 38.242.233.101 > ContactInfo nikolos...@pm.me > RelayBandwidthRate 3.5MB > RelayBandwidthBurst 5MB > MaxAdvertisedBandwidth 5MB > ORPort 9001 NoAdvertise IPv4Only > ORPort 32150 NoListen IPv4Only > SocksPort 0 > ExitPolicy reject *:* > User debian-tor > DataDirectory /var/lib/tor Lep pozdrav / Best Regards, Daniel Nikoloski___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Middle relay IP blocking
secureh...@gmail.com wrote on 8/4/23 01:46: I tried reporting a similar issue a few months ago (post wasn’t approved by moderator). I was running a relay from my home ISP. After a short while certain websites became inaccessible from other computers in my home network that shared the same public IP. After trial and error with other IP addresses (non-Tor) I realized commercial gateway services had blacklisted our IP address. Same here, middle node. In order to access some sites, I have to shut down briefly my modem in order to obtain a new IP, and for a while all goes smoothly again. -- https://metrics.torproject.org/rs.html#details/A4E74410D83705EEFF24BC265DE2B2FF39BDA56E ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays