Re: [tor-relays] Debian-tor Vs User

[Mario Costa]

If you’re just trying to use nyx as your normal user, add your user to the 
debian-tor group. There is a unix control socket activated by default which is 
readable by the debian-tor user.

After you join the debian-tor group log out and back in, and then just:

$ nyx

-m

> Il giorno 19 apr 2020, alle ore 03:54, Kathi Hilton  
> ha scritto:
> 
> Switch from root to user = su usrname >Password. The problems start 
> when I try and su to debian-tor. First I get a query for a password which 
> it doesn't have. So I make a pass for debian-tor and enter it when I su to 
> debian-tor. I enter whoami and the response is: user and not debian-tor. 
> With or without a password it doesn't work. Secondly, if I su debia-tor >
> passwrd - sudo -u debian-tor nyx it produces a page and a half of pure 
> gibberish. Sudo -i to root and enter nyx, it operates perfectly; and yes 
> I understand I shouldn't run nyx as root.
> 
> How do I become debian-tor so I can operate my bridge correctly? Adriann
> 
> -- 
> It can't be, so therefore it isn't - stanton Friedman
> ___
> tor-relays mailing list
> tor-relays@lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Low observed bandwith

[Mario Costa]

Hi Roger,

Thank you for your answer, you and teor really helped me figure this out.

I set BW rate and burst to 10 MB/s and hope to get more traffic once the relay 
becomes guard for enough clients. Being on a dynamic IP I guess that every time 
the ISP changes my address and have to get a new guard flag, I’ll experience a 
drop in traffic.

-m 

> Il giorno 16 apr 2020, alle ore 16:22, Roger Dingledine  
> ha scritto:
> 
> [Hi Mario! I wrote this draft and then stopped half-through, and then
> teor wrote a good response too. So I'm going to send it as-is, rather
> than quietly delete it, in case it helps reinforce some of the points
> that teor made.]
> 
> On Sat, Apr 11, 2020 at 02:55:59PM +0200, Mario Costa wrote:
>> I???m running a guard relay from my home connection on a Raspberry Pi 4.
> 
> Thanks for running a relay!
> 
>> My internet connection is 1000/100 Mbps, and I thought I???d allocate half 
>> of the upload bandwidth for the relay. Then I set RelayBandwidthRate to 10 
>> MB/s, because I thought that Tor would upload 5 MB/s and download 5 MB/s.
> 
> Actually, a rate of 10mbytes/s means it will do up to 10mbytes/s upload
> and also up to 10mbytes/s download. That is, the rate setting applies to
> 'each way', not 'total for both'.
> 
>> However, the maximum observed bandwidth was always about 6 MB/s. I???d like 
>> to know what could cause this low observed bandwidth. I don???t think it???s 
>> the Raspberry Pi, because CPU usage is always low and it has a Gigabit 
>> connection to the router.
> 
> Answer #1: that 6mbytes/s is the most the relay has seen itself actually
> handle, in any ten-second period. That is, there was some ten second
> period over the past few days where the relay sent 60mbytes of actual
> traffic, and also some ten second period (doesn't have to be the same one)
> where it received 60mbytes of actual traffic.
> 
> So it isn't that the relay measured itself and found that it could only
> do 6mbytes/s. It's that the load from actual user traffic has reached that
> high, and so that's the number that it has seen itself do ("observed").
> 
> And that leads to the natural follow-up question of "Ok, but how come
> the user traffic only got that high? I could handle a lot more!"
> 
> And that's a harder question to answer, because it has to do with overall
> network load ("what all the Tor users together are trying to do right
> now"), and with load balancing across all the relays ("how much of that
> traffic gets sent toward your relay").
> 
> The simple answer is that random chance hasn't yet brought the combination
> of user flows to your relay at the right time to show it that it can
> do more.
> 
> But here, your 100mbit up limit looks like it could actually matter.
> The reason is that you can't push more than about 12 megabytes in a
> second, and that could impact whether you end up pushing more than 60
> megabytes in 10 seconds. I tried to construct a concrete scenario with
> numbers that add up, but I have so far failed to make a convincing one.
> So maybe 100mbit is sufficiently high that there aren't realistic
> scenarios where it will be a limitation. I'm not sure.
> 
> Hope this helps,
> --Roger
> 
> ___
> tor-relays mailing list
> tor-relays@lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

[tor-relays] Wrong IP geolocation

[Mario Costa]

One of my relays is reporting a wrong country and AS Name/Number on the Tor 
Metrics page. I suspect that the other relays displayed filtering by AS Name 
have the same problem since all of them belong to the same 255.255.0.0 subnet.

I know precisely where my relay’s data center is, and it’s not the reported 
country. How can I report the correct location? Browsing Tor’s source it looks 
to me that it downloads a database from 
https://geolite.maxmind.com/download/geoip/database/GeoLite2-Country.mmdb.gz 
 
but the link is not working, and it seems that they now require an account in 
order to access the data. I don’t know if the Metrics page is using the same 
database.

-m
 ___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Low observed bandwith

[Mario Costa]

> Il giorno 14 apr 2020, alle ore 14:48, teor  ha scritto:
> 
> Hi,
> 
>> On 12 Apr 2020, at 10:10, Mario Costa  wrote:
>> 
>> I’m running a guard relay from my home connection on a Raspberry Pi 4. My 
>> internet connection is 1000/100 Mbps, and I thought I’d allocate half of the 
>> upload bandwidth for the relay. Then I set RelayBandwidthRate to 10 MB/s, 
>> because I thought that Tor would upload 5 MB/s and download 5 MB/s.
> 
> You have an asymmetric connections and Tor is a relay network. So your 
> relay's speed will be limited by the slowest of your upload and download.
> 
> Tor also assumes your connection is full duplex. (That is, there are separate 
> limits of 10 MB/s up and 10 MB/s down.)
> 
> You should set rate to the highest sustained bandwidth you're happy for Tor 
> to use. Tor could use that much bandwidth for seconds or hours. That 
> bandwidth should be lower than your connection bandwidth. (The minimum of 
> your upload and download.)
> 
>> However, the maximum observed bandwidth was always about 6 MB/s. I’d like to 
>> know what could cause this low observed bandwidth. I don’t think it’s the 
>> Raspberry Pi, because CPU usage is always low and it has a Gigabit 
>> connection to the router.
> 
> Where are you seeing this observed bandwidth?
> 
> Tor reports its observed bandwidth over the busiest 10 second period each day.
> 
> 60% of the rate is actually a pretty high load, because Tor is a low-latency 
> network. (Once utilisation gets over around 10%, latency starts increasing.)
> 
> If your connection is a high latency connection, Tor may send bandwidth to 
> lower-latency connections.
> 
> You can read a similar thread here:
> https://lists.torproject.org/pipermail/tor-relays/2020-April/018348.html 
> <https://lists.torproject.org/pipermail/tor-relays/2020-April/018348.html>
>> The router itself easily reaches Gigabit speeds, so 10 MB/s should be a 
>> breeze. Could it be the number of connections? nyx indicates that the 
>> connections are always about 4000. If this is the case, how can I know if 
>> the connections bottleneck is the router or the Raspberry Pi?
> 
> 4000 seems pretty normal. There are only around 6000 relays.
> Check your tor, kernel, and router logs for TCP warnings?
> 
>> Additionally, I’d like to ask for a rule of thumb for setting the 
>> RelayBandwithBurst. I set it to 20 MB/s because I’m ok with the relay using 
>> the whole upload bandwidth (about 10 MB/s, or 100 Mbps) for short periods of 
>> time, but as I already explained I’m never seeing such speeds.
> 
> Setting your burst higher than your connection speed can cause latency or 
> packet drops. Tor will allocate less bandwidth to slow or unreliable relays.
> 
> You won't see the burst in Tor's observed bandwidth. The burst is over 1-2 
> seconds. The rate is averaged over a few seconds. Observed is over 10 seconds.
> 
> Tor will compensate for a burst by having a few slow seconds afterwards.
> 
> Set the burst to the highest speed you ever want the relay to use over 1-2 
> seconds. The burst should be equal to or lower than your connection speed. 
> (In your case, the lowest of your upload and download speed.)
> 
>> For reference my relay’s fingerprint is 
>> F942EE73F1B8E39125F617FA85E80E4C9E540A2E.
> 
> If you want Tor to use more bandwidth, try setting rate and burst to 10 Mbps.
> 
> That way, you won't be causing congestion or packet drops.
> 
> You may have to wait for a few weeks or months for your bandwidth to 
> stabilise.
> https://blog.torproject.org/lifecycle-new-relay 
> <https://blog.torproject.org/lifecycle-new-relay>
> 
> T
> 
> ___
> tor-relays mailing list
> tor-relays@lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays


Thank you,  I mistakenly thought the the Bandwidth limits were up+down, this 
really clarified many things.




> Il giorno 14 apr 2020, alle ore 17:21, torjoy 
>  ha scritto:
> 
> Hi Mario,
> 
> I'm having same trouble with raspberry pi 3b... I use Wi-Fi connection with 
> high throughput. My local connection can copy files up to 15MB/s to this RPi. 
> It is a USB adapter (mediatek MT7601). I'm asking myself that speed on tor 
> network shouldn't be more than 2 MB/s. I've limited the maximum in 3,2 MB/s 
> and burst to 4,3 MB/s, my connection here in Brazil is just of 240 Mb/s // 24 
> Mb/s... At least 2,2 MB/s should be reached in the measurements i guess. In 
> the past i shouldn't pass from 600 KB/s thus because my CPU consumption with 
> TOR was near to 100%. But i've set more parallel threads in torrc and 
> recompilled m

Re: [tor-relays] Got my first abuse

[Mario Costa]

Where you running an exit from home? It’s really discouraged because of what 
happened to you. 

-m

> Il giorno 16 apr 2020, alle ore 04:50, Kolja Sagorski 
>  ha scritto:
> 
> I had a police house search for my exit...
> I hate the stupid German police.
> 
>> Am 15.04.2020 um 22:53 schrieb "li...@for-privacy.net" 
>> :
>> 
>> Hi,
>> 
>> my Family¹ has had an exit for 2 weeks and today the first abuse mail has 
>> arrived.
>> 
>> First of all, thanks for the templates:
>> 
>> https://www.torservers.net/wiki/abuse/templates
>> 
>> https://trac.torproject.org/projects/tor/wiki/doc/TorAbuseTemplates
>> 
>> 
>> I linked these two from the Tor-project:
>> 
>> - Common Boilerplate (Tor Intro)
>> 
>> - SSH Bruteforce Attempts
>> 
>> and wrote the following myself:
>> --
>> Another good option that we use ourselves is: fail2ban
>> And report to blacklists, which can then be loaded into the router firewalls:
>> https://www.abuseipdb.com/user/33280
>> 
>> Hope this helps!
>> --
>> 
>> I actually wanted to add that the SSH login attempts can be limited. (3-6)
>> Because the logs from the abuse mail showed 100 attempts pro IP. ;-)
>> 
>> _Are such notes useful or do such instructions cause even more problems?_
>> 
>> 
>> 
>> ¹https://metrics.torproject.org/rs.html#search/TorOrDie4privacyNET
>> 
>> -- 
>> ╰_╯ Ciao Marco!
>> 
>> Debian GNU/Linux
>> 
>> It's free software and it gives you freedom!
>> ___
>> tor-relays mailing list
>> tor-relays@lists.torproject.org
>> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
> ___
> tor-relays mailing list
> tor-relays@lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

[tor-relays] Low observed bandwith

[Mario Costa]

Hi list,

I’m running a guard relay from my home connection on a Raspberry Pi 4. My 
internet connection is 1000/100 Mbps, and I thought I’d allocate half of the 
upload bandwidth for the relay. Then I set RelayBandwidthRate to 10 MB/s, 
because I thought that Tor would upload 5 MB/s and download 5 MB/s.

However, the maximum observed bandwidth was always about 6 MB/s. I’d like to 
know what could cause this low observed bandwidth. I don’t think it’s the 
Raspberry Pi, because CPU usage is always low and it has a Gigabit connection 
to the router.

The router itself easily reaches Gigabit speeds, so 10 MB/s should be a breeze. 
Could it be the number of connections? nyx indicates that the connections are 
always about 4000. If this is the case, how can I know if the connections 
bottleneck is the router or the Raspberry Pi?

Additionally, I’d like to ask for a rule of thumb for setting the 
RelayBandwithBurst. I set it to 20 MB/s because I’m ok with the relay using the 
whole upload bandwidth (about 10 MB/s, or 100 Mbps) for short periods of time, 
but as I already explained I’m never seeing such speeds.

For reference my relay’s fingerprint is 
F942EE73F1B8E39125F617FA85E80E4C9E540A2E.

-m
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Tor fingerprint backup

[Mario Costa]

Check the owner and permissions of the restored files. At least check that the 
files are owned by debian-tor, permissions should be fixed when tor starts. 

-m

> Il giorno 2 apr 2020, alle ore 14:46, Kolja Sagorski  
> ha scritto:
> 
> Hello together. I have a problem. When I install a fresh debian server and a 
> new tor relay, I can’t restore my fingerprint.
> I have the fingerprint file and the key folder. I stopped the new relay. 
> Insert and replace the fingerprint and Key Folder. After that, the server 
> didn’t start now :( 
> 
> Can anyone help me?
> 
> Kind regards, kolja.
> ___
> tor-relays mailing list
> tor-relays@lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] tor on Centos version question

[Mario Costa]

It seems like that EPEL repo for CentOS 7 has indeed Tor 0.3.5.8, while EPEL 
for CentOS 8 carries Tor 0.4.2.5.

If you want to run the last version you can add the repository maintained from 
the Tor Project following these instructions:

https://support.torproject.org/rpm/ 

-m

> Il giorno 24 mar 2020, alle ore 18:00, to...@protonmail.com ha scritto:
> 
> I can see that my Debian relay went from 0.4.2.6 to 0.4.2.7 a few days ago 
> automatically with auto updates set up.  However, my hosted relay, which runs 
> on Centos 7, is still at version 0.3.5.8.  I am using the epel repo version.  
> Is that okay? Or should I have added a tor repo?
> 
> TIA,
> 
> --Torix
> 
> 
> Sent with ProtonMail  Secure Email.
> 
> ___
> tor-relays mailing list
> tor-relays@lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Relay Or/Dirport Unreachable

[Mario Costa]

Or you could just add your user to the debian-tor group, so it will be able to 
access the nyx control Unix socket.

> Il giorno 19 mar 2020, alle ore 19:55, li...@for-privacy.net ha scritto:
> 
> On 19.03.2020 02:28, Kathi wrote:
> 
>> NOTE: I know tor.Nyx should not be run as root, I get that. Tor/Nyx
>> are running as root. I don’t know how to use debian-tor as usr.
> 
> ~$ sudo -u debian-tor nyx -i 9051
> 
> .bashrc aliases for lazy admin ;-)
> 
> # My aliases for nyx (tor & tor-instances)
> alias nyx='sudo -u debian-tor nyx -i 9051'
> #alias nyx00='sudo -u _tor-00 nyx -i 9051'
> #alias nyx01='sudo -u _tor-01 nyx -i 9052'
> #alias nyx02='sudo -u _tor-02 nyx -i 9053'
> 
> If you have not yet installed or set up sudo:
> ~$ su -
> ~# apt install sudo
> ~# usermod -aG sudo user
> 
> -- 
> ╰_╯ Ciao Marco!
> 
> Debian GNU/Linux
> 
> It's free software and it gives you freedom!
> ___
> tor-relays mailing list
> tor-relays@lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Port Forwarding Question

[Mario Costa]

Local port is the port of the machine running your relay (be sure to put the 
correct local IP address, preferably set a static IP or DHCP reservation so 
that your relay’s PC gets always the same private IP on your LAN).

External port is the port of your router that you want to forward to the 
relay’s machine. Tor defaults behavior is to advertise that it accepts 
connection on the ORPort, so 9001 in your case.

It works like this:

External connection on port 9001 ==> your router ==> internal connection 
forwarded to port 9001 ==> Relay’s PC

tl;dr

Set external and internal port both on 9001 to translate any connection to port 
9001 of your public IP address to port 9001 of your relay’s PC.

-m

> Il giorno 9 mar 2020, alle ore 08:40, William Pate  ha 
> scritto:
> 
> 
> This constantly trips me up. In my modem settings, I'm offered these options 
> for port forwarding. I know I need to open 9001, but what do I enter into the 
> external port fields? 
> 
> Thank you!
> 
> 
> 
> 
> William Pate
> willp...@pm.me
> 512-947-3311
> inadequate.net
> 
> 
> ___
> tor-relays mailing list
> tor-relays@lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] New relay on dynamic IP address

[Mario Costa]

Just reporting back after some time. Today I noticed that my relay running at 
home with a dynamic IP got a guard flag again. So it’s totally possible for a 
relay to become a guard even after the authorities notice that it has a dynamic 
IP address.It must be noted though that the IP address didn’t change since it 
lost the guard flag the first time.

It looks like I had it wrong when I concluded that after the first IP change 
the relay wouldn’t became a guard anymore.

For reference, the relay fingerprint is 
F942EE73F1B8E39125F617FA85E80E4C9E540A2E.

-m

> Il giorno 27 gen 2020, alle ore 15:15, Mario Costa  
> ha scritto:
> 
> Torix,
> 
> This is really useful. I forced an IP change and the relay lost the guardian 
> flag. I guess that now the authorities know that it’s running on a dynamic IP 
> connection and won’t assign a guard flag anymore. I was really surprised when 
> the relay became a guard in about a week of uptime.
> 
> By the way, I didn’t set a traffic limit. Hope this doesn’t upset my ISP, but 
> my little RPi is happily talking with almost 4000 peers :)
> 
> -m
> 
>> Il giorno 27 gen 2020, alle ore 14:41, to...@protonmail.com ha scritto:
>> 
>> Dear Mario,
>> 
>> In almost 2 years I've been running a middle relay from home, I have had 
>> about 15 ip changes.  One time they came and replaced my equipment and it 
>> was down about 5 hours.  It started back up with about 6 connections, but 
>> was back at a full 3000 in a few hours.  I've never had a guard flag, even 
>> with my current 3+months tor uptime with the same ip address.  I only run a 
>> terabyte a month through it, so maybe that's too little, though it does have 
>> the fast flag.
>> 
>> The first 6 or 8 months before a new tor version came out, there was a lot 
>> more traffic than I wanted to handle, just to keep under my ISP's radar, so 
>> I had the config set up to turn off tor when the daily limit was reached, 
>> usually between 8 and 10 pm.  Then it would start up again after midnight.  
>> I asked if this was still worth it, and the gurus said yes.  So I'd say that 
>> a few ip changes are going to be small potatoes compared to turning the 
>> relay off for hours every night.
>> 
>> So glad you are running a relay.  "A chicken in every pot, and a relay in 
>> every house."
>> 
>> --torix
>> 
>> 
>> Sent with ProtonMail Secure Email.
>> 
>> ‐‐‐ Original Message ‐‐‐
>> On Thursday, January 23, 2020 2:19 PM, Mario Costa  
>> wrote:
>> 
>>> Hello,
>>> 
>>> I started a new relay at home. I was really surprised to see it gain a 
>>> Guard flag in about a week since it first came online. My first relay (on a 
>>> VPS) became a Guard well over a month after I set it up. How can I assess 
>>> what was different this time?
>>> 
>>> Also, I’m wondering what will happen when the dynamic IP changes. Sooner or 
>>> later I’ll have a power outage or restart the modem. Last time my IP 
>>> changed it happened overnight for no evident reason. Will this relay lose 
>>> its flags? Is a really with a dynamic IP address useful at all?
>>> 
>>> Cheers,
>>> 
>>> -m
>>> 
>>> tor-relays mailing list
>>> tor-relays@lists.torproject.org
>>> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
>> 
>> 
>> ___
>> tor-relays mailing list
>> tor-relays@lists.torproject.org
>> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
> 
> ___
> tor-relays mailing list
> tor-relays@lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] New relay on dynamic IP address

[Mario Costa]

Torix,

This is really useful. I forced an IP change and the relay lost the guardian 
flag. I guess that now the authorities know that it’s running on a dynamic IP 
connection and won’t assign a guard flag anymore. I was really surprised when 
the relay became a guard in about a week of uptime.

By the way, I didn’t set a traffic limit. Hope this doesn’t upset my ISP, but 
my little RPi is happily talking with almost 4000 peers :)

-m

> Il giorno 27 gen 2020, alle ore 14:41, to...@protonmail.com ha scritto:
> 
> Dear Mario,
> 
> In almost 2 years I've been running a middle relay from home, I have had 
> about 15 ip changes.  One time they came and replaced my equipment and it was 
> down about 5 hours.  It started back up with about 6 connections, but was 
> back at a full 3000 in a few hours.  I've never had a guard flag, even with 
> my current 3+months tor uptime with the same ip address.  I only run a 
> terabyte a month through it, so maybe that's too little, though it does have 
> the fast flag.
> 
> The first 6 or 8 months before a new tor version came out, there was a lot 
> more traffic than I wanted to handle, just to keep under my ISP's radar, so I 
> had the config set up to turn off tor when the daily limit was reached, 
> usually between 8 and 10 pm.  Then it would start up again after midnight.  I 
> asked if this was still worth it, and the gurus said yes.  So I'd say that a 
> few ip changes are going to be small potatoes compared to turning the relay 
> off for hours every night.
> 
> So glad you are running a relay.  "A chicken in every pot, and a relay in 
> every house."
> 
> --torix
> 
> 
> Sent with ProtonMail Secure Email.
> 
> ‐‐‐ Original Message ‐‐‐
> On Thursday, January 23, 2020 2:19 PM, Mario Costa  
> wrote:
> 
>> Hello,
>> 
>> I started a new relay at home. I was really surprised to see it gain a Guard 
>> flag in about a week since it first came online. My first relay (on a VPS) 
>> became a Guard well over a month after I set it up. How can I assess what 
>> was different this time?
>> 
>> Also, I’m wondering what will happen when the dynamic IP changes. Sooner or 
>> later I’ll have a power outage or restart the modem. Last time my IP changed 
>> it happened overnight for no evident reason. Will this relay lose its flags? 
>> Is a really with a dynamic IP address useful at all?
>> 
>> Cheers,
>> 
>> -m
>> 
>> tor-relays mailing list
>> tor-relays@lists.torproject.org
>> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
> 
> 
> ___
> tor-relays mailing list
> tor-relays@lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] New relay on dynamic IP address

[Mario Costa]

Thanks Jonathan,  mpan and John.

I still don’t understand what happens when the authorities see that my IP is 
dynamic. Will they prevent the relay from becoming a guard?

I didn’t know about the DoS problem, that’s something I didn’t experience yet 
with my other, older relay. Maybe not being and exit helps.

Cheers,

-m


> Il giorno 27 gen 2020, alle ore 02:57, Jonathan Marquardt  
> ha scritto:
> 
> On Thu, Jan 23, 2020 at 03:19:52PM +0100, Mario Costa wrote:
>> Also, I’m wondering what will happen when the dynamic IP changes. Sooner or 
>> later I’ll have a power outage or restart the modem. Last time my IP changed 
>> it happened overnight for no evident reason. Will this relay lose its flags? 
>> Is a really with a dynamic IP address useful at all?
> 
> If your IP address doesn't change every day but only every now and then then 
> yes, it's definitely a useful relay.
> 
> Should the IP address change too often, your relay might loose its "guard" or 
> even "stable" flag but I recommend you just see what will happen.
> 
> I have a relay (6B185DEEB249E4BA6182ECA077530C45E98A6C5F) that's also just 
> running at home with a dynamic IP address and it still has its "Stable" flag.
> -- 
> OpenPGP Key: 47BC7DE83D462E8BED18AA861224DBD299A4F5F3
> https://www.parckwart.de/pgp_key
> ___
> tor-relays mailing list
> tor-relays@lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays


> Il giorno 27 gen 2020, alle ore 07:24, mpan  ha scritto:
> 
>> Is a really with a dynamic IP address useful at all?
>  I’m running a node like that for over 5 years. Currently it is a guard
> too. The IP address is relatively stable and the major interruptions are
> due to kernel/tor upgrades or modem losing connection without the
> address change. Even after those it recovers pretty fast. Unless you are
> expecting to see downtime a few times a week, go ahead. The node is also
> useful even if it is not having the guard flag yet.
> 
>  However, if you’re planning to run a node from your home, consider a
> few things. Forget about running an exit node: you will experience a
> heavy overblocking and hostility. And any node will bring some level of
> harassment, because ignorance is widespread. A second thing is that from
> time to time someone is trying to DoS nodes. In those 5 years I’ve seen
> a few of those, so I assume the average is like once per year of
> operation. Just accept the inevitable reality of running a node at home:
> there will be a day or a week in which you will observe thousands
> connections coming to your PC, all cores suddenly running at 100%
> without no apparent reason  Treat it as a way to gain experience.
> 
> ___
> tor-relays mailing list
> tor-relays@lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays



> Il giorno 27 gen 2020, alle ore 07:46, John Csuti 
>  ha scritto:
> 
> The stable flag refers to your fingerprint being up for long lived circuits. 
> Being on a dynamic up won’t change that. So in principle the stable flag 
> means that the server is up and reach able for most of the time no matter 
> what the address or IP may be.
> 
> Thanks,
> John Csuti
> 
>> On Jan 26, 2020, at 11:37 PM, Jonathan Marquardt  wrote:
>> 
> 
> ___
> tor-relays mailing list
> tor-relays@lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] New relay on dynamic IP address

[Mario Costa]

Hey David,

I don’t have unattended upgrades enabled since it’s a server I regularly access 
for other purposes, but I don’t see how this relates to a guardian relay 
running with a dynamic IP. Maybe you replied to the wrong message? :)

-m

> Il giorno 25 gen 2020, alle ore 02:04, David Poulsen  
> ha scritto:
> 
> hi m,
> did you use the docs about Part 3:
> 
> https://community.torproject.org/relay/setup/guard/debianubuntu/updates/
> 
> 3. Automatically reboot
> 
> If you want to automatically reboot add the following at the the end of the 
> file /etc/apt/apt.conf.d/50unattended-upgrades:
> 
>Unattended-Upgrade::Automatic-Reboot "true";
> 
> - or do i misunderstand something?
> 
> Regards
> David
> 
> Sent with ProtonMail Secure Email.
> 
> ‐‐‐ Original Message ‐‐‐
> On Thursday, January 23, 2020 2:19 PM, Mario Costa  
> wrote:
> 
>> Hello,
>> 
>> I started a new relay at home. I was really surprised to see it gain a Guard 
>> flag in about a week since it first came online. My first relay (on a VPS) 
>> became a Guard well over a month after I set it up. How can I assess what 
>> was different this time?
>> 
>> Also, I’m wondering what will happen when the dynamic IP changes. Sooner or 
>> later I’ll have a power outage or restart the modem. Last time my IP changed 
>> it happened overnight for no evident reason. Will this relay lose its flags? 
>> Is a really with a dynamic IP address useful at all?
>> 
>> Cheers,
>> 
>> -m
>> 
>> tor-relays mailing list
>> tor-relays@lists.torproject.org
>> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
> 
> 
> ___
> tor-relays mailing list
> tor-relays@lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

[tor-relays] New relay on dynamic IP address

[Mario Costa]

Hello,

I started a new relay at home. I was really surprised to see it gain a Guard 
flag in about a week since it first came online. My first relay (on a VPS) 
became a Guard well over a month after I set it up. How can I assess what was 
different this time?

Also, I’m wondering what will happen when the dynamic IP changes. Sooner or 
later I’ll have a power outage or restart the modem. Last time my IP changed it 
happened overnight for no evident reason. Will this relay lose its flags? Is a 
really with a dynamic IP address useful at all?

Cheers,

-m
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] New operator

[Mario Costa]

> Il giorno 21 nov 2019, alle ore 15:49, Matt Traudt  ha 
> scritto:
> 
> Thanks for running a bridge.
> 
> Check Tor's logs to make sure it is actually running and doesn't report
> issues. Search its hashed fingerprint on
> https://metrics.torproject.org/rs.html and make sure it is listed as up.
> Verify you did *not* set 'PublishServerDescriptor 0'. Verify you can use
> your bridge from outside your home. I once had a residential ISP that
> blocked inbound port 80 but not 443.

This actually made me realize that my home router would not properly forward 
ports 80 and 443 from outside. I could connect to my bridge from the LAN (even 
using my external IP) but not from outside. I had to change to a non-standard 
port, unfortunately, because apparently 80 and 443 are used by the router’s web 
GUI even if I disabled external access to it. That’s a shame because I 
understand that ports 80 and 443 are less likely to be blocked by censors.

However, it’s still not clear to me how I can confirm anyone is using the 
bridge. When I connect to it, all I see in nyx are OUTBOUND connections and not 
even one inbound connection (maybe that’s by design in order to protect 
connecting users' privacy, I don’t know).



signature.asc
Description: Message signed with OpenPGP
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

[tor-relays] New operator

[Mario Costa]

Hello everyone,

I have some newbie questions and I hope this is the right place to ask them.

I started operating a relay on my VPS for a bit more than a month and 
everything seems to be going well. I constantly have about 200 outbound and 
2000 inbound connections, but in nyx I almost never see any circuits. What does 
it mean? Do I see circuits only when someone is actually using my relay, i.e. 
in Tor Browser?

To further support the project I decided to run a bridge at home using a 
Raspberry Pi. How do I know when it is being used? I rarely see any traffic. 
Sometimes I see one outbound connection in nyx and some circuits open, but I 
never see an inbound connection to port 80 (the obfs4 port I chose). Why does 
the bridge have open circuits more often than the relay?

I couldn’t find any answers online, so I hope to clear things out here.

Regards,

m.
_
GPG fingerprint: 6C3B 0069 30C4 0F16 E5F6 690E 7D2E 100E C3C4 7105 



signature.asc
Description: Message signed with OpenPGP
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays