Re: [tor-relays] new Tor exit
2018-03-15 7:03 GMT+01:00 Arisbe : > > Here is my problem: The aforementioned relay has been on for nearly > 24-hours and not a single user has frequented my doorsteps. https://blog.torproject.org/lifecycle-new-relay ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] 100K circuit request per minute for hours killed my relay
Am 27.07.2017 um 19:48 schrieb Vort: >> This sort of thing has been going on for many years. I used to refer >> to it as "mobbing". As nearly as I was ever able to determine, the behavior >> is an unintended consequence of hidden services. > > Same thing started to happen today and I have noticed that 100% CPU > usage spikes happens every hour and lasts for several minutes. > During this spikes, all cores of CPU are used and stack trace points > somewhere at worker_thread_main() function. > Also today relay have more connections than usually (5500 vs 2000-3000). > Is this pattern matches the characteristics of hidden services work? Happened to my relay as well, performance was degraded quite a lot, i lost guard state Strange ... Sebastian ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Upgrading a relay and changing IP address
2017-05-18 13:15 GMT+02:00 Cristian Consonni : > > I am running the relays on VPS providers so, I can choose (only) among > the versions of Debian that are provided by the services as templates. > > It should be possible to upgrade to Jessie from the template. At least that is what I did on my maschine hosted as a VPS. Sebastian ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
[tor-relays] Lost guard flag, IPv6 problem?
Hi, my relay lost its guard flag and I don't know what might be the reason. The flag was lost before the last reboot (due to kernel upgrade) https://atlas.torproject.org/#details/7A32C9519D80CA458FC8B034A28F5F6815649A98 Any ideas on that? What bothers me too is: there is no IPv6 "Dir Address" although I did not change configuration. Some days ago, I hat IPv6 connectivity issues but they are resolved. Any hints on this? I am not sure if those problems are related to each other ... Thanks, Sebastian signature.asc Description: OpenPGP digital signature ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Reminder: If you are on 0.2.9.x, make sure you are running 0.2.9.9
2017-02-09 20:48 GMT+01:00 mick : > > Attempting an upgrade from 0.2.9.8 I get nothing. > > I have Jessie and tor from jessie-backports, tor version is 0.2.9.9. Sebastian ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Tor relay from home - end of experiment?
Am 14.12.2016 um 11:46 schrieb Rana: > They do, however, have different numbers as to how much traffic they can > carry; which in view of the above IMHO can be attributed only to the > difference in how well their respective IPSs connect with the ISPs in places > where DirAuths are located. What kind of connection are they attached to? DSL? Fiber? Cable? POTS/Modem? ... ? What kind of hardware is used to build the connection? One of these shiny pretty Netgear R7900? Sebastian signature.asc Description: OpenPGP digital signature ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Tor relay from home - end of experiment?
Am 13.12.2016 um 20:01 schrieb Rana: > Any other advice / ideas welcome. You have been asked for fingerpring or atlas link several times. signature.asc Description: OpenPGP digital signature ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Unwarranted discrimination of relays with dynamic IP
Am 04.12.2016 um 19:46 schrieb Rana: > Paul, you may be a very, very smart dude who needs no clarifications and I > may be a passive aggressive liberal fascist but you are totally wrong - I > have NO idea what "submit a patch" means https://lmgtfy.com/?q=submit+a+patch! signature.asc Description: OpenPGP digital signature ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Unwarranted discrimination of relays with dynamic IP
Am 04.12.2016 um 20:24 schrieb ane...@tutanota.de: > In Germany, it's quite usual that you have a dynamic IP and unusual that > you have static IP. Not just a few relays are located in Germany. It's > not just a question of frustration of owners of dynamic IP relay, but > also a matter of bandwith waste. If Tor cannot handle dynamic IPs > properly a lot of bandwith is not used. And bandwith is something that > the Tor network can not get enough of. In Soviet Russia, it's quite usual that you have a only IP over Avian Carriers (RFC 2549) and unusual that you have fibre to your home. Not that much relays are located in Soviet Russia. It's not just a question of frustration of owners connected via avian carriers but also a matter of bandwith waste and diversity. If Tor cannot handle avian carriers properly a lot of bandwith is not used. And bandwith and diversity is something that the Tor network can not get enough of. SCNR signature.asc Description: OpenPGP digital signature ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Unwarranted discrimination of relays with dynamic IP
Am 04.12.2016 um 19:50 schrieb Rana: > Since when is there a requirement for a relay operator to have "programming > skills"? This requirement does not exist. But there if you want make tor behave differently than it does, programming skills are welcome (but not necessary). > [tor] should say so and I would stop wasting my time. [...] > Otherwise, Tor should fix what's broken. Telling "tor" what it has to do will not work. For sure. Contribute nothing - expect nothing. Nobody feels obliged to change the code just to make tor behave as you like under your setup. (yes, I know, you are at least willing to contribute your bandwidth). You have to convince someone that your needs are worth to be implemented or just implement them on your own. Listening to explanations why tor behaves like it does and repeating your demands is possibly not the best way to contribute. Sebastian signature.asc Description: OpenPGP digital signature ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Unwarranted discrimination of relays with dynamic IP
Am 04.12.2016 um 17:54 schrieb Rana: > In short, if Tor Project does not want relays with dynamic IP, it > should say so and I would stop wasting my time. Otherwise, Tor > should fix what's broken. Please submit a patch. Thanks. Crying about what tor shold do to please you seems not very productive. Sebastian signature.asc Description: OpenPGP digital signature ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Useful metrics for relay operators
Am 01.09.2016 um 05:36 schrieb I: > Did someone mention t-shirts? I got my weather notification in January, recieved the t-shirt one week ago. Thanks! Sebastian signature.asc Description: OpenPGP digital signature ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
[tor-relays] DoS on my non-exit relay? Or just oversensitive DoS "protection"?
Hi, The provider of my non-exit "silentrocket" told me they temporarily disconnected the server from their network because of a DoS attack against the machine. https://atlas.torproject.org/#details/7A32C9519D80CA458FC8B034A28F5F6815649A98 They sent me some details of what they think is a DoS attack (date and time omitted ...): ### Attack type: DoS_IN Attacked IP: 82.223.21.74 ### Source Address Source Port Destination Address Destination Port Frames 193.171.202.146 TCP:9001 82.223.21.74 TCP:61078 21440736 176.10.104.243 TCP:443 82.223.21.74 TCP:25817 11203344 185.29.8.132TCP:443 82.223.21.74 TCP:56708 8160360 58.58.170.2 TCP:443 82.223.21.74 TCP:61980 7840824 144.76.14.145 TCP:143 82.223.21.74 TCP:19866 6240664 195.154.209.91 TCP:443 82.223.21.74 TCP:20229 4808568 192.42.113.102 TCP:9001 82.223.21.74 TCP:62658 4328568 83.146.80.152 TCP:39898 82.223.21.74 TCP:90013041584 87.98.162.251 TCP:443 82.223.21.74 TCP:60948 2240040 188.138.9.49TCP:9001 82.223.21.74 TCP:13349 224 93.145.122.187 TCP:60469 82.223.21.74 TCP:90011920016 104.236.92.66 TCP:1337 82.223.21.74 TCP:48838 1760248 5.248.227.163 TCP:9001 82.223.21.74 TCP:28976 1760240 109.104.12.92 TCP:9001 82.223.21.74 TCP:15808 1601224 46.101.237.246 TCP:9001 82.223.21.74 TCP:18393 1600784 212.47.239.187 TCP:443 82.223.21.74 TCP:6669160 212.117.180.130 TCP:443 82.223.21.74 TCP:37114 144 37.187.17.67TCP:38547 82.223.21.74 TCP:90011281176 37.157.193.107 TCP:49192 82.223.21.74 TCP:9001804896 193.11.164.243 TCP:9001 82.223.21.74 TCP:62265 800040 I am not sure whether it really looks like a DoS attack or if is just many "normal" tor packets hammering on the small server which are misunderstood as a DoS. They are coming from a remote's maschines tor port and going to some random port om my server suggesting the packets are simply a reply to some connection my server opened. The server ran fine for several months but now I get a disconnection notice several times a day. Maybe there is really a DoS, maybe their automatic DoS protection reacts too fast, maybe they are just fed up with the traffic the relay causes and want to make things hard for me. Do you have any (educated) guesses what might be going on here? Thank you very much, Sebastian signature.asc Description: OpenPGP digital signature ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] TOR router install without access to root
Am 25.05.2016 um 10:28 schrieb Markus Koch: > Thank you. What about the config filez in /etc/tor/ ... /etc/ should be root > only? The user runnng tor must be able to read them. $DataDir has to be rw Sebastian signature.asc Description: OpenPGP digital signature ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] TOR router install without access to root
Am 25.05.2016 um 10:16 schrieb Markus Koch: > Linux, would like to upgrade my accounts at feralhosting.com with tor > nodes. It must be possible because there are a lot of TOR nodes on > feral. No clue what kind of linux they are using but you are right, I > needed root for my other 6 TOR servers and I am just wondering if > there is a way around it, if not I just ask them to install it for me > :) tor does not require root permission to be run properly. I just started it as user on my debian maschine. Make sure not to use port numbers below 1025. Sebastian signature.asc Description: OpenPGP digital signature ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Weird relay outage
Am 26.03.2016 um 13:38 schrieb Xza: > Suddenly my relay lost all it's flags plus weird bandwidth drops while the > network is fully intact. > Tor version 0.2.7.6 - Ubuntu server 14.04 Do you have any question? Just want to share an observation? Anything we might have a look on? Sebastian signature.asc Description: OpenPGP digital signature ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Bandwidth Fallen Off Drastically
Am 14.03.2016 um 17:19 schrieb Daryl Styrk: > Didn't some University just drop 5000 relays into the network? Not sure if this might be the reason but I obeserved the consensus weight of my mittle relay drop to half of its previous value. Server and network configuration has not been changed, no downtime. https://atlas.torproject.org/#details/7A32C9519D80CA458FC8B034A28F5F6815649A98 The amount of data transferred dropped not that much. Sebastian signature.asc Description: OpenPGP digital signature ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Network Bandwidth Fine Tuning
Am 02.03.2016 um 15:25 schrieb Tristan: > Maybe this article from the Tor FAQ will help: > http://archives.seul.org/or/relays/Aug-2010/msg00034.html Thanks. > According to the article, Tor can only get 100Mbps per CPU core, and Tor > doesn't use any more than 2 cores because it's not fully multithreaded. I only have one core (on a vmware virtual server) but I am far from 100 Mbps: niehaus@rocket:~$ cat /proc/cpuinfo processor : 0 vendor_id : GenuineIntel cpu family : 6 model : 58 model name : Intel(R) Xeon(R) CPU E5-2683 v3 @ 2.00GHz stepping: 0 microcode : 0x2b cpu MHz : 1997.686 cache size : 35840 KB physical id : 0 siblings: 1 core id : 0 cpu cores : 1 apicid : 0 initial apicid : 0 fpu : yes fpu_exception : yes cpuid level : 13 wp : yes flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts mmx fxsr sse sse2 ss syscall nx rdtscp lm constant_tsc arch_perfmon pebs bts nopl xtopology tsc_reliable nonstop_tsc aperfmperf pni pclmulqdq ssse3 cx16 pcid sse4_1 sse4_2 x2apic popcnt aes xsave avx f16c rdrand hypervisor lahf_lm ida arat epb pln pts dtherm fsgsbase smep bogomips: 3995.37 clflush size: 64 cache_alignment : 64 address sizes : 40 bits physical, 48 bits virtual power management: > You can only run 2 instances of Tor on the same IP address, which means > a maximum of 800Mbps, if you do it right. I have only one instance but with one core it probably is pointless to run more instances ... Sebastian signature.asc Description: OpenPGP digital signature ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Network Bandwidth Fine Tuning
Am 29.02.2016 um 00:15 schrieb Moritz Bartl: > It can take up to roughly a month before a new relay reaches its 'final' > throughput levels. See > https://blog.torproject.org/blog/lifecycle-of-a-new-relay for details. I am surprised as well because my middle relay has quite a low traffic, at least not as much a I expect. https://atlas.torproject.org/#details/7A32C9519D80CA458FC8B034A28F5F6815649A98 Advertised Bandwidth: 7.74 MB/s but it should do more It is quite a small box but always has free memory left: niehaus@rocket:~$ vmstat procs ---memory-- ---swap-- -io -system-- --cpu- r b swpd free buff cache si sobibo in cs us sy id wa st 0 0 185600 93328 4112 73220011112 61 21 5 4 91 0 0 The highes percentage of CPU use in top I have seen is about 15%, there is quite a lot idle time left. AES is supported in hardware, network speed is okay; niehaus@rocket:~$ bin/speedtest-cli Retrieving speedtest.net configuration... Retrieving speedtest.net server list... Testing from arsys.es (82.223.21.74)... Selecting best server based on latency... Hosted by Vodafone Spain (Madrid) [0.00 km]: 7.529 ms Testing download speed Download: 385.85 Mbit/s Testing upload speed.. Upload: 242.09 Mbit/s niehaus@rocket:~$ Anything I can do to donate more bandwith? Any more information you need? -- Sebastian Niehaus Am Freibad West 80 38440 Wolfsburg signature.asc Description: OpenPGP digital signature ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Network Bandwidth Fine Tuning
Am 28.02.2016 um 02:14 schrieb stea...@nym.mixmin.net: > root$ speedtest-cli Do not do ervrything as root ... -- Sebastian Niehaus Am Freibad West 80 38440 Wolfsburg signature.asc Description: OpenPGP digital signature ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] tor middle node question
Am 27.01.2016 um 06:22 schrieb Operator AnonymizedIoExitCA1: > [ http://project.torstatus.kgprog.com/ ] > at the end of the website does not work. Anybody know where/how > the source code is available? https://github.com/KenanSulayman/torstatus HTH, Sebastian signature.asc Description: OpenPGP digital signature ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] tor middle node question
Am 27.01.2016 um 09:39 schrieb Sebastian Niehaus: > Am 27.01.2016 um 06:22 schrieb Operator AnonymizedIoExitCA1: >> [ http://project.torstatus.kgprog.com/ ] > >> at the end of the website does not work. Anybody know where/how >> the source code is available? > > https://github.com/KenanSulayman/torstatus and https://svn.torproject.org/svn/torstatus/ HTH, Sebastian signature.asc Description: OpenPGP digital signature ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays