Hi,
my personnal experience with many many instances on never redundant
hardware (I know diversity in hardware, locations...):
This is Exit specific:
1) never more than 4GB ram per core and never less than 2 cores per IP,
let me explain:
a) most people will tell you that instances run per
Hi,
Imo mobile chips with mostly low-performance 'efficient cores' are a suboptimal
fit for running Tor at scale. A couple of reasons:
- Performance between the different core types (efficient vs. performance) is
very different. You would need to lock Tor processes to specific cores and
accept
On 7/10/24 00:32, Osservatorio Nessuno via tor-relays wrote:
In both cases with 32GB of DDR5 RAM (we can max to 64 if needed, but is
it?).
IMO 4 GiB RAM per tor process is needed, with 2 GiB I sometimes
experienced an OOM.
--
Toralf
___
tor-relays
On Mittwoch, 10. Juli 2024 00:32:04 CEST Osservatorio Nessuno via tor-relays
wrote:
> we are planning to get some hardware to run a physical Tor exit node,
> starting with a 1Gbps dedicated, unmetered uplink (10Gbps downlink). We
> will also route a /24 on it, so we will have large availability o
Hi everyone,
we are planning to get some hardware to run a physical Tor exit node,
starting with a 1Gbps dedicated, unmetered uplink (10Gbps downlink). We
will also route a /24 on it, so we will have large availability of
addresses to run multiple instances. We have been running a few exit
nod
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
>Since this is virtualization, make sure that features such as AES
>acceleration are active.
Yes, I have tested that. Is active.
>The number of cores is not really relevant since Tor is not
>multi-threaded. The EPYC 7702 can boost up to 3.35 GHz
Elias via tor-relays wrote:
> This is actually not a "real" root server, it's a KVM server (of
> course). The CPU is an AMD EPYC 7702 with 2 dedicated cores per
> server@3,35GHz.
Since this is virtualization, make sure that features such as AES
acceleration are active.
The number of cores is no
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Thank you for your suggestions, Gary.
This is actually not a "real" root server, it's a KVM server (of course). The
CPU is an AMD EPYC 7702 with 2 dedicated cores per server@3,35GHz. I chose this
server because the bandwith is unmetered and it's
The following are some of the more important config options that I use for such
a small middle relay:
# Tor: A non-exit relay should be able to handle 7000 concurrent connections
ulimit -n 65535
DirCache 0
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
I'm sorry that I now spam the mailing list, but I made a mistake.
I'm of course NOT logging at debug level, it's just one logfile (notices.log).
I logged debug when I was running the relay on the VPS because I wanted to know
why it crashed all the
I just read this research paper, maybe it's worth thinking about some kind of
implementation of this approach some time in the future.
It's an interesting read anyway.
uwspace.uwaterloo.ca/bitstream/handle/10012/16108/Engler_Steven.pdf
Regards
___
tor-r
Hi Gary,
thank you for your response.
I think I just worry too much.
I watched my relay all the time today, I had bandwidth usage of 30MB/s at times
and HTOP showed me a Load average of 0.29/0.29/0.30. I know that this is
totally fine for a dual core.
The relay is up and running for 3 days and 8
It's surprising that you're running into CPU issues. It's typically RAM that is
exhausted first.
I have 5 x Dual Core 256MB Tor Relay Nodes loadbalanced as a Single Middle
Relay that never have CPU issues. It's always a matter of running out of RAM
for me. The loadbalanced Tor Relay maintai
Hi everyone,
about two weeks ago, I signed up for a VPS with a cloud provider and set up a
Tor relay. I installed Debian 11 Bullseye, secured it, and then set up Tor
0.4.6.8 and started the relay.
The VPS had the following specs: 1vCore, 2GB RAM, 40TB traffic per month on a
1Gbit/s link. I throt
Hi Christian,
a AMD EPYC 7642 should be able to saturate that 20 GBit/s connection
fine, Mainboard depends on what you prefer. Supermicro, HP and so on
have all Mainboards for that CPU, so choose the one you prefer.
On 06.11.2019 00:15, Christian Pietsch wrote:
Dear Tor friends,
the NGO I a
Hello Christian,
please also report back with the information you found out. I am also
pretty interested, running Tor Exits for various German NGOs this really
is a topic I am interested in.
Currently the fastests Exit I operate in Germany is "only" doing a
little more than 30MiB/s I think. But it
Dear Tor friends,
the NGO I am volunteering for (Digitalcourage e.V.) has been running
modest Tor exits for many years. Now we finally have the opportunity
to run a high-bandwidth exit relay because we found a data center with
a nice internet connection (20 Gbit/s) we may use.
My question is: Wha
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
> I figured that the CPU is so busy because the vserver doesn't have
> AES-NI, which I confirmed by some command I run (forgot the
> command).
>
> So I thought I might wanna move that relay to another server, maybe
> at the same hoster to get highe
On March 26, 2015 8:59:45 PM yl wrote:
Hi,
Hello,
I clicked myself a cheap vserver 20 days ago and it runs Tor since then.
I mainly did this to play a bit with the relay, try around and so. I
took over another relay a while ago, an exit, I don't want to try around
on that.
It runs well, I got
Hello,
I clicked myself a cheap vserver 20 days ago and it runs Tor since then.
I mainly did this to play a bit with the relay, try around and so. I
took over another relay a while ago, an exit, I don't want to try around
on that.
It runs well, I got about 4,4 TB data up AND down since then, I hav
Happily, it DOES appear that there may be some hope for the Allwinner A20 based
Cubieboard 2 (I haven't checked for the original Cubieboard yet):
"The Security System (SS) is one encrypt/ decrypt function accelerator that is
suitable for a variety of
applications. It supports both encryption and
> The RasPi is nice but it's also not terribly powerful. It definitely
> has its limits. For example, I found out the hard way last weekend
> that trying to run an Etherpad-Lite on a RasPi is a great way to run
> one into the ground...
I have a RasPi Model B Rev 2 running etherpad-lite and a Tor
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 10/01/2013 10:02 PM, Gordon Morehouse wrote:
> I'm interested if there are any hardware accelerators in either
> the Raspberry Pi (which needs all the help it can get) or the
> Cubieboard 2 (A20-based).
To the best of my knowledge, no.
http://www.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
The pi doesn't have any as I'm aware of, I was looking into any and
all small boards that posses the marvell kirkwood chipset which is
supported by cryptodev module which openssl can be compiled to utilize.
The cheapest one seems to be the v2 pogoplug,
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
I'm interested if there are any hardware accelerators in either the
Raspberry Pi (which needs all the help it can get) or the Cubieboard 2
(A20-based).
Best,
- -Gordon M.
Joshua Datko:
> I was looking into this for the BeagleBone black [1], which
I was looking into this for the BeagleBone black [1], which has
on-chip accelerators for AES, SHA (1 I think), and md5. The TI
processor also has a HWRNG. My belief was that by using the cryptodev
kernel module [2] I could get this working, but I ran in some issues
building the kernel and then I
On 2013-10-01 21:20, Andy Isaacson wrote:
> On Tue, Oct 01, 2013 at 06:45:52PM +, jason wrote:
>> I'm not sure why I missed this first post but I'm very interested in
>> working on this project with whomever is interested. I bought a
>> pogoplug v2 specifically to test it's usefulness as a tor
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I would love to do all this actually but I never managed to get the hw
accelerated crypto (ssl/tls) bits working to experiment with. I'd be
up for restarting this if I knew I could consult with one or two
others who had a genuine interest in this.
- -J
On Tue, Oct 01, 2013 at 06:45:52PM +, jason wrote:
> I'm not sure why I missed this first post but I'm very interested in
> working on this project with whomever is interested. I bought a
> pogoplug v2 specifically to test it's usefulness as a tor exit or relay.
First step is, run "openssl sp
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I'm not sure why I missed this first post but I'm very interested in
working on this project with whomever is interested. I bought a
pogoplug v2 specifically to test it's usefulness as a tor exit or relay.
- -Jason
On 10/01/2013 06:39 PM, Andy Isaacs
On Fri, Sep 13, 2013 at 12:25:47AM +0200, Sarah Vigote wrote:
> I would like to run a 100Mb/s tor exit node, but I have issues wrt
> power consumption.
>
> reading
> http://ortizaudio.blogspot.fr/2011/10/using-dreamplugs-crypto-chip.html
> it seems dreamplugs has *fast* aes-128-ecb.
>
> Does anyo
Am Fri, 13 Sep 2013 00:25:47 +0200
schrieb Sarah Vigote :
I once meassured the performance of the padlock crypto chip
on a VIA Esther C7 1500 MHz processor. Result:
AES-128 cbc with padlock is about 14 times faster compared to the C7
with padlock disabled.
regards,
Fabian
> hi,
>
> I would like
hi,
I would like to run a 100Mb/s tor exit node, but I have issues wrt
power consumption.
reading
http://ortizaudio.blogspot.fr/2011/10/using-dreamplugs-crypto-chip.html
it seems dreamplugs has *fast* aes-128-ecb.
Does anyone have any experience running a node based on cheap crypto
chip (dreampl
>> A10-6800K (4 x 4.1GHz) would be decent.
>
> It doesn't seem to support ECC
It doesn't. And for those that recognize its importance, that's
been an kind of weakness of AMD for some time. Actually
for both AMD and Intel, it's treated as a price premium
instead of just 8+n extra gates and logic.
On 12.07.2013 08:02, Mike Perry wrote:
> This sounds right (~100Mbit per CPU core without AES-NI), but it would
> be good to hear Moritz weigh in here with some additional datapoints for
> AES-NI. Last I heard, AES-NI gets you ~300Mbit per core, but I have no
> direct experience myself.
Yes, 300Mb
On Fri, Jul 12, 2013 at 06:45:58PM -0400, grarpamp wrote:
> > AMD doesn't seem to make any server CPUs that are useful for this
> > application, unfortunately.
>
> Really, how so? Many AMD CPU's have AES-NI. Even the
> A10-6800K (4 x 4.1GHz) would be decent.
That's not a server CPU. It doesn't s
> AMD doesn't seem to make any server CPUs that are useful for this
> application, unfortunately.
Really, how so? Many AMD CPU's have AES-NI. Even the
A10-6800K (4 x 4.1GHz) would be decent. That plus an a85x
mainboard (1Gbit) and 8GB ddr3-2133 is $300. Add some
case+ps.
https://en.wikipedia.org/
Andy Isaacson:
> On Thu, Jul 11, 2013 at 08:46:20PM +0200, Andreas Fink wrote:
> > can someone give me hints on what hardware would be best suited to run
> > big fat tor exit nodes connected with multiple 1gbps or 10gps links?
> > We are considering putting some fat boxes near major internet
> > ex
On Thu, Jul 11, 2013 at 08:46:20PM +0200, Andreas Fink wrote:
> can someone give me hints on what hardware would be best suited to run
> big fat tor exit nodes connected with multiple 1gbps or 10gps links?
> We are considering putting some fat boxes near major internet
> exchanges of the world.
Mo
can someone give me hints on what hardware would be best suited to run big fat
tor exit nodes connected with multiple 1gbps or 10gps links? We are considering
putting some fat boxes near major internet exchanges of the world.
sent from iPhone
___
tor
On Apr 1, 2012, at 2:22 PM, Sebastian Urbach wrote:
> Hi Sebastian,
oh hai.
> Do you know if this
> applies to the released 0.3.13-alpha version from the 26th of March ?
It does not, that's why I said it isn't in any released version of tor.
The next one should contain it, until then you're for
Am Sat, 31 Mar 2012 21:52:16 +0200
schrieb Sebastian Hahn :
Hi Sebastian,
And no, im not talking with myself ;-)
> the situation is indeed a bit confusing with openssl 1.0.1. Aesni
> isn't a module anymore, so the hardware accel options no longer
> apply. Tor master (not yet in any released vers
On Mar 31, 2012, at 9:32 PM, Sebastian Urbach wrote:
> Hi,
>
> I want to use the "hardware accel" feature with the actual tor alpha
> version 0.2.3.12-alpha1. My CPUs support the Intel AES NI function
> and the kernel module is enabled and running well.
>
> Im running OpenSSL 1.0.1, the debian
Hi,
I want to use the "hardware accel" feature with the actual tor alpha
version 0.2.3.12-alpha1. My CPUs support the Intel AES NI function
and the kernel module is enabled and running well.
Im running OpenSSL 1.0.1, the debian dev told me that there is
no dynamic loadable aes ni shipped though i
44 matches
Mail list logo
