Hey guys,
currently I am working on a private Tor setup and I repeatedly run into
issues with the circuit buildup procedure (it's Tor
0.3.5.7 on linux, the setup consists of several debian jessie VMs).
The setup is as follows:
1 Client, 2 V3 Authorities, 6 Relays of which 3 have the ExitRelay 1
option set.
In the torrc configs of all relays I define a list of fixed exits
TestingDirAuthVoteExit and fixed guards TestingDirAuthVoteGuard and I
use DirAuthority to fix the two V3 authorities of my setup.
All nodes bootstrap properly and reach 100%, the authorities both manage
to vote and exchange information. Also the relays and the client
bootstrap to 100%. Nevertheless, the consensus seems to lack relays with
guard flags:
Feb 12 10:35:56.000 [notice] I learned some more directory information,
but not enough to build a circuit: We need more microdescriptors: we
have 2/2, and can only build 0% of likely paths. (We have 0% of guards
bw, 100% of midpoint bw, and 100% of end bw (no exits in consensus,
using mid) = 0% of path bw.)
Because of this, no default circuits can be built in the client or the
relays in all logs the following message appears every second:
[warn] Failed to find node for hop #1 of our path. Discarding this
circuit.
Google says it might be an ntp-sync problem. The VMs are not connected
to the Internet (but can talk to each other), so I made sure that all
machines are in sync and use the firewall as NTP server. Sync shouldn't
be the problem.
In the data_dir/state file I see several guard entries:
Guard in=default rsa_id=[...] nickname=auth01
sampled_on=2019-01-17T18:33:12 sampled_by=0.3.5.7 listed=1
Guard in=default rsa_id=[...] nickname=relay03
sampled_on=2019-01-22T17:17:10 sampled_by=0.3.5.7
unlisted_since=2019-01-27T11:00:36 listed=0
Guard in=default rsa_id=[...] nickname=relay02
sampled_on=2019-01-24T22:19:10 sampled_by=0.3.5.7
unlisted_since=2019-01-29T09:08:59 listed=0
Guard in=default rsa_id=[...] nickname=relay03
sampled_on=2019-02-06T21:07:36 sampled_by=0.3.5.7 listed=1
Guard in=default rsa_id=[...] nickname=relay05
sampled_on=2019-01-27T16:37:38 sampled_by=0.3.5.7 listed=1
The client also seems to receive a complete consensus, at least all
fingerprints of my setup show up if I fetch the file manually.
Please find below an example of the configs I use for the different
nodes.
Any help or hints would be great :)
Thanks,
Katharina
# DIRECTORIES, LOGGING
SafeLogging 0
ProtocolWarnings 1
DisableDebuggerAttachment 0
DataDirectory /var/lib/tor
PidFile /var/lib/tor/pid
Log notice file /var/lib/tor/notice.log
Log info file /var/lib/tor/info.log
# CONTACT
ContactInfo ...
# GENERAL
RunAsDaemon 1
AssumeReachable 1
ConnLimit 60
MaxMemInQueues 1507 MB
ShutdownWaitLength 0
HashedControlPassword ...
# FIXED AUTH
DirAuthority auth01 orport=5000 no-v2 v3ident=... ...:7000
B218B78864CEF4397CEE0AEF61703459EEE64E38
DirAuthority auth02 orport=5000 no-v2 v3ident=... ...:7000
431E50CDBB0B6FFDD0284A45ABEC875136D980E8
TestingDirAuthVoteExit
2B74825BE33752B21D17713F88D101F3BADC79BC,E4B1152CDF0E5FE697A3E916716FC363A2A0ACF3,7353D324677B9E7A9A50240339C2C7366B381F64
TestingDirAuthVoteGuard
911EDA6CB639AAE955517F02AA4D651E0F7F6EFD,C122CBB79DC660621E352D401AD7F781F8F6D62D,8E574F0C428D235782061F44B2D20A66E4336993
# PORTS
OrPort 5000
ControlPort 9051
SocksPort 9050
# FLAGS
ExitRelay 1
Nickname ...
Address ...
_______________________________________________
tor-dev mailing list
tor-dev@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
