Hi Neel
My relay runs FreeBSD 11.2 and Tor runs in a "jail".
Jails are perfect for that! I observed the host Freebsd tcp stack is strong enough for more than 500Mbit/s in AND out.
I am using AESNI and Tor is configured to use OpenSSL cryptodev.
Does crypto run? On log info you should find the following entry during start:
[info] crypto_openssl_init_engines: Initializing dynamic OpenSSL engine "dynamic" acceleration support. [info] crypto_openssl_init_engines: Loaded dynamic OpenSSL engine "dynamic".
After finding this message you can switch to notice and restart.
- I want to keep using FreeBSD on my server and do not want to run Linux
+1
- I would prefer to have a single instance, but can use multiple if I have to
It's BSD, so may-be consider to go for libressl from ports (which does not support the crypto engine). And then use 2 instances per ip. Better for diversity ;)
- My server supports hardware accelerated AES and SHA. I am using this on FreeBSD with the aesni kernel module and Tor with "HardwareAccel 1" and "AccelName cryptodev"
A toorc can look like: RelayBandwidthRate 0 RelayBandwidthBurst 0 HardwareAccel 1 AccelName dynamic Log info file /var/log/tor/info