grarpamp grarpamp@gmail.com wrote:
On Mon, Oct 2, 2017 at 3:53 AM, Santiago santiagorr@riseup.net wrote:
And you can only have 2 tor instances per public IPv4 address.
Why? Is there any place where I can find this kind of info?
Read the archives of this list linked at the bottom of every message. As an operator you'll find lots more interesting subjects there too.
Maybe it's another issue, but I have recently tried to run a second relay behind the same IPv4 address than my first relay, and the connection quality strongly diminished. I suppose my ISP equipment was not able to handle the two relays on NAT, but I would need to investigate further.
Huh? What kind of ISP NATs its customers' connections? Your ISP should be assigning your machine/router a legitimate, unique IPv4 address. The assignment is often, even usually, a temporary assignment via DHCP, but it should not be a private address. If NAT is a factor, that should happen at the boundary of your own private network, not at an ISP's facility.
Lots of hardware for use in the home, whether ISP provided or bought from wherever by the user, has been known to fall over under load, cable / dsl / fiber modems, whether in bridge or router modes, wifi, etc.
For tor you need to test with tens to hundreds of TCP connections or more in parallel. The simple online "speedtests" don't do that. One way is to load up increasing numbers of opensource Unix iso's, conference videos, whatever... into whatever torrent client and watch the stats. If upon passing the expected / required number of connections, it starts falling significantly off the maximum recorded speed, never recovers when unloaded, locks up, reboots, melts / smokes / combusts, etc... then try another brand.
I'll second the above comments. Most of those little router boxes are running some form of LINUX or FreeBSD as an embedded configuration, which includes swapping and paging being disabled due to the absence of secondary storage. All of them have limited RAM. One typical problem with running tor on a NATed machine behind such a device is that the NAT table grows until all of the real memory on the device has been consumed and there is no more room for new NAT entries.
Or instead of router mode, try bridge mode feeding into any old pc running [Free]BSD / Linux to do the functions of routing, wifi, firewall, nat, dhcp, dns, etc... this may often perform better and give more flexibility.
Yes, and because there is secondary storage (HDD and/or SSD), paging is available if the routing functions' memory needs grow larger than the available real memory. Home electronics store routers cannot hold a candle to a full OS with a decent packet filter.
Scott Bennett, Comm. ASMELG, CFIAG ********************************************************************** * Internet: bennett at sdf.org *xor* bennett at freeshell.org * *--------------------------------------------------------------------* * "A well regulated and disciplined militia, is at all times a good * * objection to the introduction of that bane of all free governments * * -- a standing army." * * -- Gov. John Hancock, New York Journal, 28 January 1790 * **********************************************************************