On Thursday, February 2, 2012 9:41am, "Goulven Guillard" lecotegougdelaforce@free.Fr said:
Thanks for all the replies. I'll give it a try as a middle node for a start (as soon as my ISP fixes my intempestive deconnection issue…).
Is an exit node is more CPU(/RAM ?) consuming than a middle one ?
Yes. At minimum the exit node must do DNS look-ups for the destinations. Part of the anonymity is that you as an exit node determine which IP address is associated with "www.yahoo.com", not the originating node. That doesn't take much CPU (apart from the crypto of DNSSEC) but it does take some CPU time, and a little bandwidth too. Also, the packet payload must be decrypted for transmission to the destination address.
Assuming it is the case, as it seems that Tor does need more exit nodes, what would be best (in a Tor perspective) for a given CPU/RAM consumption : an exit node with lower bandwidth or a middle node with more bandwidth ?
Tor does need exit nodes. The graphs on Tor statistics page show that only a quarter of Tor nodes are running as exits. That said, if this is on a residential internet connection you might not want to be an exit node. A few web sites blacklist the IP addresses of Tor exit nodes because they don't want anonymous traffic for whatever reason. Likely you won't encounter such a site in your personal surfing, but you should be aware that publicly announcing yourself as a Tor exit node may constrain you.
Concerning OpenSSL's performance the Sheevaplug's Marvell Kirkwood CPU seems to have a hardware crypto engine which can be used thanks to cryptodev-linux, apparently this may help.
I read a lot of complains from people who say their crypto engine isn't being recognized/used by OpenSSL. (Of course, unhappy people are more prone to posting than happy ones.) You might want to run OpenSSL's speed test to verify that you really are getting the benefit of your hardware crypto support.