Currently running both a guard relay and a bridge, one each on two different systems, but both behind the same firewall and static IP.
Curious if this is a good idea, or if one or the other is of much greater value.
Seeing about 2200 inbound, 2800 outbound connections on my relay per nyx, with an observed speed of 5 MB/s (only a few days into the guard ramp-up phase)
Seeing about 20 connected clients on the bridge, which is advertising 2.2 MiB/s per the metrics page. R/W rates around around 150k per that same page, about 1/4th of the average on the guard relay.
Thoughts?
What is this? Should I allow the external world access to the specified port?
On 19 Mar 2022, 07:54 +0000, Thoughts thoughts@kevinsthoughts.com, wrote:
What is this? Should I allow the external world access to the specified port?
Hello,
Per the bridge setup instructions page[1], the ExtOrPort setting is a local communication port between Tor and obfs4. You should set it to "auto" in your torrc file, and it should NOT be accessible to the open world.
[1] https://community.torproject.org/relay/setup/bridge/debian-ubuntu/
tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
On Friday, March 18th, 2022 at 23:06, Thoughts thoughts@kevinsthoughts.com wrote:
Currently running both a guard relay and a bridge, one each on two
different systems, but both behind the same firewall and static IP.
Curious if this is a good idea, or if one or the other is of much
greater value.
(Guard) Relay IP addresses are publicly available to anyone. Running a bridge on an IP address that is already publicly known to run Tor, kind of defeats the purpose of a bridge: to allow people to connect from regions that block Tor.
Seeing about 2200 inbound, 2800 outbound connections on my relay per
nyx, with an observed speed of 5 MB/s (only a few days into the guard
ramp-up phase)
Seeing about 20 connected clients on the bridge, which is advertising
2.2 MiB/s per the metrics page. R/W rates around around 150k per that
same page, about 1/4th of the average on the guard relay.
Thoughts?
I see similar results (within a factor of 2) for an obfs4 bridge here.
Hi,
IMHO, this is not a good idea. Tor relay IPs are public, so they are likely to be blocked as part of censorship in some countries. This will greatly reduce the usefulness of the bridge running on the same IP. Running both at the same time on the same public IP does not add much value.
If you are running this on your home network, I recommend running a bridge only. Now the problem is that your public IP is already known as a Tor node, so switching to running just a bridge at this point will not help that much.
Running a non-exit relay from your home is also mostly (legally) safe, but be prepared to encounter problems with some websites. Some sites/CDNs block all Tor node IP addresses, not just exits, out of laziness/stupidity/etc.
Best regards, KA.
------- Original Message -------
On Saturday, March 19th, 2022 at 12:06 AM, Thoughts thoughts@kevinsthoughts.com wrote:
Currently running both a guard relay and a bridge, one each on two
different systems, but both behind the same firewall and static IP.
Curious if this is a good idea, or if one or the other is of much
greater value.
tor-relays@lists.torproject.org
-
dmz21 -
KA relay OP -
Spydar007 -
Thoughts