I just started a relay (non-exit node, not running a client myself), on Windows, using the latest Vidalia Relay Bundle. Looks like from the configuration, given that I'm running in relay mode, there should be only two ports used by Tor (OrPort and DirPort), right? However, when I run "netstat -ano", I see that the Tor process is using up a lot more ports.
There are these connections, from 127.0.0.1 back to itself. Some sort of internal process used by Tor? Not as concerned about these, since these are internal. But still curious.
TCP 127.0.0.1:63417 127.0.0.1:63418 ESTABLISHED TCP 127.0.0.1:63418 127.0.0.1:63417 ESTABLISHED TCP 127.0.0.1:63419 127.0.0.1:63420 ESTABLISHED
But then I see connections like these: TCP 192.168.1.202:55049 174.136.105.86:9001 ESTABLISHED TCP 192.168.1.202:56804 37.128.208.46:9002 ESTABLISHED TCP 192.168.1.202:56896 171.25.193.9:80 ESTABLISHED TCP 192.168.1.202:57113 109.232.224.74:9001 ESTABLISHED TCP 192.168.1.202:57206 91.227.249.44:9001 ESTABLISHED TCP 192.168.1.202:57221 67.164.46.197:9001 ESTABLISHED TCP 192.168.1.202:57253 128.31.0.34:9101 ESTABLISHED TCP 192.168.1.202:57259 204.124.83.132:587 ESTABLISHED TCP 192.168.1.202:57260 128.232.18.57:9001 ESTABLISHED TCP 192.168.1.202:57309 204.124.83.131:443 ESTABLISHED TCP 192.168.1.202:57331 81.24.98.236:9001 ESTABLISHED
These appear to be the actual Tor relay traffic (192.168.1.202 is my computer). Why are these using ports in the 55000+ range, when I specified my OrPort to be a singular value (in my case, 9031)? I would like to know the port ranges used by Tor for relay traffic, so I can use my dd-wrt to set the QoS by specifying these Tor port ranges.
Thanks,
DW
Tor will use many unblocked ports for outbound traffic I'm guessing. I think that dd-wrt will open any port that Tor requests if you use port triggering.
On Sun, May 12, 2013 at 4:45 PM, Daniel Wu dw2345@gmail.com wrote:
I just started a relay (non-exit node, not running a client myself), on Windows, using the latest Vidalia Relay Bundle. Looks like from the configuration, given that I'm running in relay mode, there should be only two ports used by Tor (OrPort and DirPort), right? However, when I run "netstat -ano", I see that the Tor process is using up a lot more ports.
There are these connections, from 127.0.0.1 back to itself. Some sort of internal process used by Tor? Not as concerned about these, since these are internal. But still curious.
TCP 127.0.0.1:63417 127.0.0.1:63418 ESTABLISHED TCP 127.0.0.1:63418 127.0.0.1:63417 ESTABLISHED TCP 127.0.0.1:63419 127.0.0.1:63420 ESTABLISHED
But then I see connections like these: TCP 192.168.1.202:55049 174.136.105.86:9001 ESTABLISHED TCP 192.168.1.202:56804 37.128.208.46:9002 ESTABLISHED TCP 192.168.1.202:56896 171.25.193.9:80 ESTABLISHED TCP 192.168.1.202:57113 109.232.224.74:9001 ESTABLISHED TCP 192.168.1.202:57206 91.227.249.44:9001 ESTABLISHED TCP 192.168.1.202:57221 67.164.46.197:9001 ESTABLISHED TCP 192.168.1.202:57253 128.31.0.34:9101 ESTABLISHED TCP 192.168.1.202:57259 204.124.83.132:587 ESTABLISHED TCP 192.168.1.202:57260 128.232.18.57:9001 ESTABLISHED TCP 192.168.1.202:57309 204.124.83.131:443 ESTABLISHED TCP 192.168.1.202:57331 81.24.98.236:9001 ESTABLISHED
These appear to be the actual Tor relay traffic (192.168.1.202 is my computer). Why are these using ports in the 55000+ range, when I specified my OrPort to be a singular value (in my case, 9031)? I would like to know the port ranges used by Tor for relay traffic, so I can use my dd-wrt to set the QoS by specifying these Tor port ranges.
Thanks,
DW
tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Is there any way to configure which range of ports Tor uses for outgoing relay traffic?
On Sun, May 12, 2013 at 2:28 PM, Richard Budd rotorbudd@gmail.com wrote:
Tor will use many unblocked ports for outbound traffic I'm guessing. I think that dd-wrt will open any port that Tor requests if you use port triggering.
On Sun, May 12, 2013 at 4:45 PM, Daniel Wu dw2345@gmail.com wrote:
I just started a relay (non-exit node, not running a client myself), on Windows, using the latest Vidalia Relay Bundle. Looks like from the configuration, given that I'm running in relay mode, there should be only two ports used by Tor (OrPort and DirPort), right? However, when I run "netstat -ano", I see that the Tor process is using up a lot more ports.
There are these connections, from 127.0.0.1 back to itself. Some sort of internal process used by Tor? Not as concerned about these, since these are internal. But still curious.
TCP 127.0.0.1:63417 127.0.0.1:63418 ESTABLISHED TCP 127.0.0.1:63418 127.0.0.1:63417 ESTABLISHED TCP 127.0.0.1:63419 127.0.0.1:63420 ESTABLISHED
But then I see connections like these: TCP 192.168.1.202:55049 174.136.105.86:9001 ESTABLISHED TCP 192.168.1.202:56804 37.128.208.46:9002 ESTABLISHED TCP 192.168.1.202:56896 171.25.193.9:80 ESTABLISHED TCP 192.168.1.202:57113 109.232.224.74:9001 ESTABLISHED TCP 192.168.1.202:57206 91.227.249.44:9001 ESTABLISHED TCP 192.168.1.202:57221 67.164.46.197:9001 ESTABLISHED TCP 192.168.1.202:57253 128.31.0.34:9101 ESTABLISHED TCP 192.168.1.202:57259 204.124.83.132:587 ESTABLISHED TCP 192.168.1.202:57260 128.232.18.57:9001 ESTABLISHED TCP 192.168.1.202:57309 204.124.83.131:443 ESTABLISHED TCP 192.168.1.202:57331 81.24.98.236:9001 ESTABLISHED
These appear to be the actual Tor relay traffic (192.168.1.202 is my computer). Why are these using ports in the 55000+ range, when I specified my OrPort to be a singular value (in my case, 9031)? I would like to know the port ranges used by Tor for relay traffic, so I can use my dd-wrt to set the QoS by specifying these Tor port ranges.
Thanks,
DW
tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
On Sun, 12 May 2013 17:08:20 +0000, Daniel Wu wrote:
Is there any way to configure which range of ports Tor uses for outgoing relay traffic?
Doesn't look like. I didn't find a config option for that.
Andreas
On Mon, May 13, 2013 at 05:53:51AM +0200, Andreas Krey wrote:
On Sun, 12 May 2013 17:08:20 +0000, Daniel Wu wrote:
Is there any way to configure which range of ports Tor uses for outgoing relay traffic?
Doesn't look like. I didn't find a config option for that.
Correct, I also believe there is not a config option for this.
If somebody came up with a clean simple patch, I bet we'd take it. But that said, I bet the patch won't be clean or simple, especially when trying to be cross-platform.
My advice would be to either run the QoS rules on the computer that's running the Tor relay, since iptables knows the process owner and can group that way: https://gitweb.torproject.org/tor.git/blob/HEAD:/contrib/linux-tor-prio.sh or if you can't do that, add a second IP address to the machine running the Tor relay, and use OutboundBindAddress to tell Tor to use it.
--Roger
On Sun, 12 May 2013 13:45:03 +0000, Daniel Wu wrote:
I just started a relay (non-exit node, not running a client myself), on Windows, using the latest Vidalia Relay Bundle. Looks like from the configuration, given that I'm running in relay mode, there should be only two ports used by Tor (OrPort and DirPort), right?
Tow *listener* ports.
However, when I run "netstat -ano", I see that the Tor process is using up a lot more ports.
That is to be expected.
TCP 127.0.0.1:63417 127.0.0.1:63418 ESTABLISHED TCP 127.0.0.1:63418 127.0.0.1:63417 ESTABLISHED TCP 127.0.0.1:63419 127.0.0.1:63420 ESTABLISHED
Don't know about those.
TCP 192.168.1.202:55049 174.136.105.86:9001 ESTABLISHED TCP 192.168.1.202:56804 37.128.208.46:9002 ESTABLISHED TCP 192.168.1.202:56896 171.25.193.9:80 ESTABLISHED
...
These appear to be the actual Tor relay traffic (192.168.1.202 is my computer). Why are these using ports in the 55000+ range, when I specified my OrPort to be a singular value (in my case, 9031)?
Because the OrPort is where other tor nodes connect to you. The source port for outgoing TCP connections is selected by the operating system, and that's what you're seeing here.
Andreas
On Sun, May 12, 2013 at 01:45:03PM -0700, Daniel Wu wrote:
There are these connections, from 127.0.0.1 back to itself. Some sort of internal process used by Tor? Not as concerned about these, since these are internal. But still curious.
TCP 127.0.0.1:63417 127.0.0.1:63418 ESTABLISHED TCP 127.0.0.1:63418 127.0.0.1:63417 ESTABLISHED TCP 127.0.0.1:63419 127.0.0.1:63420 ESTABLISHED
This is because Windows doesn't have socketpair(), so we use a pair of sockets explicitly: https://gitweb.torproject.org/tor.git/blob/refs/heads/release-0.2.3:/src/com...
In short (as you guessed), nothing to worry about.
--Roger
tor-relays@lists.torproject.org
-
Andreas Krey -
Daniel Wu -
Richard Budd -
Roger Dingledine