@Ivan
If you think that your relay is underrated or has poor performance try to adjust your hardware/settings. Anyway almost every relay operator has this kind of "operator anxiety". Don't worry. ;)
It is not about anxiety. The last thing that would cause anxiety for me is the possibility to find another cool project for my Pi :)
If there were only blazing fast relays it would decrease anonymity because these relays would be placed in some datacenters and operated by small amount of people (entities). Tor network needs all kinds of relays to be strong. Diversity is about platform, location, connectivity, etc, etc.
While I hold the same opinion as you (intuitively) I am interested not in intuition but in in a sober technical analysis, and not in words of encouragement, or in the customary "thank you thank you thank you for running a relay"
I hear opinions here that small relays are not really useful, and about small bridges I heard here that they are actually causing DAMAGE.
Those opinions were backed by technical arguments, here are a few:
- the numerous small relays that change their IP addresses burden the network unnecessarily with frequent re-publishing of their descriptors - small relays that carry a small number of circuits actually DESTROY anonymity since the small number of circuits going through them makes it easier to de-anonymize traffic; - anonymity is much better served by a few large relays since they carry a lot of circuits simultaneously, and for this reason DirAuths try to saturate them before they direct traffic to small relays - the connections through small relays are quickly saturated, making using the internet a horribly slow and unpleasant experience - Isis, the bridge db and bridge authority operator, has asked Tor people who make decisions NOT to recommend that people run bridges on their small residential connections, because the need to re-distribute information about changed IP addresses is a major hurdle towards bridge adoption
Or as one DirAuth operator summarized it: "On balance, the very small relays do not contribute enough resources compared to the associated costs to be worthwhile."
All of which is exactly the opposite of what you are saying and what was also my intuitive opinion.
So I am interested to know if there are solid, TECHNICALLY SOUND opinions in favor of use of small relays. If running a small relay is just for feeling good and displaying political support for privacy rights, then I am outta here. I feel good already and I have other means of expressing my political support.
Rana
Rana:
Those opinions were backed by technical arguments, here are a few:
- the numerous small relays that change their IP addresses burden
the network unnecessarily with frequent re-publishing of their descriptors - small relays that carry a small number of circuits actually DESTROY anonymity since the small number of circuits going through them makes it easier to de-anonymize traffic; - anonymity is much better served by a few large relays since they carry a lot of circuits simultaneously, and for this reason DirAuths try to saturate them before they direct traffic to small relays - the connections through small relays are quickly saturated, making using the internet a horribly slow and unpleasant experience - Isis, the bridge db and bridge authority operator, has asked Tor people who make decisions NOT to recommend that people run bridges on their small residential connections, because the need to re-distribute information about changed IP addresses is a major hurdle towards bridge adoption
Or as one DirAuth operator summarized it: "On balance, the very small relays do not contribute enough resources compared to the associated costs to be worthwhile."
All of which is exactly the opposite of what you are saying and what was also my intuitive opinion.
Yes, I agree here that bad relays are actually bad. If relays change their address frequently they tear down all the circuits. Bad. Relays that are too slow and unable to catch up with most of the network flow (have small number of circuits) are bad. Poor connectivity is also bad. All these concerns are truly legit. Thanks for summarizing them!
This hugely depends on your definition of "small". If one is running a relay from their refrigerator or dishwasher that connects to the Internet over GPRS - there is no good. One shouldn't do that. By the way this definition is moving target; what is called "small" today isn't what was called "small" 2 years ago. If you feel that your setup is intrinsically bad then it's better to make something else cool from it.
Or as one DirAuth operator summarized it: "On balance, the very small relays do not contribute enough resources compared to the associated costs to be worthwhile."
This is true for "very small" relays, yes.
All of which is exactly the opposite of what you are saying and what was also my intuitive opinion.
It isn't totally opposite. I ran a relay quite a while ago on RPi (Pi1B+, FreeBSD) and it was pretty good at it. Not so fast as "full-blown" ones but still (something around 1.2MBps). After reasonable period of time it had ~7000 open connections.
So I am interested to know if there are solid, TECHNICALLY SOUND opinions in favor of use of small relays. If running a small relay is just for feeling good and displaying political support for privacy rights, then I am outta here. I feel good already and I have other means of expressing my political support.
I do agree with you, one should know if their relay is actually useful and won't harm the network. Sorry if I sound not so technically.
If you have modern ARM then you have NEON so ChaCha20 should be better that AES. That said slow relays may become a bit faster. Location diversity as self-hosting is another argument (recall tons of OVH VPS relays).
Some best practices definitely would be awesome to have about running on common (embedded) hardware. Clear notification like "your Commodore 64 is to slow to be a good relay" would also be useful.
-- Ivan Markin
tor-relays@lists.torproject.org
-
Ivan Markin -
Rana