Hi there,
I have a reasonable ADSL connection, and a little always-on server. The bandwidth is in the region of 2Mib/s down, something less up (maybe 256Kib/s). Is it useful for me to run a tor relay with this bandwidth? I'd like to run one which isn't an exit, at least for now.
If not, am I correct in thinking that a bridge is an appropriate help? That's what I'm doing currently, but if a relay would be more useful I'd be very happy to do that.
One other unrelated(ish) question: I'm in the UK, where the idea of censorship isn't resisted as strongly as it ought to be, and as a result my internet connection is subject to a smallish amount of censorship: whatever is on the secret IWF blacklist plus the pirate bay. Does this mean that running an exit node from a home connection here at some point in the future would not be helpful? Or only if all HTTP(S) was blocked (as the IWF blacklist is secret there's presumably no way to tell the tor network what is inaccessible from this node).
Thanks in advance,
Nick
Hi Nick, I was in a similar boat to you for a while. Also UK based with adsl and a dynamic IP. I found that running a non-exit relay node is fine so long you limit bandwidth usage in torrc. Wouldn't recommended exit relay unless you want to deal with your ISP. If you only run a relay then the censorship list doesn't matter since all connections between nodes are encrypted, any exit node would suffer restrictions. I have heard UK ISP s like to monitor protocol and port usage and sometimes block certain ports. You can always change the port usage in torrc if you find certain ports blocked. If you find running relay uses too much bandwidth then going back to running the bridge is very useful for helping censored users and uses much less bandwidth. A dynamic IP in my experience can cause the node to become unresponsive and it may need to be restarted every few days or every week. I have a script set up which emails me when my afsl node goes down for example. Hope this helps.
T On Jul 11, 2013 9:42 PM, "Nick" tor-relays@njw.me.uk wrote:
Hi there,
I have a reasonable ADSL connection, and a little always-on server. The bandwidth is in the region of 2Mib/s down, something less up (maybe 256Kib/s). Is it useful for me to run a tor relay with this bandwidth? I'd like to run one which isn't an exit, at least for now.
If not, am I correct in thinking that a bridge is an appropriate help? That's what I'm doing currently, but if a relay would be more useful I'd be very happy to do that.
One other unrelated(ish) question: I'm in the UK, where the idea of censorship isn't resisted as strongly as it ought to be, and as a result my internet connection is subject to a smallish amount of censorship: whatever is on the secret IWF blacklist plus the pirate bay. Does this mean that running an exit node from a home connection here at some point in the future would not be helpful? Or only if all HTTP(S) was blocked (as the IWF blacklist is secret there's presumably no way to tell the tor network what is inaccessible from this node).
Thanks in advance,
Nick _______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Thanks for the advice Thomas.
What's the exact meaning of RelayBandwidthRate in torrc? I ask because I found having more than about 20Kib/s upload limit for bittorrent made my connection largely unusable, but leaving it without a download limit was fine (damn asynchronicity). How should I decide what an appropriate value should be? Twice the maximum upload limit I can devote to it? Or if I left the value unset would tor likely do a good enough job of deciding on an appropriate bandwidth value?
Nick
Quoth Thomas Hand:
Hi Nick, I was in a similar boat to you for a while. Also UK based with adsl and a dynamic IP. I found that running a non-exit relay node is fine so long you limit bandwidth usage in torrc. Wouldn't recommended exit relay unless you want to deal with your ISP. If you only run a relay then the censorship list doesn't matter since all connections between nodes are encrypted, any exit node would suffer restrictions. I have heard UK ISP s like to monitor protocol and port usage and sometimes block certain ports. You can always change the port usage in torrc if you find certain ports blocked. If you find running relay uses too much bandwidth then going back to running the bridge is very useful for helping censored users and uses much less bandwidth. A dynamic IP in my experience can cause the node to become unresponsive and it may need to be restarted every few days or every week. I have a script set up which emails me when my afsl node goes down for example. Hope this helps.
T On Jul 11, 2013 9:42 PM, "Nick" tor-relays@njw.me.uk wrote:
Hi there,
I have a reasonable ADSL connection, and a little always-on server. The bandwidth is in the region of 2Mib/s down, something less up (maybe 256Kib/s). Is it useful for me to run a tor relay with this bandwidth? I'd like to run one which isn't an exit, at least for now.
If not, am I correct in thinking that a bridge is an appropriate help? That's what I'm doing currently, but if a relay would be more useful I'd be very happy to do that.
One other unrelated(ish) question: I'm in the UK, where the idea of censorship isn't resisted as strongly as it ought to be, and as a result my internet connection is subject to a smallish amount of censorship: whatever is on the secret IWF blacklist plus the pirate bay. Does this mean that running an exit node from a home connection here at some point in the future would not be helpful? Or only if all HTTP(S) was blocked (as the IWF blacklist is secret there's presumably no way to tell the tor network what is inaccessible from this node).
Thanks in advance,
Nick _______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Hi Nick,
I'm not sure whether the stories are true or not but I have heard of people having their computer kit confiscated for running an exit node.
I'd go for a non-exit relay and see how that works. You can limit the bandwidth the node will use, so if you find it eats up all your resource, you can lower it.
Just out of interest, which ISP do you use. I'm on Talk Talk and I'm having a lot of hassle setting up a non-exit relay. Just can't seem to get it to stay on-line.
Cheers, Richard
Hi there,
I have a reasonable ADSL connection, and a little always-on server. The bandwidth is in the region of 2Mib/s down, something less up (maybe 256Kib/s). Is it useful for me to run a tor relay with this bandwidth? I'd like to run one which isn't an exit, at least for now.
If not, am I correct in thinking that a bridge is an appropriate help? That's what I'm doing currently, but if a relay would be more useful I'd be very happy to do that.
One other unrelated(ish) question: I'm in the UK, where the idea of censorship isn't resisted as strongly as it ought to be, and as a result my internet connection is subject to a smallish amount of censorship: whatever is on the secret IWF blacklist plus the pirate bay. Does this mean that running an exit node from a home connection here at some point in the future would not be helpful? Or only if all HTTP(S) was blocked (as the IWF blacklist is secret there's presumably no way to tell the tor network what is inaccessible from this node).
Thanks in advance,
Nick _______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Thanks for the advice everyone, I ended up setting up a bridge node.
However I just noticed in looking at the logs that my ISP seem to disconnect me to reassign my IP address several times a day. Which seems like rather terrible service. Presumably that makes my bridge a lot less useful, as the IP address has such a short lifespan?
I tested my broadband speed today and it's around 6.5Mib/s down, 410Kib/s up, so somewhat faster than I originally guessed. But with so unstable a connection I suppose even a regular relay may not be worthwhile. Am I correct? It did seem to do well at sending and receiving plenty of traffic when I set it as a normal relay, but if it's also the cause of lots of dropped connections then maybe it wouldn't be worth it.
I know I should look into a VPS thing, I've just never used them and like the idea of putting my home server and bandwidth to more use.
My ISP is the post office, on the "broadband extra" package. I chose it mainly because it's cheap if you use their phone service too, but the regular disconnections, plus their soon-to-come-into-effect new AUP, make me unsure about whether that was a good idea. I don't know of any good and vaguely affordable ISP in the UK anymore, though, now that Be have gone away.
Nick
Quoth Richard Edmondson:
Hi Nick,
I'm not sure whether the stories are true or not but I have heard of people having their computer kit confiscated for running an exit node.
I'd go for a non-exit relay and see how that works. You can limit the bandwidth the node will use, so if you find it eats up all your resource, you can lower it.
Just out of interest, which ISP do you use. I'm on Talk Talk and I'm having a lot of hassle setting up a non-exit relay. Just can't seem to get it to stay on-line.
Cheers, Richard
Hi there,
I have a reasonable ADSL connection, and a little always-on server. The bandwidth is in the region of 2Mib/s down, something less up (maybe 256Kib/s). Is it useful for me to run a tor relay with this bandwidth? I'd like to run one which isn't an exit, at least for now.
If not, am I correct in thinking that a bridge is an appropriate help? That's what I'm doing currently, but if a relay would be more useful I'd be very happy to do that.
One other unrelated(ish) question: I'm in the UK, where the idea of censorship isn't resisted as strongly as it ought to be, and as a result my internet connection is subject to a smallish amount of censorship: whatever is on the secret IWF blacklist plus the pirate bay. Does this mean that running an exit node from a home connection here at some point in the future would not be helpful? Or only if all HTTP(S) was blocked (as the IWF blacklist is secret there's presumably no way to tell the tor network what is inaccessible from this node).
Thanks in advance,
Nick _______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
-- Best Wishes, Richard
tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Bridges ideally have very stable IPs, as their addresses aren't stored in an hourly consensus, but are instead handed out as needed. This isn't such an issue with normal relays as they ill drop out of the consensus after an hour - but it does depend how frequently / predictably the IP address changes. IT would be hard to build up a stable flag for example.
On 22 Jul 2013, at 10:14, Nick tor-relays@njw.me.uk wrote:
Thanks for the advice everyone, I ended up setting up a bridge node.
However I just noticed in looking at the logs that my ISP seem to disconnect me to reassign my IP address several times a day. Which seems like rather terrible service. Presumably that makes my bridge a lot less useful, as the IP address has such a short lifespan?
I tested my broadband speed today and it's around 6.5Mib/s down, 410Kib/s up, so somewhat faster than I originally guessed. But with so unstable a connection I suppose even a regular relay may not be worthwhile. Am I correct? It did seem to do well at sending and receiving plenty of traffic when I set it as a normal relay, but if it's also the cause of lots of dropped connections then maybe it wouldn't be worth it.
I know I should look into a VPS thing, I've just never used them and like the idea of putting my home server and bandwidth to more use.
My ISP is the post office, on the "broadband extra" package. I chose it mainly because it's cheap if you use their phone service too, but the regular disconnections, plus their soon-to-come-into-effect new AUP, make me unsure about whether that was a good idea. I don't know of any good and vaguely affordable ISP in the UK anymore, though, now that Be have gone away.
Nick
Quoth Richard Edmondson:
Hi Nick,
I'm not sure whether the stories are true or not but I have heard of people having their computer kit confiscated for running an exit node.
I'd go for a non-exit relay and see how that works. You can limit the bandwidth the node will use, so if you find it eats up all your resource, you can lower it.
Just out of interest, which ISP do you use. I'm on Talk Talk and I'm having a lot of hassle setting up a non-exit relay. Just can't seem to get it to stay on-line.
Cheers, Richard
Hi there,
I have a reasonable ADSL connection, and a little always-on server. The bandwidth is in the region of 2Mib/s down, something less up (maybe 256Kib/s). Is it useful for me to run a tor relay with this bandwidth? I'd like to run one which isn't an exit, at least for now.
If not, am I correct in thinking that a bridge is an appropriate help? That's what I'm doing currently, but if a relay would be more useful I'd be very happy to do that.
One other unrelated(ish) question: I'm in the UK, where the idea of censorship isn't resisted as strongly as it ought to be, and as a result my internet connection is subject to a smallish amount of censorship: whatever is on the secret IWF blacklist plus the pirate bay. Does this mean that running an exit node from a home connection here at some point in the future would not be helpful? Or only if all HTTP(S) was blocked (as the IWF blacklist is secret there's presumably no way to tell the tor network what is inaccessible from this node).
Thanks in advance,
Nick _______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
-- Best Wishes, Richard
tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
It'd be nice if dynamic DNS could solve this somehow, but it can't with the current implementation. :/
I think this may only get worse now that we're essentially out of IPv4 space.
-Gordon
Samuel Walker:
Bridges ideally have very stable IPs, as their addresses aren't stored in an hourly consensus, but are instead handed out as needed. This isn't such an issue with normal relays as they ill drop out of the consensus after an hour - but it does depend how frequently / predictably the IP address changes. IT would be hard to build up a stable flag for example.
On 22 Jul 2013, at 10:14, Nick tor-relays@njw.me.uk wrote:
Thanks for the advice everyone, I ended up setting up a bridge node.
However I just noticed in looking at the logs that my ISP seem to disconnect me to reassign my IP address several times a day. Which seems like rather terrible service. Presumably that makes my bridge a lot less useful, as the IP address has such a short lifespan?
On Tue, 30 Jul 2013 08:03:58 +0000, Gordon Morehouse wrote:
It'd be nice if dynamic DNS could solve this somehow, but it can't with the current implementation. :/
Even if - it wouldn't help those users that have an open connection through the bridge (or relay) while it does change IP address.
I don't like my ssh sessions severed...
Andreas
On Tue, Jul 30, 2013 at 05:13:09PM +0200, Andreas Krey wrote:
On Tue, 30 Jul 2013 08:03:58 +0000, Gordon Morehouse wrote:
It'd be nice if dynamic DNS could solve this somehow, but it can't with the current implementation. :/
Even if - it wouldn't help those users that have an open connection through the bridge (or relay) while it does change IP address.
I don't like my ssh sessions severed...
Relays that don't have sufficient mean-time-between-failure don't get the Stable flag, and streams whose destination ports are in the LongLivedPorts list avoid relays that don't have the Stable flag.
V(LongLivedPorts, CSV, "21,22,706,1863,5050,5190,5222,5223,6523,6667,6697,8300"),
Currently moria1 is voting 1068997 seconds for the MTBF threshold, i.e. a bit over 12 days.
So dynamic relays can still be useful, and hopefully we won't end up cutting too many ssh sessions.
--Roger
On Tue, 30 Jul 2013 16:48:13 +0000, Roger Dingledine wrote: ...
Relays that don't have sufficient mean-time-between-failure don't get the Stable flag, and streams whose destination ports are in the LongLivedPorts list avoid relays that don't have the Stable flag.
Sorry, I should really have remembered that. ;-(
(And make any websocket stuff I do robust against such things, as they would be on 80/443.)
Andreas
Andreas Krey:
On Tue, 30 Jul 2013 08:03:58 +0000, Gordon Morehouse wrote:
It'd be nice if dynamic DNS could solve this somehow, but it can't with the current implementation. :/
Even if - it wouldn't help those users that have an open connection through the bridge (or relay) while it does change IP address.
I don't like my ssh sessions severed...
True. And veering OT, but have you tried mosh yet? It's ideal for some situations over Tor, or where the client changes connections often.
-Gordon
On 31.07.2013 04:48, Gordon Morehouse wrote:
True. And veering OT, but have you tried mosh yet? It's ideal for some situations over Tor, or where the client changes connections often. http://mosh.mit.edu/
Mosh is great, but it still relies exclusively on UDP, right? So no "over Tor"...
Moritz Bartl:
On 31.07.2013 04:48, Gordon Morehouse wrote:
True. And veering OT, but have you tried mosh yet? It's ideal for some situations over Tor, or where the client changes connections often. http://mosh.mit.edu/
Mosh is great, but it still relies exclusively on UDP, right? So no "over Tor"...
Ah, crap. Yeah, the primary transport is UDP once a session is established.
-Gordon
On Tue, 30 Jul 2013 19:48:22 +0000, Gordon Morehouse wrote: ...
True. And veering OT, but have you tried mosh yet? It's ideal for some situations over Tor, or where the client changes connections often.
No, I built something for that situation myself around the same time and am just rewriting it. (Just a transport, no terminal prediction, with the intention of also using it as a transport plugin for tor bridge access.)
Btw. if mosh 'works over tor' you may want to check if you're not just sending the UDP around tor.
Andreas
On Tuesday, July 30, 2013 19:48:22 Gordon Morehouse wrote:
True. And veering OT, but have you tried mosh yet? It's ideal for some situations over Tor, or where the client changes connections often.
Mobil Shell? We've come a long way since Exxon/Exxoff :)
cmeclax
On Thu, 11 Jul 2013 21:43:00 +0100 Nick tor-relays@njw.me.uk allegedly wrote:
Hi there,
I have a reasonable ADSL connection, and a little always-on server. The bandwidth is in the region of 2Mib/s down, something less up (maybe 256Kib/s). Is it useful for me to run a tor relay with this bandwidth? I'd like to run one which isn't an exit, at least for now.
If not, am I correct in thinking that a bridge is an appropriate help? That's what I'm doing currently, but if a relay would be more useful I'd be very happy to do that.
One other unrelated(ish) question: I'm in the UK, where the idea of censorship isn't resisted as strongly as it ought to be, and as a result my internet connection is subject to a smallish amount of censorship: whatever is on the secret IWF blacklist plus the pirate bay. Does this mean that running an exit node from a home connection here at some point in the future would not be helpful? Or only if all HTTP(S) was blocked (as the IWF blacklist is secret there's presumably no way to tell the tor network what is inaccessible from this node).
Nick
I too am in the uk. In my view, running tor on your home broadband connection is probably a bad idea. As you have already noted, the connection is not completely unfiltered and you may find other problems arise as soon as you try to run a relay. I think you might find it almost impossible to successfully run an exit relay without a lot of hassle from your ISP which might end up in your disconnection. Besides that, the amount of bandwidth available on a domestic ADSL is low and you will find that tor impacts heavily on usage unless it is heavily throttled.
For several years now I have sucessfully run relays (both exit and non-exit) on fairly cheap VPSs. This has the dual advantage of separating your own connection from tor and of providing dedicated bandwidth to the relay. You will need to check with the VPS provider that they are happy to allow tor. Some are, most aren't and of those most are not happy with exit relays because they end up getting (often robotic) abuse complaints. Of course your VPS does not have to be in the UK.
I have run relays with bytemark.co.uk (non-exit), daily.co.uk (exit and non-exit) thrustvps.com (ditto) rapidswitch.com (ditto). I currently use digitalocean.com (in the Netherlands, but a US company) and thrust - though for a variety of reasons I will probably drop thrust at the end of my contract with them and move that one elsewhere.
Always/always check the ISP's AUP in advance and then email them telling them what you intend to do before signing up. In my experience, those which are content to allow tor sometimes change their mind after the first few abuse complaints. You then have the option of switching to non-exit, or simply taking your custom elsewhere. It depends on how you want to play things and what you are getting for your money.
Nowadays you can get a useful amount of bandwidth (1-2 TiB pcm) on a reasonably specced VM (512 Mb RAM, 1 core, 20-40 GB disk) very cheaply (on the order of 5-10 UKP pcm, or much less if you shop around). Take a look at lowendbox.com for some ideas of offers on cheap VPS. Then do some research on the suppliers, contact those you shortlist and be open about what you intend to do.
HTH
Mick ---------------------------------------------------------------------
Mick Morgan gpg fingerprint: FC23 3338 F664 5E66 876B 72C0 0A1F E60B 5BAD D312 http://baldric.net
---------------------------------------------------------------------
On Fri, 12 Jul 2013 14:22:44 +0100 mick mbm@rlogin.net allegedly wrote:
On Thu, 11 Jul 2013 21:43:00 +0100 Nick tor-relays@njw.me.uk allegedly wrote:
Hi there,
I have a reasonable ADSL connection, and a little always-on server. The bandwidth is in the region of 2Mib/s down, something less up (maybe 256Kib/s). Is it useful for me to run a tor relay with this bandwidth? I'd like to run one which isn't an exit, at least for now.
Nowadays you can get a useful amount of bandwidth (1-2 TiB pcm) on a reasonably specced VM (512 Mb RAM, 1 core, 20-40 GB disk) very cheaply (on the order of 5-10 UKP pcm, or much less if you shop around). Take a look at lowendbox.com for some ideas of offers on cheap VPS. Then do some research on the suppliers, contact those you shortlist and be open about what you intend to do.
Forgot to add - take a look at http://www.edis.at/en/home for example. They have reasonable offerings (but limited on the KVM option) in a variety of countries and I have already established that they would be comfortable with non-exit tor relays.
Mick
---------------------------------------------------------------------
Mick Morgan gpg fingerprint: FC23 3338 F664 5E66 876B 72C0 0A1F E60B 5BAD D312 http://baldric.net
---------------------------------------------------------------------
Hi Guys,
I would second the cheap VPS option.
In the past I have run a relay at home and on a number of cheap VPS providers with only one having an issue with my request to run a relay. Living in the UK I found the low upload speed and dynamic IP made the home relay perform rather poorly while having a notable affect on my home web browsing. Having a cheap VPS also offers the advantage of a remote development platform, the possibility of hosting your own website (a socks proxy has been pretty handy at bypassing my works web proxy). As previously stated, lowendbox is a great place to start looking for one I would suggest going dutch as they offer great performance/bandwidth for your £.
BR, Alistair.
On 12 July 2013 14:33, mick mbm@rlogin.net wrote:
On Fri, 12 Jul 2013 14:22:44 +0100 mick mbm@rlogin.net allegedly wrote:
On Thu, 11 Jul 2013 21:43:00 +0100 Nick tor-relays@njw.me.uk allegedly wrote:
Hi there,
I have a reasonable ADSL connection, and a little always-on server. The bandwidth is in the region of 2Mib/s down, something less up (maybe 256Kib/s). Is it useful for me to run a tor relay with this bandwidth? I'd like to run one which isn't an exit, at least for now.
Nowadays you can get a useful amount of bandwidth (1-2 TiB pcm) on a reasonably specced VM (512 Mb RAM, 1 core, 20-40 GB disk) very cheaply (on the order of 5-10 UKP pcm, or much less if you shop around). Take a look at lowendbox.com for some ideas of offers on cheap VPS. Then do some research on the suppliers, contact those you shortlist and be open about what you intend to do.
Forgot to add - take a look at http://www.edis.at/en/home for example. They have reasonable offerings (but limited on the KVM option) in a variety of countries and I have already established that they would be comfortable with non-exit tor relays.
Mick
Mick Morgan gpg fingerprint: FC23 3338 F664 5E66 876B 72C0 0A1F E60B 5BAD D312 http://baldric.net
tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
mick:
Forgot to add - take a look at http://www.edis.at/en/home for example. They have reasonable offerings (but limited on the KVM option) in a variety of countries and I have already established that they would be comfortable with non-exit tor relays.
Be aware that depending on the data center, the KVM nodes at Edis get rebooted fairly often ... if you want to run a larger relay and be flagged stable, maybe not the best choice.
-Gordon
On Fri, 12 Jul 2013 19:04:22 -0700 Gordon Morehouse gordon@morehouse.me allegedly wrote:
mick:
Forgot to add - take a look at http://www.edis.at/en/home for example. They have reasonable offerings (but limited on the KVM option) in a variety of countries and I have already established that they would be comfortable with non-exit tor relays.
Be aware that depending on the data center, the KVM nodes at Edis get rebooted fairly often ... if you want to run a larger relay and be flagged stable, maybe not the best choice.
-Gordon
Gordon
Thanks - useful to know. Any information on the openVZ offering?
Best
Mick
---------------------------------------------------------------------
Mick Morgan gpg fingerprint: FC23 3338 F664 5E66 876B 72C0 0A1F E60B 5BAD D312 http://baldric.net
---------------------------------------------------------------------
mick:
mick:
Forgot to add - take a look at http://www.edis.at/en/home for example. They have reasonable offerings (but limited on the KVM option) in a variety of countries and I have already established that they would be comfortable with non-exit tor relays.
Be aware that depending on the data center, the KVM nodes at Edis get rebooted fairly often ... if you want to run a larger relay and be flagged stable, maybe not the best choice.
Gordon
Thanks - useful to know. Any information on the openVZ offering?
They told me it was rebooted much less often, but they didn't offer it in Iceland, which is where I was interested in having my data physically located. They also said the Iceland KVM nodes tended to get rebooted a lot less than where I was at the time (continental Europe at one of their many locations). So, YMMV.
But I would say, the Edis OpenVZ offerings are probably pretty good for Tor relays.
Incidentally, I did provision a VPS in Iceland with a different company and they *called* me from Reykjavik to warn me that if I were going to run a Tor relay node (they understood the difference between relays and exits), I would be not pleased with performance or pricing due to Iceland's bandwidth crunch and pricing system. Plus, the ping time is what it is.
They also said the pricing situation may ease within a year in Iceland.
So, um, OT bit of info, but stick to exits, and not relays, in Iceland for legal and bandwidth reasons.
-Gordon
On Sat, 13 Jul 2013 10:03:11 -0700 Gordon Morehouse gordon@morehouse.me allegedly wrote:
mick:
Gordon
Thanks - useful to know. Any information on the openVZ offering?
They told me it was rebooted much less often, but they didn't offer it in Iceland, which is where I was interested in having my data physically located. They also said the Iceland KVM nodes tended to get rebooted a lot less than where I was at the time (continental Europe at one of their many locations). So, YMMV.
But I would say, the Edis OpenVZ offerings are probably pretty good for Tor relays.
Gordon
Again, thanks for the info.
Mick
---------------------------------------------------------------------
Mick Morgan gpg fingerprint: FC23 3338 F664 5E66 876B 72C0 0A1F E60B 5BAD D312 http://baldric.net
---------------------------------------------------------------------
Nick:
I have a reasonable ADSL connection, and a little always-on server. The bandwidth is in the region of 2Mib/s down, something less up (maybe 256Kib/s). Is it useful for me to run a tor relay with this bandwidth? I'd like to run one which isn't an exit, at least for now.
Unless I'm reading Compass wrong, a relay with 256 Kib/s is likely to be selected as a middle node 1 time out of 10000 circuits, if not less…
So I'd say it is not useful for the network to add relays with so little bandwidth at the present times.
If not, am I correct in thinking that a bridge is an appropriate help? That's what I'm doing currently, but if a relay would be more useful I'd be very happy to do that.
It would be a slow bridge, but at least the likelihood it'll be of use is far greater than configuring a relay.
One other unrelated(ish) question: I'm in the UK, where the idea of censorship isn't resisted as strongly as it ought to be, and as a result my internet connection is subject to a smallish amount of censorship: whatever is on the secret IWF blacklist plus the pirate bay. Does this mean that running an exit node from a home connection here at some point in the future would not be helpful? Or only if all HTTP(S) was blocked (as the IWF blacklist is secret there's presumably no way to tell the tor network what is inaccessible from this node).
Running exit nodes from home connection is usually a bad idea. In case of abuses, law enforcement agencies are likely to believe that whoever lives there is responsible for the abuses.
On Thu, Jul 11, 2013 at 09:43:00PM +0100, Nick wrote:
I have a reasonable ADSL connection, and a little always-on server. The bandwidth is in the region of 2Mib/s down, something less up (maybe 256Kib/s). Is it useful for me to run a tor relay with this bandwidth? I'd like to run one which isn't an exit, at least for now.
I think at this point if you're at least 800kbit (100KBytes/s) each way, it's useful to be a relay.
Here are the flags thresholds that moria1 (my directory authority) is voting for right now: flag-thresholds stable-uptime=646220 stable-mtbf=1055595 fast-speed=18000 guard-wfu=98.000% guard-tk=691200 guard-bw-inc-exits=185000 guard-bw-exc-exits=148000 enough-mtbf=1 ignoring-advertised-bws=1
So that means if you have 18KBytes/s you get some use, and if you have either 185KBytes/s or 148KBytes/s (depending on if there's enough exit capacity) you can get the Guard flag if you're stable enough: https://www.torproject.org/docs/faq.html.en#EntryGuards
It's been suggested by some researchers that a wiser lower bound on whether a relay is useful is 8Mbit/s each way: https://trac.torproject.org/projects/tor/ticket/1854 But I think we'd be throwing out enough capacity at that point that it's not clear to me that the performance gains would be seen in practice. Plus there's some impact to relay diversity (aka anonymity). Not to mention the impact to the community when you tell well over half the relays that actually you don't need them thanks bye.
If not, am I correct in thinking that a bridge is an appropriate help? That's what I'm doing currently, but if a relay would be more useful I'd be very happy to do that.
Yes, a bridge is a fine thing to run on a connection with 250KBytes down and 32KBytes up.
In the future, we might end up with a system like Conflux to let you glue together two slow bridges and get better throughput: http://freehaven.net/anonbib/#pets13-splitting
One other unrelated(ish) question: I'm in the UK, where the idea of censorship isn't resisted as strongly as it ought to be, and as a result my internet connection is subject to a smallish amount of censorship: whatever is on the secret IWF blacklist plus the pirate bay. Does this mean that running an exit node from a home connection here at some point in the future would not be helpful? Or only if all HTTP(S) was blocked (as the IWF blacklist is secret there's presumably no way to tell the tor network what is inaccessible from this node).
This is a tough one. It's not like the web is divided into the clean uncensored part and the dirty censored part -- it's all getting to be grey. If we demanded all exits be totally uncensored, we'd quickly run out of qualified places for exits. In the ideal case, the censorship at your exit would be in the form of not knowing the answer to a DNS resolve of the destination -- and in that case Tor will automatically fall back to trying a different exit. That still isn't ideal though, since it would make things slower (since you'd have to time out before switching to a different circuit), and if it happened a lot then it could take a long time to find a workable circuit.
--Roger
tor-relays@lists.torproject.org
-
Alistair Ferguson -
Andreas Krey -
cmeclax -
Gordon Morehouse -
Lunar -
mick -
Moritz Bartl -
Nick -
Richard Edmondson -
Roger Dingledine -
Samuel Walker -
Thomas Hand