Re: [tor-relays] Please enable IPv6 on your relay!
That will be a problem because that instances will get several IPv6-addresses during the day because of active privacy extensions and the router get a new /56 for IPv6 from the ISP every day. A manual change of the torrc is inefficient for me. Because of that I will deactivate IPv6-support at the affected instances until the discovery of a IPv6-address will be like for IPv4 :-( I am not a programmer but perhaps it will be solved like for dyndns-services. Marcel JovianMallard t...@sec.gd hat am 13. Mai 2015 um 18:24 geschrieben: Googling finds these: https://lists.torproject.org/pipermail/tor-commits/2012-May/042676.html https://trac.torproject.org/projects/tor/ticket/5146 https://trac.torproject.org/projects/tor/ticket/5940 Looks like tor hasn't been taught to turn [::] into a reachable global IP address yet (for reporting to the network - listening would work fine), so I think you'll need to use your actual global IPv6 address there. On 05/13/2015 12:13 PM, torser...@ittk.it wrote: thanks, now I got a similar information: 13:36:02 [WARN] Unable to use configured IPv6 address [::] in a descriptor. Skipping it. Try specifying a globally reachable address explicitly. what do you think? Marcel ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Please enable IPv6 on your relay!
thanks, now I got a similar information: 13:36:02 [WARN] Unable to use configured IPv6 address [::] in a descriptor. Skipping it. Try specifying a globally reachable address explicitly. what do you think? Marcel JovianMallard t...@sec.gd hat am 13. Mai 2015 um 15:27 geschrieben: [::1] is the IPv6 loopback address - use [::] to listen on any address. On 05/13/2015 03:09 AM, torser...@ittk.it wrote: I have enabled it at 1 VPS and 1 Root. And I enabled it on 2 instances which are connected via broadbandconnections with dynamic addresses for IPv4 and IPv6. There I got that information after applying the configuration: 07:05:49 [WARN] Unable to use configured IPv6 address [::1] in a descriptor. Skipping it. Try specifying a globally reachable address explicitly. 07:05:49 [NOTICE] Your Tor server's identity key fingerprint is 'xxx' 07:05:49 [NOTICE] Opening OR listener on [::1]:2342 I hope that will work as desired. Marcel Brian Kroll br...@fiberoverethernet.com hat am 13. Mai 2015 um 07:45 geschrieben: I just enabled four relays, who has the next two? ^_^ //Brian Ana Lucia Cortez: On Wed, May 13, 2015 at 12:09:45AM +0200, Moritz Bartl wrote: Come on guys, we only need 6 more IPv6 relays to help Moritz out of his depression ... We still have a depressingly low number of relays that support IPv6 (currently only ~120 of ~1900 relays). Thats 6.3% IPv6 adoption rate amongst Tor relays, while todays global overall IPv6 adoption rate is 6.6% according to https://www.google.com/intl/en/ipv6/statistics.html. ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Please enable IPv6 on your relay!
I have enabled it at 1 VPS and 1 Root. And I enabled it on 2 instances which are connected via broadbandconnections with dynamic addresses for IPv4 and IPv6. There I got that information after applying the configuration: 07:05:49 [WARN] Unable to use configured IPv6 address [::1] in a descriptor. Skipping it. Try specifying a globally reachable address explicitly. 07:05:49 [NOTICE] Your Tor server's identity key fingerprint is 'xxx' 07:05:49 [NOTICE] Opening OR listener on [::1]:2342 I hope that will work as desired. Marcel Brian Kroll br...@fiberoverethernet.com hat am 13. Mai 2015 um 07:45 geschrieben: -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 I just enabled four relays, who has the next two? ^_^ //Brian Ana Lucia Cortez: On Wed, May 13, 2015 at 12:09:45AM +0200, Moritz Bartl wrote: Come on guys, we only need 6 more IPv6 relays to help Moritz out of his depression ... We still have a depressingly low number of relays that support IPv6 (currently only ~120 of ~1900 relays). Thats 6.3% IPv6 adoption rate amongst Tor relays, while todays global overall IPv6 adoption rate is 6.6% according to https://www.google.com/intl/en/ipv6/statistics.html. ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays -BEGIN PGP SIGNATURE- iQIcBAEBCgAGBQJVUuTrAAoJEFjBjkteF9VaeSUP/jvhXTqCxz67Re8T7Md/j3Mc GWoiEo4sgOXsa7lD4XrJNslkGf3niwLrNk/tXQf7Jl5xTlo2aO1F9927lyO690Nm Z2Qo4rZMJK/XQy7SAO+BFCQLUJwk2zUHuBcQ2b0icA+zM1/9T7L9x6aeVvlXwER/ xgmYDFrVgHPUdi0yHGnUhbSEeahc47z7pSdXNU8vA7Srsy+FsBuF+02MRC6dmTQp nZnDbJOEMUeE4VTX0X9ID0ERO+VyzHvj+NtYFB7h3HOn5Tx4OmcVuEBZXyerbyGo mm4Her59X21WcCLHSqj1dtvOitsXD2b3OzeQCa0ULDTFeSWZxYZ3QAYVgS61l60u P9nuKRk8e6Cwi0Wv9hBI3KwJGOt1AT+f79LrMX+k+5si9jB/fiPEr2BFdx8PC9rS N7w3HGKG4tuR0/iBgp01lVxdpJONqUZ5tueFUUIQcrsF/mClLoGvp8eezuub2c3L 5/h5CpopxUpJ4pQBwsuLHP9EW0mxH0INOqRJqoo/6tNSHDVBG/xvHvRXU6hDAEn2 a3GpXKDLF0Qd6+YkDbM7+jk47i9ViB0PmwFDNOHMYAqokp4AxMzFmwaoxOBnnnsa vMoqubOyWjUHxlyHmboRHywkV46XuDXB4dGPg9qy0cAs+jXgpgWTaAihBVnUCYqF 16laWRMOogy27AgbDuAd =flm3 -END PGP SIGNATURE- ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
[tor-relays] Feedback
Hello, i have been running a new relay for a short time period now and would like to bring to your attention the issues faced, that finally led me to refrain from keeping this up any longer: * Documentation was ok (on torproject.org) and the installation (using deb on ubuntu) was easy. * It took quite some time to understand the implications (opening ports in the router, hazarding security to my computers, as i was - to this date - relying on the routers firewall working) - This job of mine basically got delayed until later, when i would have learned, what is needed in that respect. * Next, i noticed a frequent (daily) behavior of the Tor server dropping traffic to around zero. Inspecting this, let me to understand, my provider was disconnecting me and reassigning a new IP on a daily basis, which took some time to propagate. Even worse: It did not propagate on its own, i needed to restart the tor service to reinitialise... * Asking in the online channel, i was guided to change my "Nickname" torrc config to match the dyndns entry corresponding to my server. * But this never made it to the directories, thus forcing me to manually restart Tor on a daily basis in order to force the changing IP address into them. * Finally, i was told, this behavior would be disruptive to the network, i therefore brought the service down for good, wasting the bandwith, i was willing to spend, for the near future. :-) * Ok, otherwise, i would have to pay additional fees to rent a server off-site with a permanent IP, but that would be giving more, than what was easily affordable, as my machine is running 24/7 and the connections open anyway. Thus Tor doesnt seem to be able to absorb the kind of bandwith, i was willing to share long time. This is leaving a sad taste on me, who is pretty much interested in privacy, anonymosity, which led me to avoid the mailing lists with a durable email-address. But just using a read-only one wouldnt allow me to post to the list. That is why i created this one temporarily, just to let you know about my experiences... NewTorKidOnTheBlock (this was the name of my Tor relay) ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
[tor-relays] Politically correct?
Hello list members, for simple - political - reasons, i began contributing otherwise wasted bandwith to the tor network about half a year ago. And i am reading this list. Lately, there has been a discussion (Intrusion Prevention System Software - Snort or Suricata), that brought up some opinions about tor, more or less focused from a technical point-of-view. Interesting to me (the noob, that i am) was the belief, that tor was ok (as some seem to think). I am very much less optimistic: From the information, i can gather on my own personal computer, i can see, that almost every operating system sends out greetings to servers in akamai's reach, a company that happens to have contracts with microsoft and whatnot. Reading about their business, i find every reason to believe, that the time to fight for anonymity on the net is long gone, that security - even from their perspective - needs more resources than any individual will ever be able to have at its disposal. Also, i am aware of the possibility to get tracked by the telecommunication provider anytime and without me noticing it. My conclusion has been, that i am maybe 30 years too late in my activity to support tor - as a simple relay -. And the companies that seem to have most control over the internet (like google, akamai, and others) are in the process to control more and more of it, and only for that reason are fighting against malware like viruses and bots, and of course also fighting tor (by using honeypots as well as intrusion into the community to get as much information as possible about the people trying to hide in anonymity). This seems to be so true to me, that i begin to feel _guilty of nourishing false hopes_, that any individual could feel safe by using tor, irrespective of where and how legitimate/needed their requests are originating from. Seriously, i am beginning to think, that tor may be somewhat outdated nowadays, basically operating on old assumptions, about how the net was organised merely a decade ago. And not taking into account the reality of today, where our little community may not be all too useful any longer. Hard to hide some disappointment, as i used to be a developer many years ago, and find that no one - apart from myself - refuses to cooperate in the process of accumulating data, which provides the basis for semi-automated analysis later, and help some authorities to excert power and control over the population living on this planet. As my son very correctly said (btw: on his mobile! ;-)) : "Today, life begins, where there is neither computer nor electricity, but meeting with friends." ...until the earth observing satelites will be able to discern individuals. :-( Can anyone get me out of this pessimistic viewpoint? If not, i am seriously reconsidering the futile attempt to engage into offering something to the net, that could lead to unveiling users activities opposed to what tor seems to promise. Sorry for thinking out loud, but seriously worried about my own simple-mindedness. The operator of "NewTorKidOnTheBlock" ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] tor 0.4.6 reached end of life
Hi, on my Raspberry Pi 4 I can 't update from 0.4.5. The armhf architecture seems to be the problem. How do I have to upgrade to the newer versions? So far I haven 't found the ultimate way to setup a TOR relay on a Raspi 4 with auto updates. Greetz ghostbuster > Op 02-08-2022 14:00 schreef tor-relays-requ...@lists.torproject.org: > > Subject: [tor-relays] tor 0.4.6 reached end of life > > If you still run tor 0.4.6, now is a good time to upgrade your tor version. > > the list of largest operators still running end of life tor versions: > https://nusenu.github.io/OrNetStats/#end-of-life-relays-share > > https://nusenu.github.io ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Middle relay IP blocking
Roger, I had the same problem with 3 financial websites blocking my IP address while running a middle relay. Exactly 5 days after stopping the relay these sites can be reached again. They probably use the same mechanism, visible in the TPRB Firefox plug-in. I run my home relay on a low energy consuming Raspberry Pi. Why is there no perfectly detailed instruction to install a relay on the Raspberry? With its built-in VNC it can be managed by SSH and remote desktop perfectly. Then there is no need for data congestion on a few cheap providers. One Watt power consumption only costs 3 Euros a year. Snowflake almost uses no data with a few occasional users. I 'd like to use my 100 Megabits more efficient. Regards, me. > Date: Tue, 8 Aug 2023 02:32:03 -0400 > From: Roger Dingledine > To: tor-relays@lists.torproject.org > Subject: Re: [tor-relays] Middle relay IP blocking > Message-ID: > Content-Type: text/plain; charset=us-ascii > > On Mon, Aug 07, 2023 at 11:28:32PM +0300, s7r wrote: > > While all the above is true, a thing to remember is to make sure we don't > > end up all renting too many VPS'es or dedicated servers in the same places / > > same AS numbers - we need network diversity, it is a very important factor, > > more AS numbers, more providers, more physical locations, etc. So, running > > at home is super good and recommended from this perspective, provides us > > with the diversity we need, however not being to login to online banking to > > pay an electricity bill because of a middle relay is also way too annoying.. > > however who can afford the hassle should definitely run a middle relay or > > bridge at home > > Yes, exactly this. If you are interested in running a non-exit relay at > home, and you can tolerate the hassles from occasionally finding that > some service doesn't want to hear from you, then you are definitely > helping the diversity of the Tor network. > > Having the Tor traffic concentrated at a few cheapo providers like Hetzner > and OVH is not only scary in the sense that too much traffic goes through > too few cables, but it's also scary because it increases the appeal for > somebody to attack those few companies, either by breaking into their > infrastructure to watch traffic or through more traditional insider > threats like getting an employee there to help them monitor traffic. > > The internet already has uncomfortably many bottlenecks -- too few > undersea cables, too few Content Distribution Networks (CDNs), too few > app stores, etc. > > > (even Exit relay, I do run an Exit relay at my office place > > and I had one police visit in like 8 years or so). > > Follow this advice only with great caution. :) Many people happily > run their exit relay from their home, but it only takes one fresh new > cybercrime detective (trying to make a name for himself by kicking down > a door at 7am, and with no idea what Tor is) to ruin your day. > > --Roger > > > > -- > > Subject: Digest Footer > > ___ > tor-relays mailing list > tor-relays@lists.torproject.org > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays > > > -- > > End of tor-relays Digest, Vol 151, Issue 9 > ** ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Middle relay IP blocking
Gus, thanks for the advices on both subjects, and the links to the recipes for both the RPI install including TOR updates, and the Snowflake proxy. I 'll try the Snowflake first. Regards, torserver. > Op 08-08-2023 22:39 CEST schreef gus : > > > >Why is there no perfectly detailed instruction to install a relay on the > >Raspberry? > > There are a few projects like pi-relay[1], but if you're using a > Debian-like system, the installation is very straight forward. > > However, the main issue is not the installation. The most significant > issue involves opening and forwarding ports on your modem. Sometimes > this process may require contacting your ISP and asking for support. > > > Snowflake almost uses no data with a few occasional users. I 'd like to use > > my 100 Megabits more efficient. > > If you're seeing just "a few occasional users", maybe you need to check > your NAT settings or your proxy installation. All my snowflake > standalone proxies[2] (NAT type 'unrestricted') are getting more than > 200 connections per hour and ~7 TiB per month. > > cheers, > Gus > > [1] https://github.com/scidsg/pi-relay > [2] https://community.torproject.org/relay/setup/snowflake/standalone/ > > On Tue, Aug 08, 2023 at 07:24:12PM +0200, torserver wrote: > > Roger, > > > > I had the same problem with 3 financial websites blocking my IP address > > while running a middle relay. Exactly 5 days after stopping the relay these > > sites can be reached again. They probably use the same mechanism, visible > > in the TPRB Firefox plug-in. > > > > I run my home relay on a low energy consuming Raspberry Pi. Why is there no > > perfectly detailed instruction to install a relay on the Raspberry? With > > its built-in VNC it can be managed by SSH and remote desktop perfectly. > > Then there is no need for data congestion on a few cheap providers. One > > Watt power consumption only costs 3 Euros a year. > > > > Snowflake almost uses no data with a few occasional users. I 'd like to use > > my 100 Megabits more efficient. > > > > Regards, me. > > > > > Date: Tue, 8 Aug 2023 02:32:03 -0400 > > > From: Roger Dingledine > > > To: tor-relays@lists.torproject.org > > > Subject: Re: [tor-relays] Middle relay IP blocking > > > Message-ID: > > > Content-Type: text/plain; charset=us-ascii > > > > > > On Mon, Aug 07, 2023 at 11:28:32PM +0300, s7r wrote: > > > > While all the above is true, a thing to remember is to make sure we > > > > don't > > > > end up all renting too many VPS'es or dedicated servers in the same > > > > places / > > > > same AS numbers - we need network diversity, it is a very important > > > > factor, > > > > more AS numbers, more providers, more physical locations, etc. So, > > > > running > > > > at home is super good and recommended from this perspective, provides us > > > > with the diversity we need, however not being to login to online > > > > banking to > > > > pay an electricity bill because of a middle relay is also way too > > > > annoying.. > > > > however who can afford the hassle should definitely run a middle relay > > > > or > > > > bridge at home > > > > > > Yes, exactly this. If you are interested in running a non-exit relay at > > > home, and you can tolerate the hassles from occasionally finding that > > > some service doesn't want to hear from you, then you are definitely > > > helping the diversity of the Tor network. > > > > > > Having the Tor traffic concentrated at a few cheapo providers like Hetzner > > > and OVH is not only scary in the sense that too much traffic goes through > > > too few cables, but it's also scary because it increases the appeal for > > > somebody to attack those few companies, either by breaking into their > > > infrastructure to watch traffic or through more traditional insider > > > threats like getting an employee there to help them monitor traffic. > > > > > > The internet already has uncomfortably many bottlenecks -- too few > > > undersea cables, too few Content Distribution Networks (CDNs), too few > > > app stores, etc. > > > > > > > (even Exit relay, I do run an Exit relay at my office place > > > > and I had one police visit in like 8 years or so). > > > > > > Follow this advice only with great cau
[tor-relays] Relay reboots every 15 minutes
Starting about a week or so the number of connections raised rapidly to 18000+ and since then my middle relay reboots every 15 minutes. Lowering the relaybandwidth to a few MBytes partly solved these reboots. Before these unplanned reboots the relay has run for months at 20 - 40 MBytes traffic without issues. The number of connections now is around 11000 per relay. How can I prevent these reboots? ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Relay reboots every 15 minutes
Checking the available memory of my 2 GBytes server with Linux commend: free -m the relay runs out of memory after rebooting within a few minutes while the connections raise to the now usual 10600 connections. A few minutes the available memory is about 90 MBytes and then the relay reboots. It has been running fine for months without this memory problem. My Raspberry Pi relay with 4 GB of RAM relay does not seem to have this problem. > Op 15-01-2024 11:14 CET schreef torserver : > > > Starting about a week or so the number of connections raised rapidly to > 18000+ and since then my middle relay reboots every 15 minutes. Lowering the > relaybandwidth to a few MBytes partly solved these reboots. Before these > unplanned reboots the relay has run for months at 20 - 40 MBytes traffic > without issues. > The number of connections now is around 11000 per relay. > How can I prevent these reboots? > > ___ > tor-relays mailing list > tor-relays@lists.torproject.org > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays > ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
