https://consensus-health.torproject.org/ indicates that three
authorities are running the patch, so six aren't. If two of those
six went offline, that's enough for the remaining authorities to
not put together a majority of Running votes for the 0.2.2.x
relays. It happens that two of those
Hi Alexander,
thanks for starting this.
bigger relay operators running multiple servers with many nodes will
probably like this (just saying 'MyFamily' updates ;)
Which brings me to my first question:
Does the module support running multiple tor instances on a single
server?
This is something
I’ll try now to understand what’s involved in having multiple
instances running on the same node, but I guess there’s the need for
a radical different approach (i.e. not following
https://www.torproject.org/docs/debian.html.en#ubuntu as I did for
building the module in the first place)
see
Did you take a look at the existing projects?
https://github.com/search?q=tor+puppet
Maybe you should merge your project with one of the existing ones?
Is anyone at torservers partners or anyone else using puppet to
manage multiple relays and could share their experience?
I also got certificate warnings when opening torbrowser.
Vidalia told me I'm using this exit as well.
It hasn't got the badexit flag yet.
How long does it usually take for the dirauth operators to agree on that
/ deploy?
I also had in mind that there was a exit relay scanner (from Mike?) that
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
The relay appears to be down (still hasn't gotten the bad exit flag -
who knows if they are going to start it again) but this occurrence
rises a few questions in general.
It hasn't got the badexit flag yet.
The relay operator wasn't aware of
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
I was planning to make an announcement
good news
If you are implying that the current process starts with 'let the
relay operator handle it', I'd suggest to set the badexit for
confirmed bad properties *first* (no matter whether they are
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
I guess it makes sense to make this change a bit more visible on the
tor-relays mailing list since relay ops will notice the change
eventually and not everyone is reading changelogs closely.
A lot of relays will loose their guard flag (and
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi torservers,
since you haven't updated most of your relays to address [1] released
on 2014-07-28 yet, I was wondering if everything is ok? collective
vacation?
Since you are operating a significant chunk of the tor network's bw -
timely patching
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
FYI: I just sent out the email bellow to ~160 relay operators - I hope
this results in some actual improvements.
It is a bit disappointing to see even torservers.net, DFRI, icetor,
Frenn vun der Enn, Calyx, Cymru in the recipients list.
The
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
related feature requests/trac entries:
https://trac.torproject.org/projects/tor/ticket/6947
https://trac.torproject.org/projects/tor/ticket/6855
https://trac.torproject.org/projects/tor/ticket/6856
-BEGIN PGP SIGNATURE-
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 08/17/2014 01:08 AM, Nusenu wrote:
since you haven't updated most of your relays to address [1]
released on 2014-07-28 yet, I was wondering if everything is ok?
collective vacation?
Indeed. This is terrible and we will add some more
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
I wanted to switch to unattended upgrades a long time ago, but the
story of our relay management is more complicated than that...
What were the specific problems with unattended upgrades?
There have been some threads about it on the mailing
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Spencer Rhodes:
If another email goes out to operators of outdated Tor relays, I
would suggest including some information and a link to the Tor
Weather service, which has an option to notify via email if the
software version is outdated.
Yes
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
ja...@icetor.is:
yep you're correct, I should have taken note of the version
numbers better. All exits have been updated now.
is atlas wrong/not up to date yet about loki2 having an uptime of 60
days and still running tor v0.2.4.22?
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
ja...@icetor.is:
actually after poking at this for a bit tonight it looks like
newer packages haven't been rolled out for deb.torproject.org
repo's yet. I'll be waiting for them first. -Jason
could you describe your problem a bit? if even you
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
its done
https://metrics.torproject.org/network.html#relayflags
-BEGIN PGP SIGNATURE-
iQIcBAEBCgAGBQJT9NmQAAoJEDcK3SCCSvoeDSQQAK5H7OCQjvPt37VDyFbQICCP
scHgmx8tK+y5u2jOat7/fkrXCAPRyhkhRx4xLxJiDfZFmldKOQuPwCEAedBbR9is
Moritz Bartl (2014-08-17):
I am returning from vacation tomorrow and will update all relays.
Sorry for the delay.
Are these torservers' relays and is blutmagie showing their current
version? (not updated yet):
Are these torservers' relays and is blutmagie showing their current
version? (not updated yet):
Two boxes weren't updated correctly. The
rest of the relays aren't from us, even though they show our contact
info
Hi Moritz,
your answer was not very specific.
Is anonymizer1.torservers.net
(if you are on the CC list of this email you are probably one of the tor
relay operators running one of the 10 fastest vulnerable [CVE-2014-5117]
relays on the tor network. Please upgrade your tor relay)
The tor network is currently at 64% of the bandwidth being served by
relays running a
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Moritz Bartl:
For exit relays, you want WHOIS reassignment.
expected answer :)
I'll add the RAM sanity check (RAM/instance ratio).
Yes, should work out of the box - even on weird machines is a worthy
design goal.
-BEGIN PGP SIGNATURE-
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Moritz Bartl:
On 02/17/2015 11:25 PM, Nusenu wrote:
I'm wondering if simply (blindly) running two tor processes per
available IP is any worse than anything else from a pure lets
push as much traffic as we can (on a host not on a tor process
2.2.2.2:443
3.3.3.3:80
3.3.3.3:443
including MyFamily configuration across all servers/instances.
regards,
Nusenu
changes
===
- - auto instance deployment without manual IP/ORPort configuration (new)
starts 2 tor instances per available IP address by default
makes manually
make this a seperate yml task
file; your use is quite different than most of the entities
currently using this ansible role. So let's add these as a new task
file instead of modifying the existing task file.
That is fine with me.
regards,
Nusenu
-BEGIN PGP SIGNATURE
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Bug:
Due to the fact that MyFamily is not written to the torrc in the
first round, torrc files will always change which results in tor
processes being reloaded unnecessarily often - which is not what we want.
- --list-fingerprint is probably the
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Bug:
Due to the fact that MyFamily is not written to the torrc in the
first round, torrc files will always change which results in tor
processes being reloaded unnecessarily often - which is not what we
want.
--list-fingerprint is
(duplicate code, multiple torrc's).
Furthermore... I hate centralized media and all but github sure would
make patch submission and review easier.
Yes, I'm considering it if this becomes something reoccurring.
thanks,
Nusenu
-BEGIN PGP SIGNATURE
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Moritz Bartl:
On 02/17/2015 06:29 PM, Nusenu wrote:
Arzhel and Moritz, could you comment on whether you prefer to
manually create/specify tor instances (via 'proc_instances') as
you do here [1], or whether you would make use of an instance
auto
https://blog.mozilla.org/it/2015/01/28/deploying-tor-relays/
ansible configuration
https://github.com/XioNoX/moz-tor-relays/
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
hi,
eric gisse:
I even threw on a squid proxy on regular http and that's caching
something like 5-10% of all requests and overall http bandwidth.
Are you saying you are routing exit traffic through a transparent squid
http proxy?
If that is the case, please do not interfere with exit traffic
circuit.
thanks!
Nusenu
The relevant configuration option is:
MyFamily node,node,…
Declare that this Tor server is controlled or administered by a group
or organization identical or similar to that of the other servers,
defined by their identity fingerprints. When two servers both declare
Stephen R Guglielmo:
On February 10, 2015 7:34:56 AM EST, Nusenu nus...@openmailbox.org
wrote:
As far as I know tor weather is basically unmaintained but I filed
a bug anyway:
https://trac.torproject.org/projects/tor/ticket/14842
FYI: info discl. in tor weather/website:
https
Speak Freely:
It took 3 days for Tor Weather to tell me one of my relays went down. I
had similar settings, I believe 0 bandwidth for an hour.
So, it's sorta kinda working? :)
Unfortunately I didn't get an email at all (on multiple occurrences).
Hi,
I subscribed to tor weather to get notifications in case something is
wrong with a relay.
Although the relay had several downtimes (1 day), I never got an email.
(I subscribed to with the minimal setting 1 hour)
Did anyone get emails from tor weather in the past 2-3 weeks during
downtimes?
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi Jens,
thanks for sharing your notes.
Jens Kubieziel:
* How to make nodes faster Someone had a 10Gig which link was not
used. It was recommended to use multiple processes; one process per
core.
Yes, run lots of instances on such pipes.
*
)
These files are hand-crafted since ContactInfo fields tend to be
rather long..
https://raw.githubusercontent.com/nusenu/misc-files/master/tor-relays_by_contact.txt
https://raw.githubusercontent.com/nusenu/misc-files/master/tor-relays_by_contact_p-exit-sorted.txt
Kudos to torpids (aka diversity
:
rohan: 363.32 MB/s
theoden: 191.44 MB/s
but the graphs show different values:
rohan: ~20MB/s
theoden: ~10MB/s
So I'm curious how come that their advertised/observed bw is so much
higher. Can you share some insights?
thanks,
Nusenu
theoden
https://atlas.torproject.org/#details
] before 0.2.6.x is released,
Nusenu
[1] https://trac.torproject.org/projects/tor/ticket/14996
[2] https://trac.torproject.org/projects/tor/ticket/14995
-BEGIN PGP SIGNATURE-
iQIcBAEBCgAGBQJVALjtAAoJEFv7XvVCELh0Z5EP/1707hburFFHAFlls3KIY0t8
O3g7MDSgB+D0cgTOgwLCow+8+vtvLi4aUIH
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi David,
Excellent! Do you plan to do this for the debian package as well?
yes the debian init script was actually done before the one for the
RPM packages.
See my initial email:
now lets hope for the debian packages before 0.2.6.x is
I just noticed that torctl (which includes configuration) is still in
use, so my first step would be to merge the code in torctl into the
main init script and then proceed with multi-init support (adds
/etc/default/tor).
(will be separate commits)
looking forward to your reply,
Nusenu
-BEGIN
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
I followed the tickets about the subject and I've found the script
they point to, but I didn't find any reference to a git repository,
is it set up ?
temporary repo (until something gets merged) - of first drafts:
https://github.com/nusenu/tor
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
https://github.com/nusenu/relayor
I'm sorry if you are looking for the repo,
github decided to hide my account from the public..
(without sending an email notification about anything)
One of our mostly harmless robots seems to think you
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
I just filed two tickets to add support for multiple tor instances
to the official deb/rpm packages.
I think this is useful for many relay operators (so they don't have
to replace the init scripts themselves anymore).
for a
longer list of changes).
https://github.com/nusenu/relayor
Core features:
- - configure multipe tor instances on a server automatically
generates two instances per available IP address
(Memory auto detection is not implemented yet)
- - take care of MyFamily automatically
script shipped with RPM packages?
thanks,
Nusenu
-BEGIN PGP SIGNATURE-
iQIcBAEBCgAGBQJU8OTbAAoJEFv7XvVCELh0rqsQAKEP+ShK/emjVyHb0816+prX
a0bHLDUqZNLrSJHNlbSoU1a0IaIvIK1D4aDiuHQNusgwDWpdXip/h2vUB5U4B4e6
acePqLaXGBCAc7qxsGIJMnNgORWjC2Koat6Z2PFPSxmd+z/trXKmpCSToyHQcQmW
W9g2A/fQTHp+n/cRhaAYIxQ
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Ondrej Mikle:
I still think it's a rather ugly hack that should be solved
through virtualization means instead.
I'm not sure I'm following you here, could you elaborate?
But if you provide patch that works for all the supported distros
(ELs
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Daniel Jakots:
It's useful on big nodes. Due to technical limitations in how Tor
handle multicore, we need to run multiple daemons on a same host so
it scales better with the CPU.
Multiple tor instances can even be useful on systems with low
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
I just filed two tickets to add support for multiple tor instances to
the official deb/rpm packages.
I think this is useful for many relay operators (so they don't have to
replace the init scripts themselves anymore).
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
I figured that the CPU is so busy because the vserver doesn't have
AES-NI, which I confirmed by some command I run (forgot the
command).
So I thought I might wanna move that relay to another server, maybe
at the same hoster to get higher
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
ok maybe we should be more specific.
https://globe.torproject.org
works
-BEGIN PGP SIGNATURE-
iQIcBAEBCgAGBQJVFoVPAAoJEFv7XvVCELh0QHcQAJFyvDr/D4b6ile7pTO/COn2
uvHu2ADrBdy77keGrYrl72OuWHnYx5GBTMcLx9A3eIz0JyHQ/sX3iAR0hZrXYrSZ
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
eliaz:
Account suspended? Atlas isn't running so hot either. rats... -
eliaz
works fine here (globe + atlas)
-BEGIN PGP SIGNATURE-
iQIcBAEBCgAGBQJVFl65AAoJEFv7XvVCELh0UcQP/175w4Vt0z1sKOHJBGKX7d76
comments,
Nusenu
[1] http://docs.ansible.com/
[2] https://github.com/nusenu/ansible-relayor
[3]
https://lists.torproject.org/pipermail/tor-relays/2015-March/006526.html
[4]
https://lists.torproject.org/pipermail/tor-relays/2015-March/006527.html
[5] https://trac.torproject.org/projects/tor/ticket/14996
? Or does every single tor instance need its own?
And the ControlPort? One for each instance? How do you
distinguish tor instances when doing syslog logging?
ansible-relayor takes care of this and generates torrc files
accordingly (separate datadir, separate logfiles, ...).
regards,
Nusenu
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
You might also want to consider the exit probability and use that
in addition or instead of CW.
I don't know if VULTR has multiple ASes but if they do you might
also want to have a look at the group by AS results (if they
allow you to
but it will be opt-in since
I don't want to mess with people's ports tree out of the box).
See also:
https://github.com/nusenu/ansible-relayor/issues/26
-BEGIN PGP SIGNATURE-
iQIcBAEBCgAGBQJVR0DlAAoJEFv7XvVCELh09KsP/1isBJ7H7CJ75fR2iPco15mS
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi Seth,
I'm standing up a new exit relay on the VULTR network. How would a
person go about determining which location is in most need of
additional exit relay capacity?
thanks for taking network diversity into account when setting up new
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
* Price (hardware bang for the buck. SSD, 1000GB bw/mo in most
locations. Starter pkg is $5/mo)
I'd say 7$ for 2TB/mo on 1GB RAM is expensive if you compare it with
100mbps unmetered and lets say you are able to saturate ~50% =
~30TB/mo (~50
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Looking at the graphs showing the number of relays in the network
it seems like we've lost about 500 (-7%) relays since the beginning
of this year.
https://metrics.torproject.org/networksize.html?graph=networksizestart=2015-01-01end=2015-05-03
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
OVH is pretty good value,
CAD$2.99/mo for 1GB RAM and unlimited transfer at 100Mbps (it’s
speed limited after 10,000GB) and both IPv4/6.
However there are 424 OVH relays across 12 countries might not fit
with your goal to add more
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Speak Freely:
It seems like the most pertinent task would be to fix the problem,
not display it.
Just saying...
I agree.
Do we know already which relays are affected and why?
teor asked in the trac entry as well.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Speak Freely:
From my experience, this happens only with exit relays. Changing
from
an exit relay to a guard fixes the problem immediately.
I've seen past threads that mentioned deleting your id key would
fix the problem, but that never
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Dear Tor BW Authories,
we'd like to bring the following issue to your attention.
Since the last two weeks the amount of unmeasured relays is steadily
rising [1].
unmeasured relays on 2015-05-01: 387
unmeasured relays today: 1087 (and growing)
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Graph showing the last 5 months:
https://trac.torproject.org/projects/tor/attachment/ticket/13450/unmeasured_relaycount.png
you
can also see that the adv. bw. is going down since the beginning
of the month:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Moritz Bartl:
ORPort [IPv6::address]:port IPv6Exit 1 ExitPolicy reject6 *:*
Do non-exit relays require the last two lines as well?
https://trac.torproject.org/projects/tor/wiki/doc/IPv6RelayHowto :
In order to be able to exit to IPv6 addresses,
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Since clients are not able to bootstrap over IPv6 yet:
https://trac.torproject.org/projects/tor/wiki/org/roadmaps/Tor/IPv6 :
Directory authorities on IPv6
Clients and relays talk to directory authorities. The work with
making directory
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
In the light of this thread I made an onionoo (- atlas) feature
request to display the Unmeasured=1 flag on atlas (eventually).
https://trac.torproject.org/projects/tor/ticket/16020
-BEGIN PGP SIGNATURE-
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
now even DocTor starts to complain
https://lists.torproject.org/pipermail/tor-consensus-health/2015-May/005772.html
-BEGIN PGP SIGNATURE-
iQIcBAEBCgAGBQJVWlNjAAoJEFv7XvVCELh0hPgP/36ZVrI6ec+5iplyNWN8xklx
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Roger Dingledine:
Yep. moria1's bwauth seems to be working fine, so I'm the only one
paying attention to the thread here
sounds alarming if people operating tor's key infrastructure do not
care (or have not enough time to care)
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
seems like avira is joining us running 24 exits through as24875.
seems to be about double the size of mozillas relays.
Yes, they joined on 2015-05-11. One of the few groups of relays that
actually have a proper MyFamily configuration.
A relay running in South America could do more bad than good, as it
would increase the average latency
I was also thinking about that.
Does improving geo-diversity negatively affect latency?
and I agree with you that the example (more relays in South America)
would probably increase avg.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
(split from 'Qualities of a good relay' thread)
I run a relay in Japan on a gigabit connection, but nobody cares
too much, since (I assume) bwauths aren't anywhere near Japan and
do not get good speeds to it, they give it a low weight, and as a
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
I’m currently working with Dr. Virgil Griffith on Roster, a tor
project that aims to reward relay operators with good relays.
Besides the obvious requirements of a good relay (e.g. speed,
geo-diversity, constant uptime), what qualities make
)
8a9,10
pexp=${daemon}${daemon_flags:+ ${daemon_flags}}$
(this line is a complete copy from rc.subr with the addition of one
char: $ )
thanks,
nusenu
https://github.com/nusenu/ansible-relayor/issues/40
-BEGIN PGP SIGNATURE-
iQIcBAEBCgAGBQJViSx3AAoJEFv7XvVCELh0y8UQAJgb6JVbKde/xf79YJJr8LW1
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi Pascal,
thanks for the fast reply.
I think there is a slight misunderstanding.
rc.subr(8) does not have multi-instance support, and it will most
likely stay that way.
Correct, and I'm _not_ trying to add that in any way to rc.subr or to
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
what do you think of changing OpenBSD's tor rc script to require
perfect process matches when sending signals to them instead of
the current kill everything that starts with... approach?
I've put tor-relays on CC so people can speak up if
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Did this reply make the intentions clearer?
Yes, thanks. Though my first inclination would be to tell users
don't use rc.d if you've got the ansible role configured, I
suppose it can't hurt to make it foolproof. I'll test your patch
in
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
you can find answers to some of your questions here:
https://lists.torproject.org/pipermail/tor-talk/2015-June/038264.html
-BEGIN PGP SIGNATURE-
iQIcBAEBCgAGBQJVluDYAAoJEFv7XvVCELh0Y88P/2gUhDaks65Gg6664RrOOA5S
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
But bottom line, the Tor Project apparently did nothing with the
information.
Well, they apparently made (according to phw) an informed decision on
which attacks they should be spending the little available resources.
That is certainly more than
,
nusenu
-BEGIN PGP SIGNATURE-
iQIcBAEBCgAGBQJVmFbuAAoJEFv7XvVCELh02FIP/i4ncGP/MDvAehhq+VZraZ/N
b7u3L6ZM43zhgLjL4SJQc2mAEfAE9Nf/OCfjAIAdnwr1z+dt0nJZU6ei2RfS045I
AwwLsjMZ3hO2l4LLifZcbAGSD0ROd5Il2+Nj90lrBBOmSddjsR/aw5BucDTQqDs2
FTWeezoJEXQcWRnwPPkGwT0bS0vrU4WnXG26lJu3SmUdJyXHEfPHFHiVNKHn04up
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
2. Openness. Traditionally there's been some contention about where
to draw the line between openness and secrecy. Personally this is
what turned me off to this space [3]. Thankfully Philipp's moving
us toward being a little less secretive. [4]
Hi,
this is actually a question to BWauth ops.
even though the new onionoo measured flag data is not* yet completely
rolled out (since it has to be deployed for a week to assign the flag
to all relays), I would have a question since the data says that
all relays in the previously detected AWS
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi,
starlight.201...@binnacle.cx:
https://trac.torproject.org/projects/tor/ticket/16696
thanks for this info.
Has this fallback happened before (=some experience on the potential
impact available) or is this outage happening for the first time
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 08/06/2015 11:29 PM, nusenu wrote:
most hibernating relays with daily quotas start relaying traffic
at 0:00 local time.
https://www.torproject.org/docs/tor-manual.html.en
AccountingMax
[...] When the number of bytes is exhausted, Tor
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
If you run a hibernating relay and want to spread your resources
more evenly you can set a non-default AccountingStart time, simply
choose HH:MM in that setting as you wish.
NOTE: If you require your relay to not use more than X GB within one
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Maybe one of the BW auth guys can comment on how the total
measurement result is cooked up!?
https://gitweb.torproject.org/torspec.git/tree/dir-spec.txt#n2028
https://lists.torproject.org/pipermail/tor-dev/2015-August/009255.html
-BEGIN PGP
be interested
what kind of tor related data you are logging at your exit relays and why.
thanks,
nusenu
[1] https://atlas.torproject.org/#search/contact:C20BEC80
[2] http://boingboing.net/2015/08/04/what-happened-when-the-fbi-sub.html
signature.asc
Description: OpenPGP digital signature
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi Thomas,
in case this is not known to you yet:
There appears to be a problem with your onionoo instance:
https://onionoo.thecthulhu.com/summary?limit=1
Error 500 Server Error
-BEGIN PGP SIGNATURE-
(what message was the reply to which email).
thanks,
nusenu
-BEGIN PGP SIGNATURE-
iQIcBAEBCgAGBQJVxfCpAAoJEFv7XvVCELh0wZwQAIZ+jOaNTwjYYwQLfl8gIK9j
pE+GHGi4mV0R/FSsFAjfkJQzWp1AakaOMR7AeqxWjQmz4HWUyjm09TP+R+x6tfUw
/9ilSiZn++p9F/+J++ukUa8ozoi1ogN4XTo/OnJo12udgAAZ/+p5NW4suMO9scId
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
it'll need to catch up on the data.
Thanks for the info.
There might be a problem with the data as well:
https://lists.torproject.org/pipermail/tor-dev/2015-August/009227.html
-BEGIN PGP SIGNATURE-
Out of curiosity, what is the need for ensuring a node cannot be
put into a family without its consent? What would be wrong with,
say, a FamilyName directive? Set the same FamilyName on each node
you control, and routes will avoid multiples.
That would give an adversary the ability to
references:
https://gitweb.torproject.org/torspec.git/tree/proposals/242-better-families.txt
https://trac.torproject.org/projects/tor/ticket/15060
___
tor-relays mailing list
tor-relays@lists.torproject.org
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
[split from 'Giving away some pre-warmed relay keys for adoption']
I'm of the opinion that it may be worth adding code to pin relay
identities to IP addresses on the DirAuth side so that consensus
weight and flag assignment gets totally reset
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
What was knee-jerk about my response?
I found it also unnecessarily sharp, maybe because I assumed no
malicious intent and I don't believe malicious actors depend on such
'pre-warmed' key offers anyway.
The relay identity key is sensitive
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
6042 Linux 83% 889 Windows 12% 220 FreeBSD 3% 71 OpenBSD 1% 41
Darwin .5% 10 NetBSD .1% 5 SunOS 4 DragonFly 4 Bitrig 1
GNU/kFreeBSD 1 ElectroBSD
Market share doesn't really say anything about ability to fill
the relay role,
Good point.
The underlying problem has been fixed in rc.subr and no longer requires
rc script customization to get a sane behavior by default.
http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/etc/rc.d/rc.subr?rev=1.99content-type=text/x-cvsweb-markup
signature.asc
Description: OpenPGP digital signature
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
I believe what you describe is possible in the current system as
well.
No it is currently not possible, since the current MyFamily design
requires mutual consent.
-BEGIN PGP SIGNATURE-
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi,
the following relays have misconfigured MyFamily settings.
'misconfigured' is defined by
declared family does not match effective family (as computed by
onionoo's new effectiv_family field [1] - thanks Karsten).
Maybe we will see future
Your table list “Internet Assigned Numbers Authority”. Where does
that come frome? [...] I know that ICANN has an AS, but I haven't
been able to find one for IANA.
I should have included information about what data this is based on.
I used onionoo.torproject.org data from 2015-07-04 16:00
/bugreport.cgi?bug=791393
[4] https://github.com/nusenu/ansible-relayor
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Hi,
here are a few graphs, that - unlike metrics.tpo - do not focus on relay
count but consider CW fraction or exit/guard probabilities.
OS share by CW fraction
https://raw.githubusercontent.com/nusenu/tor-network-observations/master/png/os-share.png
I didn't known about Tor 0.2.8 until I saw
1 - 100 of 911 matches
Mail list logo
