All:
Nevermind... After roughly 48 hours, the written/read bytes per second graph,
on the metrics.torproject.org site, began showing normal activity, again.
Please consider this thread resolved.
Respectfully,
Gary
On Monday, August 23, 2021, 2:15:07 AM MDT, Gary C. New
<[email protected]> wrote:
All:
It turns out that this issue was related to PortForwarding to the Private
Gateway Address (192.168.0.1:9001).
The solution was to include an iptables ACCEPT Rule in the INPUT Chain to the
PortForward destination (the Private Gateway Address - 192.168.0.1:9001).
# iptables -I INPUT -p tcp --dport 9001 -j ACCEPT
# iptables -A VSERVER -p tcp -m tcp --dport 443 -j DNAT --to-destination
192.168.0.1:9001
Now, the Tor Self-Test is returning successfully. However, now, there is an
issue with the written/read bytes per second graph, on the
metrics.torproject.org site, dropping to zero.
Any idea why PortForwarding would cause the written/read bytes per second graph
to drop to zero?
Respectfully,
Gary
On Tuesday, August 17, 2021, 7:43:22 AM MDT, Gary C. New
<[email protected]> wrote:
All:
After reviewing several packet-traces of Tor bound directly to the Public
Address:Port vs Tor bound to the Private Address:Port and Advertising the
Public Address:Port, I believe I may have found the the issue.
It appears that when Tor is bound directly to the Public Address:Port, the
initial measurement connections are initiated from External Tor Nodes via
High-Ports to the Public Address:Port over TLSv1.2 or TLSv1.3 successfully
passing self-test. However, when Tor is bound to the Private Address:Port and
Advertising the Public Address:Port, the initial measurement connections are
initiated from External Tor Nodes via High-Ports to the Public Address:Port
over TLSv1.0. Tor does not like the TLSv1.0 connections and Resets the them;
thus, failing the self-test.
The question is... Why are the initial measurement connections initiated from
External Tor Nodes via High-Ports with the Private Address:Port binding and
Public Advertised Address:Port combination over TLSv1.0?
Has anyone successfully implemented the Private Address:Port binding and Public
Advertised Address:Port combination that successfully passes self-test whom
would be kind enough to share their configuration?
Is there a way to force the External Tor Nodes that initiate the measurement
connections to use TLSv1.2 or TLSv1.3 with the Private Address:Port binding and
Public Advertised Address:Port combination?
Thanks, again, for your assistance.
Respectfully,
Gary
On Saturday, August 14, 2021, 2:47:01 AM PDT, Gary C. New
<[email protected]> wrote:
David,
The ISP has port 9001 blocked to the Public Address.
Do the ports have to be the same, when using NoAdvertise & NoListen with the
ORPort directive?
Thanks!
Gary
On Saturday, August 14, 2021, 12:20:36 AM MDT, David Figuera <[email protected]>
wrote:
> ORPort 198.91.60.78:443 NoListen
> ORPort 192.168.0.1:9001 NoAdvertise
Why two different ports?
_______________________________________________
tor-relays mailing list
[email protected]
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
_______________________________________________
tor-relays mailing list
[email protected]
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
