![]() If you enable IPv6 without working IPv6 connectivity, your entire relay will remain unused, regardless of whether IPv4 is working. This is especially valuable on exit and guard relays.īefore enabling your tor daemon to use IPv6 in addition to IPv4 you should do some basic IPv6 connectivity tests. We encourage everyone to enable IPv6 on their relays. Having a fast relay for some time of the month is preferred over a slow relay for the entire month.Īlso see the bandwidth entry in the FAQ. The following torrc configuration options can be used to restrict bandwidth and traffic: This can be handy if you want to ensure that your Tor relay does not exceed a certain amount of bandwidth or total traffic per day/week/month. Tor will not limit its bandwidth usage by default, but supports multiple ways to restrict the used bandwidth and the amount of traffic. Optional: Limiting bandwidth usage (and traffic) ![]() Manually managing MyFamily for big relay groups is error-prone and can put Tor clients at risk. Instead of doing so manually, for big operators we recommend to automate the MyFamily setting via a configuration management solution. To find your relay's fingerprint you can look into the log files when tor starts up or find the file named "fingerprint" in your tor DataDirectory. If you run two relays and they have fingerprints AAAAAAAAAA and BBBBBBBB, you would add the following configuration to set MyFamily: MyFamily AAAAAAAAAA,BBBBBBBB The MyFamily setting is simply telling Tor clients what Tor relays are controlled by a single entity/operator/organization, so they are not used in multiple positions in a single circuit. To avoid putting Tor clients at risk, when operating multiple relays you must set a proper MyFamily value and have a valid ContactInfo in your torrc configuration. Important: if you run more than one Tor instance The following Ansible Role has specifically been built for Tor relay operators and supports multiple operating systems: Ansible Relayor. There are multiple configuration management solutions for Unix-based operating systems (Ansible, Puppet, Salt. ![]() ![]() If you plan to run more than a single relay, or you want to run a high capacity relay (multiple Tor instances per server) or want to use strong security features like Offline Master Keys without performing additional steps manually, you may want to use configuration management for better maintainability. To understand this process, read about the lifecycle of a new relay. It takes some time for relay traffic to ramp up, this is especially true for guard relays but to a lesser extent also for exit relays. ![]() You can search for your relay using your nickname or IP address. Excellent.Ībout 3 hours after you start your relay, it should appear on Relay Search on the Metrics portal. If your logfile (syslog) contains the following entry after starting your tor daemon your relay should be up and running as expected: Self-testing indicates your ORPort is reachable from the outside. You can find the specific ORPort TCP port number in the torrc configuration samples below (in the OS specific sections). If you are using a firewall, open a hole in your firewall so incoming connections can reach the ports you will use for your relay (ORPort).Īlso, make sure you allow all outgoing connections too, so your relay can reach the other Tor relays, clients and destinations. ![]()
0 Comments
Leave a Reply. |