Running a TOR Relay, Part 2

raindog308

vpsBoard Premium Member
Moderator
Thanks for all the advice in my previous thread.  I realized I had an affiliate credit with 6sync and decided to spin up a TOR relay there.  I have a spare OvZ at BuyVM as well so maybe I'll run two.

So the 6sync box is 512MB, 2 cores, 2TB BW.

Here is how I configured my torrc (thanks to Nyr with corrections), with comments:



Log notice file /var/log/tor/notices.log
RunAsDaemon 1
ORPort 443
DirPort 80

Running on 443/80 is good for people who are behind restrictive firewalls.  Obviously won't work if you're running a web server on the same box.



Nickname some-nick
ContactInfo Some Name [email protected]


Spammers may harvest the email, so use something with a good filter like GMail.  No real need to be super-secret-anonymous here - after all, your VPS provider has all your billing details :)


Code:
ExitPolicy reject *:* # no exits allowed
Make sure this is the only ExitPolicy line, because TOR will use first match to find a policy.



RelayBandwidthRate 250 KB  
RelayBandwidthBurst 300 KB 

What you want to do is divide the bandwidth rate out so that your per-second rate adds up to what you want to contribute (and be sure to reserve any non-TOR bandwidth you need).

The math is in KB per second (kilobytes not kilobits), and you need to count each direction, so divide by two.

Here is an example calculation:

31 days * 24 hours per day * 60 minutes per hour * 60 seconds per minute = 2,678,400 seconds per month

1KB per second is (2,678,400 / (1024*1024) ) = ) 2.55 GB/month.  

So if you wanted to dedicate 1.5 TB ( 1536 GB ) per month, that would give you a rate of (1536 / 2.55 =) 602 KB/sec.  Divide that by two (bi-directional) to get a setting of 300 KB.  

There is also AccountingMax and AccountingStart, but you don't want to blaze through your bandwidth in week one of the month and then hibernate for three months, given the way your bandwidth is viewed by the network (see this article: Lifecycle of a New Relay)

 

 
 

Echelon

New Member
Verified Provider
I guess one thing that would be interesting is to take count of how many abuse complaints result from the deployment of the TOR node.
 

Francisco

Company Lube
Verified Provider
Zero:

ExitPolicy reject *:* # no exits allowed
As rm_ said but I'll expand it more.

A relay only ever passes TOR traffic which is entirely encrypted. Nothing bad can come of this, assuming you're running a proper EXIT policy.

When you act as a middle relay you're seeing nothing but encrypted traffic. As a relay, though, you'll likely also be accepting some unencrypted requests, namely from people that connect to you to get into the TOR network.

You know, I would assume that it would be encrypted even on the inbound from connecting users since the TOR client encrypted it as it leaves your computer no?

Francisco
 
Last edited by a moderator:

Echelon

New Member
Verified Provider
I failed to notice the ExitPolicy line. My mistake. I think it would be interesting though to get some statistics on what kind of headaches running an exit node would bring oneself on a normal basis, but I don't think anybody wants to put themselves in that sort of line of fire intentionally either.
 
Top