[tor-relays] I need a new VPS provider
Hello, I am currently using gcore.com as my VPS hosting provider. I have been running a Tor bridge with them for several years now. I am supposed to be getting 200 Mbps unmetered bandwidth. However, in the past six months, my bandwidth usage has been declining a lot. It seems like they might be throttling my server. I was getting over 2000 connected clients and now I'm down to less than 600. "iftop" shows me about 30 to 60 Mbps bandwidth usage during any time of the day. Take a look... https://metrics.torproject.org/rs.html#details/4A0B065DB3CF807C6910DFEF6D9CCCB95C59C585 So, I am trying to find a Tor friendly VPS provider that offers 1 Gbps unmetered bandwidth. I found my current provider in an article describing Tor friendly providers, but I cannot locate that link. I am currently paying about 15 Euros a month for a server with 2 cores, 4 GB RAM and 100 GB SSD. I would like to pay about the same for my new service. In my search, I have found some better providers, but they don't seem to be Tor friendly. Do you have a good provider that you really like that offers inexpensive VPS? I would prefer one located in the USA if possible, but I guess it doesn't matter if the bandwidth is good. Landon ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Fwd: Introducing & Discussing "Reflec-Tor"s as concept | Exit-Relay as Entry-Relay | Tor & Echo | Adding Entry-Relays as Reflec-Tor to Exit-Nodes
Hello, I am a bridge relay operator. As a bridge operator, I run my bridge to allow people in countries who experience government censorship to access the real uncensored Internet. I would not be willing to add a service to my server that could compromise my users' anonymity. I don't understand the necessity for an echo-server. What would an echo-server do that current Internet servers are currently not doing? You mention the ability to PING. Maybe I am not understanding your intentions for this pinging, but if it is to ping a Tor user, I think this would be a very bad idea. This could allow someone (AKA evil government spy) to know when someone is using Tor or the chat service. This might also be used to identify the computer that the Tor user is using by sending sequences of pings to that user; if the adversary is also able to monitor their network traffic, then the pinged Tor user could possibly be identified. I kind of think that you are trying to reinvent the wheel here. You want the echo-server to be a chat server on the open Internet that is accessed through the Tor network? We already have a tried and trusted chat server network on the open Internet called Internet Relay Chat (IRC) that has been used for decades as a public chat service. IRC is very anonymous when accessed through Tor. https://en.wikipedia.org/wiki/IRC There are IRC servers that I have used that do accept incoming chat connections from the Tor network and they do anonymize the incoming connection which hides the fact that you are accessing the server via Tor. There are even IRC servers that operate as a hidden Tor service. I use KVirc IRC client software: https://www.kvirc.net/ For example connecting to OFTC IRC server with KVirc client: Attempting secure connection to irc.oftc.net (OFTC) on port 6697 Attempting to 'bounce' on proxy pi on port 9050 (protocol SOCKSv5) This routes all IRC traffic through the Tor network and the IRC server is configured to accept connections from the Tor network. For chat servers that cache messages, there are servers such as matrix.org that can be accessed via Tor. Pretty much any chat server software can be configured as a hidden Tor service. So, I don't understand what your new chat software would do that doesn't already exist. I also don't like the idea of using exit servers as entrances to Tor. Exit servers are more rare as compared to other Tor servers except maybe bridges. It is easy to operate an entry node or middle relay node. Exit nodes involve more risk to the node operator. Landon On Wed, Jul 17, 2024 at 7:30 AM Sam wrote: > Hello, > as tb discussed further with developers of Tor, the concept of > "Reflec-Tor"s (and Exit-Nodes to be seen also as an Entry-Node) might have > an impact like Snowflakes for Chat and Messaging over Tor and addresses > opinions of Relay admins and university research too. > Regards > > -- Forwarded message - > Date: Di., 16. Juli 2024 um 20:36 Uhr > Subject: Fwd: Introducing & Discussing "Reflec-Tor"s as concept | > Exit-Relay as Entry-Relay | Tor & Echo | Adding Entry-Relays as Reflec-Tor > to Exit-Nodes > To: > > System wrote via Tor Project :Feedback: > Please submit the proposal also to tor-dev: tor-dev Info PageIntroducing > & Discussing "Reflec-Tor"s as concept | Exit-Relay as Entry-Relay | Tor & > Echo | Adding Entry-Relays as Reflec-Tor to Exit-Nodes > > https://www.reddit.com/r/TOR/comments/1e4te8m/introducing_discussing_reflectors_as_concept/ > > ==Introducing > & Discussing "Reflec-Tor"s as concept | Exit-Relay as Entry-Relay | Tor & > Echo | Adding Entry-Relays as Reflec-Tor to Exit-Nodes > > > *Tor-Messaging: Introducing & Discussing "Reflec-Tor"s as concept | > Exit-Relay as Entry-Relay |* > > Hello, > > I think this belongs to this core, general, relay topic-forum, as it is > also a development & community issue, request and efford, I post it here > into the reddit forum for your core discussion: > > The idea is to add next to Bridges, Relays and Exit-Nodes also > "Entry-Nodes" as "Reflec-Tor"(s) to the point of Exit-Nodes. Hence: > Exit-Nodes are developed futher to be also an Entry-Node. > > Some may remember when gnutella got hybrid with edonkey and then also with > torrent, Mike Stokes from Shareaza did that. > > The idea today, 20 years later, is to add some Echo-capabilities to Tor in > regard of the servers for Exit and Entry. > > *Vision: Every (updated) Exit-Node is an Echo-Server - For a better > Tor-Messaging.* > > What does that mean? > > An Echo-Server is a server for chat-messaging to send an incomming message > packet again out to all conn
[tor-relays] An Internet backbone blocklisted my Tor server!
TL;DR... Write down your Tor server's GATEWAY IP address. if your server goes offline, try tracerouting to your Tor server's gateway IP address as well as your Tor server's IP address! You might be surprised by what you see! And also install MTR... It is helpful!! Here's the detailed explanation on how you can perform MTR command on your computer and server https://support.gcore.com/hc/en-us/articles/19864311353105-How-to-run-MTR-on-Windows-and-Linux Okay, here is what happened... Late last night I tried to log into my VPS where I am running my Tor bridge server. I was unable to connect. It seemed like my server was offline so I filed a ticket with my service provider which is GCore Labs ( https://hosting.gcorelabs.com/ ) (I've been running my Tor bridge on their server for 4 years.) However, I discovered that my server was not actually down. I was able to login to my server using VNC in the control panel. I did some network diagnostics to diagnose my network connectivity problem. Even though my server was running, it was essentially offline. I could not ping or traceroute from my server to 8.8.8.8 or 1.1.1.1. It looked like there was a network outage. I used some looking glass servers to see what was going on as well. Here was what I discovered... From the Internet, I could ping and traceroute my VPS server's gateway (which is one hop away from my server) but if I tried to ping or traceroute using my server's actual IP address then this is where it stopped working. The culprit was Cogent Communications' routers! [AS174] As soon as packets destined for my server's IP address reached Cogent's routers, they were dropped!! However, packets destined for my server's gateway went through! >From what I understand, my server's gateway is the physical machine running my VPS. How can a packet reach my server's gateway, but not reach my server? It's not like the packet was not making it from my gateway to my server. The packets were being dropped at the edge of Cogent's network [AS174]. I also ran a traceroute on Cogents own looking glass server ( https://cogentco.com/en/looking-glass ) and when I used my server's IP, it showed nothing but when I used my gateway IP it worked! Tell me how that is possible if Cogent was not blocking my server's IP address? I sent Cogent an email asking why they were blocking my server's IP address in their routers. By the time they got back to me, my server was back online and was not being blocked. They sent me an email saying that packets going to my server were routing through their network, which by that time they were. What is so interesting about my Tor server that a major network backbone blocks my IP? If you look at my Tor server's usage graphs, you can see where it is periodically offline. Look at the 6 month graph for the average number of connected clients and you will see places where it is not online. https://metrics.torproject.org/rs.html#details/4A0B065DB3CF807C6910DFEF6D9CCCB95C59C585 I bet the reason that my server periodically goes offline is because it is being blocked and not because it is actually offline! Have you ever had this happen to your server? Landon ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
[tor-relays] Request for Tor to support armhf architecture
I am running a Raspberry Pi Raspbian OS (debian) mini computer. Tor software does not support this hardware without me having to compile it myself for my platform. Which I don't know how to do. My specific APT error message says this: N: Skipping acquire of configured file 'main/binary-armhf/Packages' as repository 'https://deb.torproject.org/torproject.org bookworm InRelease' doesn't support architecture 'armhf' The Raspberry Pi is a perfect computer to run Tor because it has 8 GB RAM, is tiny, only uses a max of 25 watts of power and works great as a network server. Plus, I don't have to leave my big power hungry desktop computer on all the time to run Tor. Raspberry Pi info page: https://www.raspberrypi.com/products/raspberry-pi-5/ Landon ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Question on bridge hibernation
Hi, I just noticed that your bridge went offline an hour ago. I'm guessing that is because it is hibernating again. All Tor bridges are useful, but they are most useful when they are actually online. I would recommend shopping around for a different VPS provider that offers unmetered bandwidth meaning that they do not charge you extra if you go over a certain bandwidth threshold. I've been running a Tor bridge for over 4 years now. My bridge usually has between 400 and 600 users at any given time of day and is online 24/7 on an unmetered bandwidth network. There was a time when my bridge was getting over 2000 simultaneous users. Check out my bridge: https://metrics.torproject.org/rs.html#details/4A0B065DB3CF807C6910DFEF6D9CCCB95C59C585 I highly recommend using my VPS provider which is GCore and is located in Luxembourg. They offer unmetered 200 Mbps VPS servers. However, in my experience, the usable bandwidth is about 100 Mbps. https://hosting.gcore.com/billmgr?startform=v2.vds.order.pricelist However, you can get a VPS server with them in locations all over the world. Use the drop down lists at the top of that page to choose a VPS in a different location. I live in the US. I have to pay them in Euros which works for me. They accept bank cards and PayPal and other forms of payment methods. And if you look at the prices for VPS servers, they are very inexpensive starting at 3 Euros a month for unmetered bandwidth! Of course, you don't have to get a VPS with my provider if you don't want to, but try to get a VPS where you don't have to hibernate your server. A lot of VPS server providers are totally ripping people off with extra bandwidth charges! I wish you luck! Landon On Wed, May 15, 2024 at 12:43 AM Keifer Bly wrote: > Hi, > > So for my bridge at > > > https://metrics.torproject.org/rs.html#details/4D6E3CA2110FC36D3106C86940A1D4C8C91923AB > > Is set to hibernate once it reaches a certain traffic level (this is to > prevent massive charges to my VPS). Now that is in hibernation, when will > it start again, and how would this effect how it's distributed? Are bridges > that are hibernating removed from relay search? Mew to hibernation, thanks. > > May 14 18:49:39.000 [notice] Configured to measure statistics. Look for > the *-stats files that will first be written to the data directory in 24 > hours from now. > May 14 18:49:39.000 [warn] You are running Tor as root. You don't need to, > and you probably shouldn't. > May 14 18:49:39.000 [notice] Bootstrapped 0% (starting): Starting > May 14 18:49:47.000 [notice] Starting with guard context "default" > May 14 18:49:47.000 [notice] Registered server transport 'obfs4' at > '[::]:8081' > May 14 18:49:48.000 [notice] Bandwidth soft limit reached; commencing > hibernation. No new connections will be accepted > May 14 18:49:48.000 [notice] Going dormant. Blowing away remaining > connections. > May 14 18:49:48.000 [notice] Delaying directory fetches: We are > hibernating or shutting down. > --Keifer > ___ > tor-relays mailing list > tor-relays@lists.torproject.org > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays > ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Request for Tor to support armhf architecture
On Mon, Aug 19, 2024 at 3:46 AM Alex wrote: > If you have an RPi with 8GB of RAM you have either a RPi4 or RPi5. They > both have aarch64/arm64-capable processors, and many Linux distros with > support for this arch have aarch64 packages of the Tor daemon you can > use + deb.torproject.org has aarch64 builds for bookworm. > > I suggest installing a aarch64 OS, Raspberry Pi OS has aarch64 images > for example. > This is the output of "uname -a" Linux pi 6.6.31+rpt-rpi-2712 #1 SMP PREEMPT Debian 1:6.6.31-1+rpt1 (2024-05-29) aarch64 GNU/Linux I was using aarch64 when I tried to install Tor from deb.torproject.org. I was able to install Tor from the debian archives instead. However, as I have found out over the years that I have been running a Tor server, Debian does not always have the latest version of Tor. Sometimes Debian is so out of date that Tor suggests that people don't use my Tor server. (For my production Tor server, I am running a VPS with Debian and Tor packages from deb.torproject.org) My APT config: deb [signed-by=/usr/share/keyrings/tor-archive-keyring.gpg] https://deb.torproject.org/torproject.org bookworm main deb-src [signed-by=/usr/share/keyrings/tor-archive-keyring.gpg] https://deb.torproject.org/torproject.org bookworm main I could install Tor from source, but keeping it up to date is not easy. Plus, I don't really know how to keep it up to date like that. I am running a Raspberry Pi 5 8 GB RAM model. https://www.raspberrypi.com/products/raspberry-pi-5/ I highly recommend that everyone get one because it is inexpensive, is a badass little computer and is a fun toy!! Plus the Pi 5 has a PCIe header where you can attach an NVMe drive. I bought this case designed for a NVMe M.2 drive: https://thepihut.com/products/argon-neo-5-m-2-nvme-case-for-raspberry-pi-5 ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
