Appreciate the details!
Some questions to better understand:
1) Why did you limit relay bandwidth? How did you calculate the values to use
for the limits?
"BandwidthRate 75 MBits
BandwidthBurst 100 MBits"
2) CPU - how did you decide to only use 4 out of 6 cores?
Why use 4 cores to 1 tor relay instead of 4 cores to 4 relays?
"NumCPUs 4"
"Xeon E5-2620"
3) Max Memory - why did you set this parameter and how did you decide the value?
I see older tickets / threads on this, ~6 years, but unsure what the latest is,
i.e.
https://archive.torproject.org/websites/lists.torproject.org/pipermail/tor-relays/2018-January/014014.html
"MaxMemInQueues 1024MB"
4) CPU Utilization - only seeing "~30%" was the result of the bandwidth
restriction or memory restriction or 4 core restriction? Holding all else
constant in your setup, do you know what would increase the CPU utilization the
most: removing bandwidth restriction, memory restriction, or something else?
5) Sandbox 1 - does setting this value impact the performance, i.e. mitigation
overheads, of the Tor relay?
Sent with [Proton Mail](https://proton.me/mail/home) secure email.
On Saturday, February 8th, 2025 at 4:33 AM, George Hartley
<[email protected]> wrote:
> Sorry, I have to correct myself, as I spread some misinformation in my
> previous email.
>
> The hard limit of 2 relays per IPv4 was bumped up to 8.
>
> There were also several typos, as I was at work when writing that e-mail,
> i.e. under time pressure.
>
> I hope I could help you anyway.
>
> Best Regards,
> -GH
> On Friday, February 7th, 2025 at 12:22 PM, George Hartley via tor-relays
> <[email protected]> wrote:
>
>> Hi there "usetor",
>>
>> I am going to answer a few of your questions:
>>
>> 1. "If a full IPv4 /24 Class C was available to host Tor relays, what are
>> some optimal ways to allocate bandwidth, CPU cores and RAM to maximize
>> utilization of the IPv4 /24 for Tor?"
>>
>> With 2 IPv4 addreses per relay as a hard limit, the biggest bottleneck you
>> will encounter is that most of Tor's code-base is singe-threaded, except for
>> maybe onionskin decryption and compression of files.
>>
>> I used to host a Tor exit node on a single IPv4 address, which was running
>> inside an encrypted ArchLinux VM through QEMU/KVM on our colocated dedicated
>> server.
>>
>> Here is the config I used for libvirtd: https://pastebin.com/cxSicEnN
>>
>> I had the relay bandwidth limit using the following config:
>>
>>> BandwidthRate 75 MBits
>>> BandwidthBurst 100 MBits
>>
>> After starting up the relay for the first second, and waiting 2 weeks for
>> the relay to get some traffic, it was using up 75-90 MBit/s constantly, or
>> around 30TB per month.
>>
>> To get the maximum out of my machine, I used the following config options:
>>
>>> NumCPUs 4
>>> HardwareAccel 1
>>
>> The second option made use of my CPU's AES instruction, which should be
>> available in all Intel and AMD server CPU's made since the year 2011.
>>
>> Even when doing 100MBit/s, the use of hardware accelerated AES only made the
>> Tor process use ~30%, on an Intel Xeon E5-2620 running at only 2 GHz..
>> without the bandwidth restrictions, I imagine it could have done 350MBit/s
>> easily.
>>
>> 2) If a full 10 Gbps connection was available for Tor relays, how many CPU
>> cores, RAM and IPv4 addresses would be required to saturate the 10 Gbps
>> connection?"
>>
>> Another user already calculated how much it would take to saturate 2GBit/s,
>> so you can take it from there.
>>
>> However I disagree with the memory limit of 512MB, is okay in my opinion but
>> not less.. you can achieve that by using the following config option:
>>
>>> MaxMemInQueues 1024MB
>>
>> 3) Same for a 20 Gbps connection, how many CPU cores, RAM and IPv4 addresses
>> are required to saturate?
>>
>> Look at my answer for question 2.
>>
>> I also suggest you to use the seccomp syscall sandboxing options built into
>> Tor:
>>
>>> Sandbox 1
>>
>> Also, remember one very important thing: Make sure that your relays are
>> located in a host, datacenter and country that is not already saturated with
>> Tor nodes.
>>
>> At last, thank you for running Tor nodes!
>>
>> All the best,
>> -GH
>> On Monday, February 3rd, 2025 at 5:00 PM, usetor.wtf via tor-relays
>> [email protected] wrote:
>>
>>> Hi All,
>>>
>>> Looking for guidance around running high performance Tor relays on Ubuntu.
>>>
>>> Few questions:
>>> 1) If a full IPv4 /24 Class C was available to host Tor relays, what are
>>> some optimal ways to allocate bandwidth, CPU cores and RAM to maximize
>>> utilization of the IPv4 /24 for Tor?
>>>
>>> 2) If a full 10 Gbps connection was available for Tor relays, how many CPU
>>> cores, RAM and IPv4 addresses would be required to saturate the 10 Gbps
>>> connection?
>>>
>>> 3) Same for a 20 Gbps connection, how many CPU cores, RAM and IPv4
>>> addresses are required to saturate?
>>>
>>> Thanks!
>>>
>>> Sent with [Proton Mail](https://proton.me/mail/home) secure email.
_______________________________________________
tor-relays mailing list -- [email protected]
To unsubscribe send an email to [email protected]
