[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Issue creating a private tor network



     On Sun, 2 Aug 2009 19:12:11 +0200 Cedric Foll <cedric.foll@xxxxxxxxx>
wrote:
>I'm trying to create a private tor network using netkit [www.netkit.org].
>
>I have the following lab:
>auth1 & auth2 are directory authorities, or1, or2 and or3 are relay.
>I'm using  Tor v0.2.1.19 (but get same issues with 0.2.1.17-rc).
>This is my conf for auth1:
>----------
>SocksPort 9050 # what port to open for local application connections
>SocksListenAddress 127.0.0.1 # accept connections only from localhost
>ORPort 9001
>Nickname auth1
>ContactInfo titi@xxxxxxxx
>DirPort 9030 # what port to advertise for directory connections
>TestingTorNetwork 1
>ServerDNSDetectHijacking 0
>DirServer auth1 v3ident=805CC92863F31F9CFA9DFBBD3E3B23153527C392
>193.168.2.1:9030 276B CDBD 3742 7196 156D CC5E 83A9 8DAC 0743 BE42
>DirServer auth2 v3ident=76F90B3FCCD52335A39B4A84CDD8B0945198FAA2
>193.168.2.2:9030 3849 E849 5E12 A852 E658 63B7 0290 0F50 48A1 C8D3
>AuthoritativeDirectory 1
>V3AuthoritativeDirectory 1
>V2AuthoritativeDirectory 1
>Log info file /var/log/tor/tor.log
>DataDirectory /tmp/tor
>----------
>
>This is my conf for or1, or2, or3:
>----------
>SocksPort 9050 # what port to open for local application connections
>SocksListenAddress 127.0.0.1 # accept connections only from localhost
>ORPort 9001
>ExitPolicy accept *:*
>TestingTorNetwork 1
>ServerDNSDetectHijacking 0
>DirServer auth1 v3ident=805CC92863F31F9CFA9DFBBD3E3B23153527C392
>193.168.2.1:9030 276B CDBD 3742 7196 156D CC5E 83A9 8DAC 0743 BE42
>DirServer auth2 v3ident=76F90B3FCCD52335A39B4A84CDD8B0945198FAA2
>193.168.2.2:9030 3849 E849 5E12 A852 E658 63B7 0290 0F50 48A1 C8D3
>Log info file /var/log/tor/tor.log
>DataDirectory /tmp/tor
>-----------
>
>When i run the lab I have this on auth1 and auth2:
>(...)
>auth1   Aug 02 16:15:02.159 [notice] Bootstrapped 90%: Establishing a
>Tor circuit.
>(....)
>And then it loop here:
>--------
>auth1   Aug 02 16:19:21.689 [notice] Time to vote.
>auth1   Aug 02 16:19:21.697 [notice] Choosing valid-after time in vote
>as 2009-08-02 16:20:00: consensus_set=1, last_interval=300
>auth1   Aug 02 16:19:21.711 [notice] Vote posted.
>auth1   Aug 02 16:19:21.719 [notice] Uploaded a vote to dirserver
>193.168.2.2:9030
>auth1   Aug 02 16:19:21.722 [notice] Uploaded a vote to dirserver
>193.168.2.1:9030
>auth1   Aug 02 16:19:31.759 [notice] Time to fetch any votes that we're missing.
>auth1   Aug 02 16:19:41.777 [notice] Got a signature from 193.168.2.2.
>Queuing it for the next consensus.
>auth1   Aug 02 16:19:41.859 [notice] Time to compute a consensus.
>auth1   Aug 02 16:19:41.865 [notice] Added 1 pending signatures while
>building consensus.
>auth1   Aug 02 16:19:41.865 [notice] Consensus computed; uploading signature(s)
>auth1   Aug 02 16:19:41.866 [notice] Signature(s) posted.
>auth1   Aug 02 16:19:41.867 [notice] Got a signature from 193.168.2.1.
>Adding it to the pending consensus.
>auth1   Aug 02 16:19:41.868 [notice] Uploaded signature(s) to
>dirserver 193.168.2.1:9030
>auth1   Aug 02 16:19:41.872 [notice] Uploaded signature(s) to
>dirserver 193.168.2.2:9030
>auth1   Aug 02 16:19:51.929 [notice] Time to fetch any signatures that
>we're missing.
>auth1   Aug 02 16:20:01.999 [notice] Time to publish the consensus and
>discard old votes
>auth1   Aug 02 16:20:02.001 [notice] Choosing expected valid-after
>time as 2009-08-02 16:25:00: consensus_set=1, interval=300
>auth1   Aug 02 16:20:02.002 [notice] Consensus published.
>auth1   Aug 02 16:20:02.003 [notice] Choosing expected valid-after
>time as 2009-08-02 16:25:00: consensus_set=1, interval=300
>--------
>And on or1 (same on or2 and or3): i've got this:
>--------
>or1     Aug 02 16:10:40.027 [notice] Tor 0.2.1.19 opening log file.
>or1     Aug 02 16:10:40.046 [notice] Parsing GEOIP file.
>or1     Aug 02 16:10:45.939 [notice] Your Tor server's identity key
>fingerprint is 'or1 A85017DFBD191F460AB3E13F8E48A5B6EB3A61CE'
>or1     Aug 02 16:10:45.944 [notice] No current certificate known for
>authority auth1; launching request.
>or1     Aug 02 16:10:45.945 [notice] No current certificate known for
>authority auth2; launching request.
>or1     Aug 02 16:10:45.951 [notice] Couldn't read
>/tmp/tor/cached-descriptors; trying to load routers from old location
>/tmp/tor/cached-routers.
>or1     Aug 02 16:10:45.954 [notice] I learned some more directory
>information, but not enough to build a circuit: We have no
>network-status consensus.
>or1     Aug 02 16:10:46.030 [notice] I learned some more directory
>information, but not enough to build a circuit: We have no
>network-status consensus.
>or1     Aug 02 16:10:46.043 [notice] I learned some more directory
>information, but not enough to build a circuit: Only 0 descriptors
>here and believed reachable!
>or1     Aug 02 16:21:04.676 [notice] Self-testing indicates your ORPort is
>reachable from the outside. Excellent. Publishing server descriptor.
>or1     Aug 02 16:22:57.945 [notice] Bootstrapped 45%: Asking for
>relay descriptors.
>or1     Aug 02 16:22:57.945 [notice] I learned some more directory
>information, but not enough to build a circuit: We have only 0/5
>usable descriptors.
>or1     Aug 02 16:22:57.958 [notice] Bootstrapped 50%: Loading relay
>descriptors.
>or1     Aug 02 16:22:57.958 [notice] We now have enough directory
>information to build circuits.
>or1     Aug 02 16:22:57.958 [notice] Bootstrapped 80%: Connecting to the
>Tor network.
>or1     Aug 02 16:22:58.947 [notice] Bootstrapped 90%: Establishing a
>Tor circuit.
>or1     Aug 02 16:23:59.295 [warn] No available nodes when trying to
>choose node. Failing.
>or1     Aug 02 16:23:59.295 [warn] No available nodes when trying to
>choose node. Failing.
>or1     Aug 02 16:23:59.295 [warn] No available nodes when trying to
>choose node. Failing.
>or1     Aug 02 16:23:59.295 [warn] Failed to find node for hop 1 of our
>path. Discarding this circuit.
>------
>
>What may be wrong?
>
     Have you looked in the cached-consensus file on or1 to see whether
it shows at least three nodes that can be used to construct a circuit?
Make sure that what you think is your current tor network configuration
is matches that the client on or1 thinks it is.


                                  Scott Bennett, Comm. ASMELG, CFIAG
**********************************************************************
* Internet:       bennett at cs.niu.edu                              *
*--------------------------------------------------------------------*
* "A well regulated and disciplined militia, is at all times a good  *
* objection to the introduction of that bane of all free governments *
* -- a standing army."                                               *
*    -- Gov. John Hancock, New York Journal, 28 January 1790         *
**********************************************************************