On Dec 5, 2007 12:58 PM, Roger Dingledine <
arma@xxxxxxx> wrote:
[snip]
> Then I have 3 of my own computers that I set up as Tor Onion Routers
> (servers). Let's call them Tor1, Tor2, and Tor3. Each of them have the
> correct DirServer lines pointing to DirectoryMirrorX.
I think you might misunderstand what DirServer is for. That config line
changes the directory authorities that Tor believes in. So if you put
DirServer lines pointing to DirectoryMirror{1,2,3}, then Tor will demand
networkstatus documents (or in 0.2.0, a consensus document) signed by
a majority of the DirServers.
Since you didn't talk above about setting AuthoritativeDirectory, which
you would do if you were actually trying to create your own separate Tor
network, I have to assume that the mirrors aren't making any networkstatus
documents, which means anybody who sets DirServer lines pointing to them
are going to have real problems finding enough dir info to make circuits.
DirectoryMirror{1,2,3} have AuthoritativeDirectory = 1. So the Tor OR will use those 3 DirectoryMirror{1, 2,3} as authoritative directory servers.
> Now, I have a client with the DirServer lines pointing to
> DirectoryMirrorX and which tries to setup a circuit with TorX as a
> node in the circuit. This fails. Note that DirectoryMirrorX does have
> TorX in its cached-status.
It probably has TorX in its cached-status from back before you changed
the DirServer lines on TorX?
I made sure to rm -Rf ~/.tor/cached-*
> However, if I have the client with the same DirServer lines try to
> setup a circuit with the other Tor nodes (the "real" ones on the
> network), this works.
Something is deeply wrong with your assumptions here. You might try
reading the man page entries again.
> Any help will be greatly appreciated.
Hope that helps,
Thanks for the reply.
What I am trying to do is be able to set up circuits with both the "real" Tor nodes and my own Tor nodes being part of the circuit. However, I would like to keep my Tor ORs private so that they don't appear in the directory servers for anybody else to use, because they are just being used as part of a test.
Setting up a Tor OR to connect to the default authoritative directory servers but with PublishServerDescriptor=0 and then in the Tor client EntryNodes=Tor1 and StrictEntryNodes=1 does not seem to help either... unless I am doing something wrong.
Thanks,
Eric
--Roger