(FWD) Tor partially blocked in China; change your relay's IP address?


From: Roger Dingledine <arma@xxxxxxx>
To: tor-relays@xxxxxxxxxxxxxx
Subject: Tor partially blocked in China; change your relay's IP address?
Delivery-Date: Wed, 30 Sep 2009 04:23:28 -0400

Hi folks,

China blocked about 80% of the public Tor relays last week:

They're really focused on circumvention tools this week in preparation
for their upcoming Oct 1:

Many bridges are still working fine, though they did block quite a few
of them too. Eventually it would be good to shift your Tor relay onto
an IP address that isn't blocked.

There are two ways that they're doing blocking. One is to filter your
whole IP address: no packets get in or out. You can check if this has
happened to you by trying to reach baidu.com from your IP address. The
other blocking approach is to send TCP reset packets when connections
are attempted to your IP:port. That's harder to check. I did a scan last
week from inside China, and I've put the result for your IP address up
at http://freehaven.net:8081/2009-09-24/<IP>
e.g. http://freehaven.net:8081/2009-09-24/

Note that the above URL includes answers about both known-blocked relays
and also known-blocked bridges.

It's possible that they'll remove the blocking all by themselves in a
few days, once Oct 1 passes. It's also possible they'll do another round
of blocking real soon now. Hard to say.

So if it's hard for you to get a new IP address, I recommend waiting
until at least next week. But if you have plenty to spare (or you're
on a cable/DSL system that will give you a new IP address if you just
poweroff your cable modem for a while), then now would be a fine time
to switch to a new one.

Remember that if you're on a multi-homed computer and moving to a
non-default IP, you will want to set both Address and OutboundBindAddress
in your torrc.


