[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-relays] 300mbps FreeBSD Tor relay on HPE MicroServer Gen10 (AMD X3421)

To: tor-relays@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-relays] 300mbps FreeBSD Tor relay on HPE MicroServer Gen10 (AMD X3421)
From: Felix <zwiebel@xxxxxxxxxxxxxxxx>
Date: Sat, 29 Dec 2018 16:29:16 +0100
Delivered-to: archiver@xxxxxxxx
Delivery-date: Sat, 29 Dec 2018 10:29:37 -0500
In-reply-to: <fe12d7298f7283b5f63919c7742959cf@neelc.org>
List-archive: <http://lists.torproject.org/pipermail/tor-relays/>
List-help: <mailto:tor-relays-request@lists.torproject.org?subject=help>
List-id: "support and questions about running Tor relays \(exit, non-exit, bridge\)" <tor-relays.lists.torproject.org>
List-post: <mailto:tor-relays@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=unsubscribe>
References: <fe12d7298f7283b5f63919c7742959cf@neelc.org>
Reply-to: tor-relays@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-relays" <tor-relays-bounces@xxxxxxxxxxxxxxxxxxxx>
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Thunderbird/45.3.0

Hi Neel

My relay runs FreeBSD 11.2 and Tor runs in a "jail".

Jails are perfect for that! I observed the host Freebsd tcp stack isstrong enough for more than 500Mbit/s in AND out.



> I am using AESNI and Tor is configured to use OpenSSL cryptodev.

Does crypto run? On log info you should find the following entry duringstart:

[info] crypto_openssl_init_engines: Initializing dynamic OpenSSL engine"dynamic" acceleration support.

[info] crypto_openssl_init_engines: Loaded dynamic OpenSSL engine "dynamic".

After finding this message you can switch to notice and restart.

  * I want to keep using FreeBSD on my server and do not want to run Linux

+1

  * I would prefer to have a single instance, but can use multiple if I have to

It's BSD, so may-be consider to go for libressl from ports (which doesnot support the crypto engine). And then use 2 instances per ip. Betterfor diversity ;)

  * My server supports hardware accelerated AES and SHA. I am using this on FreeBSD with the aesni kernel module and Tor with "HardwareAccel 1" and "AccelName cryptodev"


A toorc can look like:
  RelayBandwidthRate  0
  RelayBandwidthBurst 0
  HardwareAccel 1
  AccelName dynamic
  Log info file /var/log/tor/info


--
Cheers from 35c3 , Felix
_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Follow-Ups:
- Re: [tor-relays] 300mbps FreeBSD Tor relay on HPE MicroServer Gen10 (AMD X3421)
  - From: George

Prev by Author: Re: [tor-relays] consensus-health.html and fallback dirs
Next by Author: [tor-relays] consensus-health.html and fallback dirs
Previous by thread: [tor-relays] 300mbps FreeBSD Tor relay on HPE MicroServer Gen10 (AMD X3421)
Next by thread: Re: [tor-relays] 300mbps FreeBSD Tor relay on HPE MicroServer Gen10 (AMD X3421)
Index(es):
- Author
- Thread