[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-relays] DynDNS and TOR bridge




I get the whole system and certainly for a middle or exit relay the ip address is the one to work with.
For a birdge however I thought differently, because I thought that if someone gets my bridge adress then he will put it into his config file. Now if my ip adress changes, again that entry in the config file is invalid, even though my bridge is running. Or simple, since bridges are not dynamically updated I thought using DynDNS would make sense.

------- Original message -------
From: Matt Joyce <toradmin@xxxxxxxxxxxxx>
To: tor-relays@xxxxxxxxxxxxxxxxxxxx
Sent: 6.3.'13,  1:15

Unfortunately the directories do use IP addresses not hostnames, this
does mean there is a small time lag between a change and the new IP
becoming available to clients but that would not in fact be eliminated
by DynDNS either, it's quite easy to see why when you think of the
process that has to happen for a DynDNS update to reach an end user:

 1. Your local update software has to notice that your IP has changed,
    generally a check happens ever few minutes (Around 5 mins mostly).
 2. Update client pushes update to DynDNS servers over HTTP.
 3. Scripting on the DynDNS server runs an update on the authoritative
    DNS server which then updates the Master zonefile.
 4. Secondary authoritative DNS servers run their regular update job to
    pull changes from the master.
 5. DNS caches around the world need to have their TTL timer run to 0,
    until this happens they continue to serve the old data from the caches.

Only after 5 happens do the caching servers finally stop using the old
information and request the data from the Master and Slave DNS servers,
someone here can perhaps explain the process of a similar update with
the bridge directory but I suspect the timeframe for it to happen could
potentially be similar the main relay directory is almost certainly
slower because the consensus is only built once per hour but bridges are
listed separately.

The unfortunate fact is a change of IP address is disruptive to clients
there is no obvious means to eliminate the problem either, this is why
dynamic IP addresses are not ideal for any kind of server.  Any system
attempting to maintain connectivity for a dynamic server always has to
make tradeoffs the main one between bandwidth/CPU and downtime for each
change event because the faster clients poll for updated information the
harder the hit on the central server.  If you really want to avoid this
one option is to minimize the frequency of the change by keeping your
internet connected your IP will only change if you disconnect from the
internet and stop sending DHCP renews to your ISP server, depending how
sticky your address is it can be possible to keep an IP for a long time,
my dynamic IP was assigned after the last time I had an internet outage
back in October last year for example and has been renewed every hour since.

As for a complete solution the only option is to get a static IP address
for that you need to contact your service provider most can provide the
service on request typically for a nominal charge (Â1-2 per month per
address or similar).  Almost certainly the provider will be able to do
it if they also provide business services sometimes pure residential
providers can't or more accurately refuse to do so (Any DHCP server
capable of managing effectively the pool of a normal ISP can have
reserved addresses configured if the provider wished to provide the
service) mine is unfortunately in this camp which is why I get left with
the keep it as long as possible option.  I can't help to wonder as to
their logic half the time it hardly conserves addresses when it changes
at most once or twice a year anyway, or they could choose to get paid
every month for the one off act of having some trainee tech write a line
of text in a config file once.

On 06/03/13 05:09, Sina Eetezadi wrote:
So I did that. To my surprise Vidalia shows still my IP adress, as the
URL to be shared. Does that mean also the other distribution mechanisms
use my ip?
Since it is constantly changing that would kinda contradict the use of
DynDNS. My idea was precisely to use DynDNS so that users who have my
bridge in their config can use it for a long time.

Thank you for clarification.


Simply download DynDNS or No-IP, make sure it works, and set your
subdomain/domain-name in the torrc file.


On Tue, Mar 5, 2013 at 12:31 PM, Sina Eetezadi <sina.eetezadi@xxxxxxxxx
<mailto:sina.eetezadi@xxxxxxxxx>> wrote:


    Hi,

    I have a bridge running and since my ISP is changing my IP at least
    daily, I thought it might be a good idea to set my DynDNS in the
    torrc file.
    Is it a good idea? How do I set that?

    Thank you.

    Sina
    _______________________________________________
    tor-relays mailing list
    tor-relays@xxxxxxxxxxxxxxxxxxxx <mailto:tor-relays@xxxxxxxxxxxxxxxxxxxx>
    https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays




_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays




_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays