Hi Nusenu Am Samstag, den 24.03.2018, 13:51 +0000 schrieb nusenu: > Hi Tim, > > > > I saw you recently added 8 new > > > tor exit instances and wanted to thank you for > > > contributing exit bandwidth to the tor network! > > > > At the moment this is a (small) Host with 10 GBE and multiple > > addresses. I hope the computing power is enough to handle a bunch > > of > > Tor traffic. We need to get a bit more experience with that. > > May I ask what CPU you use and how much memory the system has? At time of writing, the VM has 4 cores of Xeon E3-1230 V2 @ 3.30GHz with 8 GB of main memory. The VM has 4 IPv4 addresses and a complete /48 IPv6 prefix. The system is not operated in a data center and the physical space is limited so it's not as powerful as we would like to. My plan is to observe the system a bit over the next weeks. If it's clear to low computing power, I would love to make a 'Plan B'. > > > I saw your have IPv6 addresses [2]. If your connectivity/routing > > > allows also > > > for IPv6 exiting and ORPorts, enabling IPv6 on your exits would > > > be > > > great and appreciated. > > > > Currently we still building up the network. So, yes, it's planned > > and > > in the last hour we configured the addresses. But it will take some > > time until the prefix is announced completely. > > Note that if you enable IPv6 without having proper IPv6 connectivity > your > relays will drop out of consensus, so it is best to ensure proper > IPv6 connectivity before enabling IPv6 on your relays. Yes, thanks for the advice. I will wait until the reachability is good. > > Yes, it's the ansible-relayor. Great work, and btw: Thank you! > > > > But unfortunately, atlas recognized only the two instances on the > > main > > IP. > > You can _not_ have more than two tor instances per public IPv4 > address. The system has 4 public IPv4 addresses. > This is to avoid that someone adds many instances on a single IP > (Sybil attack). > Unless you modify it, ansible-relayor makes sure you do not configure > more than 2 instances per IPv4. We have 8 instances for 4 public IP's. So 2 instances per IP. > > So I manipulated the template a bit, so that the 'Address'-config > > is added to the torrc. I'm currently unsure if it's a bug or if > > I've a > > misunderstanding. Still learning.. ;) > > Unless you have some unusual NAT you should never need to add the > "Address" > config (ansible-relayor supports it after someone with a rather > unusual > network setup requested it). There is no NAT. I don't know, but it seemed to me, that Tor wasn't able to use the correct IPs: --- %< --- Mär 22 02:19:47 tor Tor-185.220.100.253_9000[586]: Your server (185.220.100.252:9000) has not managed to conf irm that its ORPort is reachable. Relays do not publish descriptors until their ORPort and DirPort are reachable. Ple ase check your firewalls, ports, address, /etc/hosts file, etc. --- >% --- This looked to me that the instance on 185.220.100.253:9000 "thought" it has the 185.220.100.252:9000. That's the reason for my idea to add the 'Address'-setting. > If I'm misunderstanding you, or if there is a bug in ansible-relayor > please let me know. Don't know. Currently I'm not able to decide. ;) Tim > > > > thanks for joining the network and happy packet forwarding! > > > > Please don't hesitate to contact me if there is any problem with > > our > > Tor relay. > > It is always good to be able to reach relay operators, thanks. > nusenu >
Attachment:
signature.asc
Description: This is a digitally signed message part
_______________________________________________ tor-relays mailing list tor-relays@xxxxxxxxxxxxxxxxxxxx https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays