[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-relays] bride&relay one host



On Fri, Mar 22, 2019 at 02:43:13AM +0100, lists@xxxxxxxxxxxxxxx wrote:
> Can you run a bride and a middle-relay together on a host?
> I mean for the safety of users. IPv6 is usually a /64 network and the
> various IPv4 are usually also from a subnet.

Answer #1: if they're using different IP addresses, sure, go for it.

Answer #2: if they're using the same IP address, you can do it
technically, but it's probably not a good move.

Some years ago, it used to be that China blocked Tor relays and bridges
by blocking the particular IP:port they listened on.

But in the past year or two, they switched to just blackholing the IP
address if there's a Tor thing on it.

So, that means when they learn the relay IP address and blackhole it,
if your bridge is on that same IP address, the bridge becomes unreachable
too. Not the best outcome.

And, while you're thinking about bridge blocking, here are many other
angles to learn about:
https://blog.torproject.org/research-problems-ten-ways-discover-tor-bridges

Hope that helps,
--Roger

_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays