Changes between Version 153 and Version 154 of TorRelayGuide


Ignore:
Timestamp:
Jan 11, 2018, 7:18:29 PM (6 months ago)
Author:
cypherpunks
Comment:

add info about IP does not need to be static; underline the importance of updates; minor formatting; make clear that configuration line order does not matter; reordering within dns for exit section; address tom's comment; cleanup todo list

Legend:

Unmodified
Added
Removed
Modified
  • TorRelayGuide

    v153 v154  
    7171==== Public IPv4 Address
    7272Every relay needs a public IPv4 address - either directly on the host (preferred) or via NAT and port forwarding.
     73
     74The IPv4 address is not required to be static but static IP addresses are preferred. Your IPv4 address should remain unchanged for at least 3 hours (if it regularly changes more often than that, it does not make much sense to run a relay or bridge there since it takes time to distribute the new list of relay IPs to clients - which happens only once every hour).
     75
    7376Additional IPv6 connectivity is great and recommended/encouraged but not a requirement.
    7477There should be no problem at all with this requirement (all commercially available servers come with at least one IPv4 address).
     78
    7579Note: You can only run two Tor relays per public IPv4 address. If you want to run more than two relays you will need more IPv4 addresses.
     80
    7681
    7782==== Memory Requirements
     
    9095* It is recommended to use CPUs with AESNI support (that will improve performance). If the file `/proc/cpuinfo` contains the word `aes` your CPU has support for AES-NI.
    9196
    92 Hardware support first started about 2008.
    93 
    9497==== Uptime
    9598
    96 * Tor has no hard uptime requirement but if your relay is not running for more than 2 hours a day its usefulness is limited. Ideally the relay runs on a server which runs 24/7. Reboots and Tor daemon restarts are fine.
     99* Tor has no hard uptime requirement but if your relay is not running for more than 2 hours a day its usefulness is limited. Ideally the relay runs on a server which runs 24/7. Reboots and tor daemon restarts are fine.
    97100
    98101== Part two: technical setup
     
    122125When selecting your hosting provider, consider network diversity on an autonomous system (AS) and country level. A more diverse network is more resilient to attacks and outages. Sometimes it is not clear which AS you are buying from in case of resellers. To be sure it is best to ask the hoster about the AS number before ordering a server.
    123126
    124 It is best to avoid hosters where many Tor relays are already hosted, but it is still better to add one there than to run no relay at all, eg:
     127It is best to avoid hosters where many Tor relays are already hosted, but it is still better to add one there than to run no relay at all. Try to avoid the following hoster:
    125128
    126129* OVH SAS (AS16276)
     
    138141==== Choosing an Operating System
    139142
    140 We recommend you use the operating system you are most familiar with. Please keep in mind that since most relays run on Debian and we want to avoid a monoculture, *BSD based relays are greatly needed. The drawback with *BSD based relays is that they do not support automatic updates for installed packages.
    141 
    142 The following table shows the current OS distribution on the Tor network:
     143**We recommend you use the operating system you are most familiar with.** Please keep in mind that since most relays run on Debian and we want to avoid a monoculture, *BSD based relays are greatly needed. The drawback with *BSD based relays is that they do not support automatic updates for installed packages.
     144
     145The following table shows the current OS distribution on the Tor network to give you an idea of how much more non-Linux relays we should have:
    143146* https://nusenu.github.io/OrNetStats/#os-distribution-relays
    144147
     148The following table should give you an overview of how well suited a given operating system might be to run a Tor relay (more green is better):
     149
    145150[[Image(OS-comp-table.png)]]
    146151
    147 More green cells is better. There is no single OS that has no red cell. The following OSes have a good amount of green cells:
     152There is no single OS that has no red cell. The following OSes have a good amount of green cells:
    148153* HardenedBSD
    149154* FreeBSD
     
    161166==== Automatic Software Updates
    162167
     168One of the most imported things to keeps your relay secure is to install security updates timely and ideally automatically so you can not forget about it.
     169We collected the steps to enable automatic package updates for various Linux distributions (BSDs do not offer a way to automatically install package updates).
     170
    163171* [[TorRelayGuide/RPMUpdates]] - Keeping your relay software up to date with RPM-based distributions (RedHat, Fedora, CentOS, etc.)
    164172* [[TorRelayGuide/DebianUbuntuUpdates]] - Keeping your relay software up to date with Debian/Ubuntu (this is the Debian guide, which is rather complex: https://wiki.debian.org/UnattendedUpgrades)
    165 * FreeBSD and HardenedBSD do not offer a way to automatically install package updates.
    166173
    167174
     
    183190* Does the server have an IPv6 address?
    184191
    185 The installation commands are shown in code blocks and must be executed with root privileges.
     192The installation commands are shown in code blocks and must be executed with **root** privileges.
    186193
    187194
    188195==== Configuration Management
    189196
    190 Tor does not scale well on multi-core machines. If you run a Tor relay on a server with a fast Internet uplink (>200 MBit/s) you might want to consider running multiple Tor instances on a single server. Note: You can only run two Tor instances per public IPv4 address.
     197Tor does not scale well on multi-core machines. If you run a Tor relay on a server with a fast Internet uplink (>200 MBit/s) you might want to consider running multiple Tor instances on a single server. Note: You can only run two tor instances per public IPv4 address.
    191198
    192199If you plan to run more than a single relay, or you want to run a high capacity relay (multiple Tor instances per server) or want to use advanced security features like [https://trac.torproject.org/projects/tor/wiki/doc/TorRelaySecurity/OfflineKeys Offline Master Keys], you may want to use a configuration management for better maintainability.
     
    2042111. Enable the EPEL repository
    205212
    206  To install the "tor" package on CentOS/RHEL, you need to install the [https://fedoraproject.org/wiki/EPEL EPEL] repository first:
     213 To install the `tor` package on CentOS/RHEL, you need to install the [https://fedoraproject.org/wiki/EPEL EPEL] repository first:
    207214{{{
    208215yum install epel-release
    209216}}}
    210217
    211 2. Install the "tor" package and verify EPEL signing key
     2182. Install the `tor` package and verify the EPEL signing key
    212219{{{
    213220yum install tor
     
    215222 When you install the first package from the EPEL repository you will be asked about verifying the EPEL GPG signing key. Please ensure the key matches with the one available on the Fedora Project website: https://getfedora.org/keys/
    216223
    217 3. Put the tor configuration in place (/etc/tor/torrc):
     2243. Put the tor configuration file `/etc/tor/torrc` in place:
    218225{{{
    219226#change the nickname "myNiceRelay" to a name that you like
     
    239246 (This can be considered optional on Debian but is not optional on Ubuntu.) Get the repository sources to add to your /etc/apt/sources.list by running the configurator [https://www.torproject.org/docs/debian.html.en#ubuntu here]. Also ensure you import the GPG keys. This will make sure that you're running the latest stable version of tor.
    240247
    241 2. Install the "tor" package
     2482. Install the `tor` package
    242249{{{
    243250apt update && apt install tor
     
    263270==== Fedora
    264271
    265 1. Install the "tor" package:
     2721. Install the `tor` package:
    266273{{{
    267274dnf install tor
     
    283290
    284291==== FreeBSD ====
    285 1. Install the "tor" package:
     2921. Install the `tor` package:
    286293{{{
    287294pkg install tor
     
    313320
    314321==== HardenedBSD ====
    315 1. Install the "tor" package:
     3221. Install the `tor` package:
    316323{{{
    317324pkg install tor
     
    343350==== openSUSE
    344351
    345 1. Install the "tor" package:
     3521. Install the `tor` package:
    346353{{{
    347354zypper install tor
     
    379386=== Limiting bandwidth usage (and traffic)
    380387Tor will not limit its bandwidth usage by default, but supports multiple ways to restrict the used bandwidth
    381 and the amount of traffic. This can be handy if you want to ensure that Tor does not exceed a certain amount of bandwidth or total traffic per day/week/month. The following torrc configuration options can be used to restrict bandwidth and traffic:
     388and the amount of traffic. This can be handy if you want to ensure that your Tor relay does not exceed a certain amount of bandwidth or total traffic per day/week/month. The following torrc configuration options can be used to restrict bandwidth and traffic:
    382389
    383390* [https://www.torproject.org/docs/tor-manual.html.en#AccountingMax AccountingMax]
     
    392399=== IPv6
    393400
    394 We encourage everyone to enable IPv6 on their relays for non-relay-to-relay traffic. This is especially valuable on exit and guard relays.
     401We encourage everyone to enable IPv6 on their relays. This is especially valuable on exit and guard relays.
    395402
    396403Before enabling your tor daemon to use IPv6 in addition to IPv4 ensure that IPv6 connectivity works from and to your server.
     
    406413ORPort [IPv6-address]:9001
    407414}}}
     415The location of that line in the configuration file does not matter you can simply add it next to the first ORPort lins in your torrc file.
     416
    408417**Note:** You have to explicitly specify your IPv6 address in square brackets, you can not tell tor to bind to any IPv6 (like you do for IPv4). If you have a global IPv6 address you should be able to find it in the output of the following command:
    409418{{{
     
    432441
    433442Instead of doing so manually for big operators we recommend to automate the MyFamily setting via a
    434 [[TorRelayGuide#ConfigurationManagement]] solution.
     443[[TorRelayGuide#ConfigurationManagement]] solution. Manually managing MyFamily for big relaygroups is error prone and can put Tor clients at risk.
    435444
    436445=== Exit Relay Configuration
     
    444453==== DNS on Exit Relays
    445454
    446 Unlike other types of relays, exit relays also do DNS resolution for Tor clients. DNS resolution on exit relays is crucial for Tor clients. It is recommended to use a local (on the same host or same LAN segment) recursive DNS resolver. DNS resolution can have a significant impact on the performance your exit relay provides. Poor DNS performance will result in less traffic going through your exit relay.
    447 
     455Unlike other types of relays, exit relays also do DNS resolution for Tor clients. DNS resolution on exit relays is crucial for Tor clients. It is recommended to use a local (on the same host or same LAN segment) recursive DNS resolver.
     456
     457There are multiple options for DNS server software, unbound has become a popular one. In every case the software should be installed using the OS package manager to ensure it is updated with the rest of the system.
     458
     459DNS resolution can have a significant impact on the performance your exit relay provides. Poor DNS performance will result in less traffic going through your exit relay.
    448460It is a bad practice to use DNS resolvers from big corporations like Google since they see already a lot of DNS requests from exits or organizations that perform filtering on DNS requests.
    449461
    450 There are multiple options for DNS server software, unbound has become a popular one. In every case the software should be installed using the OS package manager to ensure it is updated with the rest of the system.
    451462
    452463===  Tor relay lifecycle
     
    492503=== Legal considerations (for exit relay operators)
    493504
    494 Relay operators should understand the potential risks associated with running a relay. For the majority of operators in most countries, bridges and guard/middle relays are very low risk. Exits are the ones that present some legal concerns, but operators under most circumstances will be able to handle legal matters by having an abuse response letter, running the exit from a location that isn't their home, and reading through some of the legal resources that Tor-supportive lawyers have put together.
     505Exit relay operators should understand the potential risks associated with running an exit relay. For the majority of operators in most countries, bridges and guard/middle relays are very low risk. Exits are the ones that present some legal concerns, but operators under most circumstances will be able to handle legal matters by having an abuse response letter, running the exit from a location that isn't their home, and reading through some of the legal resources that Tor-supportive lawyers have put together.
    495506
    496507==== Legal resources
     
    501512
    502513Operators can put together their own abuse complaint template responses from one of many templates that Tor has created: https://trac.torproject.org/projects/tor/wiki/doc/TorAbuseTemplates.
     514
     515It is important to respond to abuse complaints in a timely manner (usually within 24 hours). If the hoster gets annoyed by the  amount of abuse you can reduce the amount of ports allowed in your exit policy. Please document your experience with new hosters on the follwoing wiki page:
     516https://trac.torproject.org/projects/tor/wiki/doc/GoodBadISPs
    503517
    504518Other docs we like:
     
    517531Once you have a trusted group of people, depending on your region, it is often advised to create some type of non-profit corporation. This is useful for having a bank account, shared ownership, grant applications, etc. In many countries operating as a corporation instead of as an individual can also get you certain legal protections.
    518532
    519 The next steps are figuring out hardware, transit, and server hosting. Depending on your location and connections within the technical community of the area, the last one may be the hardest step. Small local ISPs often have extra bandwidth, and may be interested in supporting your group with some bandwidth or rackspace. It is extremely important to maintain good relationships with these ISPs. Older server hardware can often be found on places like eBay for cheap, but be aware that cheap hardware may be cheap for a reason!
     533The next steps are figuring out hardware, transit, and server hosting. Depending on your location and connections within the technical community of the area, the last one may be the hardest step. Small local ISPs often have extra bandwidth, and may be interested in supporting your group with some bandwidth or rackspace. It is extremely important to maintain good relationships with these ISPs.
    520534
    521535==== At your university ====
     
    539553
    540554=== TODO
    541 * add unbound sample configuration
    542 * check this doc for consistency of Tor vs. tor
    543 * make page read-only; accept changes via ticket
    544555* link to the wiki from https://www.torproject.org/docs/tor-doc-relay.html.en
    545 * how to report bugs in this guide
    546 * Tom suggests on the ticket: I'd suggest adding a section under Part 3 about how hosting providers may get annoyed by abuse complaints and demand or shut down relays.
    547  Suggest users stay on top of abuse complaints and update the GoodBadISPs
    548  list.