wiki:TorRelayGuide

Version 7 (modified by alison, 11 months ago) (diff)

added relay config info

The Ultimate Guide to Running a Relay

Why run a relay?

Types of relays in the Tor network

All relays are important, but they have different technical requirements and legal implications. Understanding the different kinds of relays is the first step to learning which one is right for you.

Guard/middle relay

A guard is the first relay in a Tor circuit when the user is not using a bridge. A middle relay is neither a guard nor an exit, but acts as the middle point between the two. Non-exit relays can function as either a guard or a middle for different users.

A guard or middle relay will also generally receive very few (near-zero) abuse complaints. This relay will be listed in the public consensus, so may be blocked by certain services that don't understand how Tor works. If you are running a relay from home and have one static IP, you may want to consider running a bridge instead so that your non-Tor traffic doesn't get blocked as though it's coming from Tor. If you have a dynamic IP or multiple static IPs, this isn't as much of an issue.

It takes some time for the traffic directed to new guard/middle relay to ramp up. To understand this process, read about the lifecycle of a new relay: https://blog.torproject.org/lifecycle-new-relay.

Bridge

The design of the Tor network means that the identity of most Tor relays is public. However, one of the ways Tor can be blocked by governments or ISPs is by blacklisting the IP addresses of these public Tor nodes. Bridge relays are Tor relays that are not listed in the public Tor directory, which make it harder for ISPs and governments to block them. Bridges are useful for Tor users under oppressive regimes, and for people who want an extra layer of security because they're worried somebody will recognize that they are contacting a public Tor relay IP address. Several countries, including China and Iran, have found ways to detect and block connections to Tor bridges. Pluggable transports (https://www.torproject.org/docs/pluggable-transports.html.en), a special kind of bridge, address this by adding an additional layer of obfuscation.

Bridges are relatively easy and low-risk relays to operate, but they have a big impact on users. A bridge isn't likely to receive any abuse complaints, and since bridges are not listed in the public consensus, they are unlikely to be blocked by popular services. Bridges are a great option if you can only run a relay from your home network, have only one static IP, and don't have a huge amount of bandwidth to donate -- we recommend giving your bridge at least 1Mbit/sec.

Exit relay

The exit relay is the final relay in the Tor circuit, the one that sends traffic out its destination. The service you are connecting to (website, chat service, email provider, etc) will see the IP address of the exit relay instead of your real IP address. Exit relays have the greatest legal exposure and liability of all the relays. For example, if a user downloads copyrighted material while using your exit relay, you the operator may receive a DMCA notice. Any abuse complaints about the exit will go directly to you. Generally, these complaints can be handled pretty easily through template letters, which we'll discuss more in the section below. Because of the legal exposure that comes with running an exit relay, we do not recommend running it from your home. Ideal exit relay operators are affiliated with some institution, like a university or a library. An institution can not only provide greater bandwidth for the exit, but is better positioned to handle abuse complaints or the rare law enforcement inquiry. Here are some more tips for running an exit relay with minimal difficulty: https://blog.torproject.org/tips-running-exit-node

Requirements

Minimal bandwidth

Choosing a server

If you have access to a high speed internet connection and a physical piece of computer hardware, this is the best way to run a relay. Having full control over the hardware and connection gives you a more controllable and (if done correctly) secure environment. You can host your own physical hardware at home or in a data center. Sometimes this is referred to as installing the relay on "bare metal".

If you do not own physical hardware, you could run a relay on a VPS. This can cost anywhere between $3.00/month and thousands per month, depending on your provider, hardware configuration, and bandwidth usage. Many VPS providers will not allow you to run exit relays, and some will not allow you to run relays at all. You must follow the VPS provider's terms of service, or risk having your account disabled. Not having control over the physical hardware or the host operating system, you are relying on the VPS provider to configure the host machine safely, and not over-subscribe their hardware. You are also relying on the hosting provider for physical security. For more information on ISPs and VPS providers and their policies on allowing Tor relays, please see this guide maintained by the Tor community: https://trac.torproject.org/projects/tor/wiki/doc/GoodBadISPs.

AS/location diversity

Installation

Debian/Ubuntu

Configuring your Tor relay on Debian/Ubuntu

auto update instructions (for tor package only or entire OS?)

RedHat/CentOS/Fedora

yum/dnf install tor

auto update instructions

  • OperatorsTips/RPMUpdates - Keeping your relay software up to date with RPM-based distributions (RedHat, Fedora, CentOS, etc.)

Gentoo

ArchLinux

FreeBSD/HardeneBSD

OpenBSD

MacOS?

Windows?

Configuring your Tor

You'll make slight changes to the torrc file depending on what kind of relay you want to run.

guard/middle relay

bridge

exit relay

DNS considerations

Maintaining a relay

Setting up outage notifications

Relay Search

tor-relays mailing list

Legal considerations

Relay operators should understand the potential risks associated with running a relay. For the majority of operators in most countries, bridges and guard/middle relays are very low risk. Exits are the ones that present some legal concerns, but operators under most circumstances will be able to handle legal matters by having an abuse response letter, running the exit from a location that isn't their home, and reading through some of the legal resources that Tor-supportive lawyers have put together.

Legal resources

The EFF Tor Legal FAQ (https://www.torproject.org/eff/tor-legal-faq.html.en) answers many common questions about relay operation and the law. We also like Noisebridge's wiki for additional legal resources: https://www.noisebridge.net/wiki/Noisebridge_Tor/FBI. In general it's a good idea to consult with a lawyer before deciding to operate an exit relay, especially if you live in a place where exit relay operators have been harassed, or if you're the only exit relay operator in your region. Get in touch with your local digital rights organization to see if they have recommendations about legal assistance, and if you're not sure what organizations are working in your region, write to EFF and see if they can help connect you: https://www.eff.org/about/contact.

Responding to abuse complaints

Operators can put together their own abuse complaint template responses from one of many templates that Tor has created: https://trac.torproject.org/projects/tor/wiki/doc/TorAbuseTemplates.

Other docs we like include:

Running a relay with other people

More resources