Fallback Directory Mirrors

This page has information about how fallback directory mirrors work.

Read Updating Fallback Directory Mirrors for updating Tor's hard-coded list of fallbacks.

Tor clients contact fallback directory mirrors during bootstrap, and download the consensus and authority certificates from them. Once a client has a verified consensus, it then uses the consensus to download relay descriptors.

Clients prefer to download the consensus from mirrors, but they will use an authority if they need to. A number of connections are made after short delays, and the first connection to succeed starts downloading the consensus. (See #4483 and proposal 210 for details.)

Certain jurisdictions only block the directory authorities. In these jurisdictions, mirrors also allow Tor clients that can't contact the directory authorities to download a consensus and use the Tor network. They allow Tor clients to bootstrap automatically, without the user having to configure bridges.

We include a default list of mirrors in the Tor source code. These default mirrors need to be long-term stable, and on the same IPv4 and IPv6 addresses and ports. (IPv6-only clients can use the IPv6 ORPort to bootstrap, see #19608.)

Users can include their own Fallback Directory Mirrors using the FallbackDir torrc option. This replaces the default hard-coded Fallback Directory Mirrors. The UseDefaultFallbackDirs torrc option (#17576) is set to 1 by default. If it is set to 0, it disables the default hard-coded Fallback Directory Mirrors. Tor will then bootstrap using only the authorities.

Opt-In Participation for Relay Operators

Relay operators can opt-in their relays as Fallback Directory Mirrors. When relay operators opt-in, their relay may be included in the default list of mirrors in Tor 0.2.8 and future releases.

We want fallback directory addresses to be stable for several releases, as their addresses are compiled into the Tor source code. Fallback directory IP addresses will continue to be contacted by old clients during bootstrap, until those clients are upgraded or shut down.

The latest list of fallback directory mirrors is at:

These relays are selected for stability and bandwidth according to the following criteria:

  • uptime,
  • the same IPv4 address and ports,
  • the same IPv6 address and ORPort, if present,
  • the same relay identity key,
  • good bandwidth and network connectivity.

Operators should opt-out of the trial if their relay is likely to:

  • become unstable or stop operating,
  • change addresses or move,
  • change keys, or
  • have a lower speed network connection,

in the next 1-2 years.

Some exits experience high load in the Tor network, but other exits are under-utilised. Therefore, exit operators can request to have their relay included as a Fallback Directory Mirror, or excluded from any future Fallback Directory Mirror list.

Last modified 12 months ago Last modified on Sep 20, 2016, 2:45:58 AM