Tor Friends and Relay Operators Meetup @ OnionSpace Berlin
Notes
Operators run relays in Germany on residential connections and on Raspberry Pi 2 with a standard (not tweaked/tuned) Raspbian distribution with a network speed in satisfactory levels (for a residential connection).
The biggest part of the meetup was dedicated into the situation (see related blog post: https://blog.torservers.net/20180704/coordinated-raids-of-zwiebelfreunde-at-various-locations-in-germany.html) of Torservers (Zwiebelfreunde e.v) and what we can do to possibly avoid such incidents in the future.
A large-scale operator (with more than 20 exit relays) was wondering about the effects of the newer tor versions and the MyFamily
configuration option.
- After setting up the
MyFamily
saw a 50% drop on the number connections and the usage of the relay bandwidth; - This person would like to push more bandwidth and would like to find out how to better achieve this scenario;
- The person also asked if it's possible to run FreeBSD/OpenBSD in a embedded SoC (like Raspberry, or BeagleBone) - yes! it is possible, and some people do it :)
Shared info about the list of providers to run any BSD-powered VPS, and setup
- TDP's Wiki
- TDP's Blog Post
- Updated List of Providers? Here.
Recommendations from what we also discussed in Rome @ Prenestino: do not use disk encryption (from tor-relay@)
- More from Rome? Here.
The abuse emails do not bother relays operation in Germany
-
Some providers/ISP just ignore the abuse emails - not forwarding it to the relay operator;
- the abuse contact might be present only in the WHOIS database from the relay's CIDR;
- no contact available to reach the operator? - this changed! operators need to add contact info.
-
Even if you respond to the emails there was no feedback;
-
We do not need to shutdown the machines.
A follow up meetup will happen around mid August (in Berlin). Stay tuned!
A poll to find a suitable date for the next meetup (allowing anonymous submission) is hosted here: https://www.systemli.org/poll/#/poll/ZBd5UDeTv6/participation?encryptionKey=CfN4AV4buBqwxL4mmEXlwMtzgbMINEXUA7P7Phbj
Open Questions
-
Who run the relays with the family fingerprint B740BCECC4A9569232CDD45C0E1330BA0D030D33 ?
- The exit probability of this family is ~10.5%
- Has anyone met this person/entity?
- The relays are, at the same time, marked as
Guard
andExit
-
The current feature for DDoS protection is really optional, or does it need to be manually enabled? (regarding the traffic drop on the relays mentioned before)