Skip to content

Relay ORPort is not reachable in Tor 0.4.5 (worked in Tor 0.4.4)

Summary

After upgrading to Tor 0.4.5.9 the ORPort never becomes reachable

Steps to reproduce:

  1. Step 1 Start tor in a docker instance

What is the current bug behavior?

ORPort is never reachable

What is the expected behavior?

ORPort should become reachable

Environment

Tor 0.4.5.9 Docker swarm 20.10.2 Alpine linux

Relevant logs and/or screenshots

Dockerfile

FROM alpine

RUN apk add tor sudo
ADD torrc /var/lib/tor/

ENTRYPOINT ["/usr/bin/sudo", "-u", "tor", "/usr/bin/tor", "-f", "/var/lib/tor/torrc", "--MaxMemInQueues", "1024MB"]

torrc

DataDirectory /var/lib/tor
ORPort 9901
DirPort 9930
SocksPort 0
ControlSocket /var/lib/tor/tor.socket
ExitPolicy reject *:*
ExitPolicy reject6 *:*
ExitRelay 0
IPv6Exit 0
RelayBandwidthRate 10240 KBytes
RelayBandwidthBurst 15360 KBytes
Nickname nod3
ContactInfo email@localhost

Log output

Jun 30 16:40:12.383 [notice] Tor 0.4.5.9 running on Linux with Libevent 2.1.12-stable, OpenSSL 1.1.1k, Zlib 1.2.11, Liblzma 5.2.5, Libzstd 1.4.9 and Unknown N/A as libc.
Jun 30 16:40:12.383 [notice] Tor can't help you if you use it wrong! Learn how to be safe at https://www.torproject.org/download/download#warning
Jun 30 16:40:12.385 [notice] Read configuration file "/var/lib/tor/torrc".
Jun 30 16:40:12.393 [notice] Opening Control listener on /var/lib/tor/tor.socket
Jun 30 16:40:12.441 [notice] Opened Control listener connection (ready) on /var/lib/tor/tor.socket
Jun 30 16:40:12.441 [notice] Opening OR listener on 0.0.0.0:9901
Jun 30 16:40:12.441 [notice] Opened OR listener connection (ready) on 0.0.0.0:9901
Jun 30 16:40:12.441 [notice] Opening OR listener on [::]:9901
Jun 30 16:40:12.441 [notice] Opened OR listener connection (ready) on [::]:9901
Jun 30 16:40:12.441 [notice] Opening Directory listener on 0.0.0.0:9930
Jun 30 16:40:12.442 [notice] Opened Directory listener connection (ready) on 0.0.0.0:9930
Jun 30 16:40:14.000 [notice] Parsing GEOIP IPv4 file /usr/share/tor/geoip.
Jun 30 16:40:14.000 [notice] Parsing GEOIP IPv6 file /usr/share/tor/geoip6.
Jun 30 16:40:15.000 [notice] Configured to measure statistics. Look for the *-stats files that will first be written to the data directory in 24 hours from now.
Jun 30 16:40:15.000 [notice] Your Tor server's identity key  fingerprint is 'nod3 447EFB012D16720324301796D008D50E883A4378'
Jun 30 16:40:15.000 [notice] Your Tor server's identity key ed25519 fingerprint is 'nod3 ESBUqZdtc4oGo3Pfim+Fv+v1Jf8hKpV22Shf0vtktAQ'
Jun 30 16:40:15.000 [notice] Bootstrapped 0% (starting): Starting
Jun 30 16:40:46.000 [notice] Starting with guard context "default"
Jun 30 16:40:47.000 [notice] Bootstrapped 5% (conn): Connecting to a relay
Jun 30 16:40:47.000 [notice] Unable to find IPv6 address for ORPort 9901. You might want to specify IPv4Only to it or set an explicit address or set Address.
Jun 30 16:40:47.000 [notice] Bootstrapped 10% (conn_done): Connected to a relay
Jun 30 16:40:47.000 [notice] Bootstrapped 14% (handshake): Handshaking with a relay
Jun 30 16:40:47.000 [notice] Bootstrapped 15% (handshake_done): Handshake with a relay done
Jun 30 16:40:47.000 [notice] Bootstrapped 75% (enough_dirinfo): Loaded enough directory info to build circuits
Jun 30 16:40:47.000 [notice] Bootstrapped 90% (ap_handshake_done): Handshake finished with a relay to build circuits
Jun 30 16:40:47.000 [notice] Bootstrapped 95% (circuit_create): Establishing a Tor circuit
Jun 30 16:40:47.000 [notice] Bootstrapped 100% (done): Done
Jun 30 16:40:47.000 [notice] Now checking whether IPv4 ORPort xxx.xxx.xxx.xxx:9901 is reachable... (this may take up to 20 minutes -- look for log messages indicating success)
Jun 30 16:40:47.000 [notice] Now checking whether IPv4 DirPort xxx.xxx.xxx.xxx:9930 is reachable... (this may take up to 20 minutes -- look for log messages indicating success)
Jun 30 16:40:48.000 [notice] Self-testing indicates your DirPort is reachable from the outside. Excellent.
Jun 30 17:00:49.000 [warn] Your server has not managed to confirm reachability for its ORPort(s) at xxx.xxx.xxx.xxx:9901. Relays do not publish descriptors until their ORPort and DirPort are reachable. Please check your firewalls, ports, address, /etc/hosts file, etc.

tord-log.zip

Possible fixes

Edited by Roger Dingledine
To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information