Matt Pagan commited on 2014-01-10 08:10:49
Zeige 1 geänderte Dateien mit 198 Einfügungen und 4 Löschungen.
... | ... |
@@ -132,12 +132,22 @@ country) |
132 | 132 |
</a></li> |
133 | 133 |
<li><a href="#WhyIsntMyRelayBeingUsedMore">Why isn't my relay being |
134 | 134 |
used more?</a></li> |
135 |
+ <li><a href="#IDontHaveAStaticIP">I don't have a static IP.</a></li> |
|
136 |
+ <li><a href="#ModemKeepsCrashing">My cable/dsl modem keeps crashing. |
|
137 |
+ What's going on?</a></li> |
|
138 |
+ <li><a href="#PortscannedMore">Why do I get portscanned more often |
|
139 |
+ when I run a Tor relay?</a></li> |
|
140 |
+ <li><a href="#MoreThanOneCPU">I have more than one CPU. Does this |
|
141 |
+ help?</a></li> |
|
135 | 142 |
<li><a href="#HighCapacityConnection">How can I get Tor to fully |
136 | 143 |
make use of my high capacity connection?</a></li> |
137 | 144 |
<li><a href="#RelayFlexible">How stable does my relay need to |
138 | 145 |
be?</a></li> |
139 |
- <li><a href="#ExitPolicies">I'd run a relay, but I don't want to |
|
140 |
-deal |
|
146 |
+ <li><a href="#BandwidthShaping">What bandwidth shaping options are |
|
147 |
+ available to Tor relays?</a></li> |
|
148 |
+ <li><a href="#LimitTotalBandwidth">How can I limit the total amount |
|
149 |
+ of bandwidth used by my Tor relay?</a></li> |
|
150 |
+ <li><a href="#ExitPolicies">I'd run a relay, but I don't want to deal |
|
141 | 151 |
with abuse issues.</a></li> |
142 | 152 |
<li><a href="#RelayOrBridge">Should I be a normal relay or bridge |
143 | 153 |
relay?</a></li> |
... | ... |
@@ -1526,8 +1536,8 @@ it.) |
1526 | 1536 |
</p> |
1527 | 1537 |
|
1528 | 1538 |
<p> |
1529 |
-For other configuration options you can use, look at the <a href="<page |
|
1530 |
-docs/tor-manual>">Tor manual page</a>. Look at <a |
|
1539 |
+For other configuration options you can use, see the <a href="<page |
|
1540 |
+docs/tor-manual>">Tor manual page</a>. Have a look at <a |
|
1531 | 1541 |
href="https://gitweb.torproject.org/tor.git/blob/HEAD:/src/config/torrc.sample.in"> |
1532 | 1542 |
the sample torrc file</a> for hints on common configurations. Remember, all |
1533 | 1543 |
lines beginning with # in torrc are treated as comments and have no effect |
... | ... |
@@ -2031,6 +2041,82 @@ from the source code release tor-0.2.4.16-rc is: |
2031 | 2041 |
|
2032 | 2042 |
<hr> |
2033 | 2043 |
|
2044 |
+ <a id="IDontHaveAStaticIP"></a> |
|
2045 |
+ <h3><a class="anchor" href="#IDontHaveAStaticIP">I don't have a static |
|
2046 |
+ IP.</a></h3> |
|
2047 |
+ |
|
2048 |
+ <p> |
|
2049 |
+ Tor can handle relays with dynamic IP addresses just fine. Just leave |
|
2050 |
+ the "Address" line in your torrc blank, and Tor will guess. |
|
2051 |
+ </p> |
|
2052 |
+ |
|
2053 |
+ <hr> |
|
2054 |
+ |
|
2055 |
+ <a id="ModemKeepsCrashing"></a> |
|
2056 |
+ <h3><a class="anchor" href="#ModemKeepsCrashing">My cable/DSL modem |
|
2057 |
+ keeps crashing. What's going on?</h3></a> |
|
2058 |
+ |
|
2059 |
+ <p> |
|
2060 |
+ Tor relays hold many connections open at once. This is more intensive |
|
2061 |
+ use than your cable modem (or other home router) would ever get normally. |
|
2062 |
+ So if there are any bugs or instabilities, they might show up now. |
|
2063 |
+ </p> |
|
2064 |
+ <p> |
|
2065 |
+ If your router keeps crashing, you've got two options. First, you should |
|
2066 |
+ try to upgrade its firmware. If you need tips on how to do this, ask |
|
2067 |
+ Google or your cable/router provider, or try the Tor IRC channel. |
|
2068 |
+ </p> |
|
2069 |
+ |
|
2070 |
+ <p> |
|
2071 |
+ Usually the firmware upgrade will fix it. If it doesn't, you will |
|
2072 |
+ probably want to get a new (better) router. |
|
2073 |
+ </p> |
|
2074 |
+ |
|
2075 |
+ <hr> |
|
2076 |
+ |
|
2077 |
+ <a id="PortscannedMore"></a> |
|
2078 |
+ <h3><a class="anchor" href="#PortscannedMore">Why do I get portscanned |
|
2079 |
+ more often when I run a Tor relay?</a></h3> |
|
2080 |
+ |
|
2081 |
+ <p> |
|
2082 |
+ If you allow exit connections, some services that people connect to |
|
2083 |
+ from your relay will connect back to collect more information about you. |
|
2084 |
+ For example, some IRC servers connect back to your identd port to record |
|
2085 |
+ which user made the connection. (This doesn't really work for them, |
|
2086 |
+ because Tor doesn't know this information, but they try anyway.) Also, |
|
2087 |
+ users exiting from you might attract the attention of other users on the |
|
2088 |
+ IRC server, website, etc. who want to know more about the host they're |
|
2089 |
+ relaying through. |
|
2090 |
+ </p> |
|
2091 |
+ <p> |
|
2092 |
+ Another reason is that groups who scan for open proxies on the Internet |
|
2093 |
+ have learned that sometimes Tor relays expose their socks port to the |
|
2094 |
+ world. We recommend that you bind your socksport to local networks only. |
|
2095 |
+ </p> |
|
2096 |
+ <p> |
|
2097 |
+ In any case, you need to keep up to date with your security. See this <a |
|
2098 |
+ href="https://trac.torproject.org/projects/tor/wiki/doc/OperationalSecurity">article |
|
2099 |
+ on operational security for Tor relays</a> for more suggestions. |
|
2100 |
+ </p> |
|
2101 |
+ |
|
2102 |
+ <hr> |
|
2103 |
+ |
|
2104 |
+ <a id="MoreThanOneCPU"></a> |
|
2105 |
+ <h3><a class="anchor" href="#MoreThanOneCPU">I have more than one CPU. |
|
2106 |
+ Does this help?</a></h3> |
|
2107 |
+ |
|
2108 |
+ <p> |
|
2109 |
+ Yes. You can set your NumCpus config option in torrc to the number of |
|
2110 |
+ CPUs you have, and Tor will spawn this many cpuworkers to deal with |
|
2111 |
+ public key operations in parallel. |
|
2112 |
+ </p> |
|
2113 |
+ |
|
2114 |
+ <p> |
|
2115 |
+ This option has no effect for clients. |
|
2116 |
+ </p> |
|
2117 |
+ |
|
2118 |
+ <hr> |
|
2119 |
+ |
|
2034 | 2120 |
<a id="HighCapacityConnection"></a> |
2035 | 2121 |
<h3><a class="anchor" href="#HighCapacityConnection">How can I get Tor to fully |
2036 | 2122 |
make use of my high capacity connection?</a></h3> |
... | ... |
@@ -2094,6 +2180,114 @@ too. |
2094 | 2180 |
|
2095 | 2181 |
<hr> |
2096 | 2182 |
|
2183 |
+ <a id="BandwidthShaping"></a> |
|
2184 |
+ <h3><a class="anchor" href="#BandwidthShaping">What bandwidth shaping |
|
2185 |
+ options are available to Tor relays?</a></h3> |
|
2186 |
+ |
|
2187 |
+ <p> |
|
2188 |
+ There are two options you can add to your torrc file: |
|
2189 |
+ </p> |
|
2190 |
+ <ul> |
|
2191 |
+ <li> |
|
2192 |
+ BandwidthRate is the maximum long-term bandwidth allowed (bytes per |
|
2193 |
+ second). For example, you might want to choose "BandwidthRate 2 MB" |
|
2194 |
+ for 2 megabytes per second (a fast connection), or "BandwidthRate 50 |
|
2195 |
+ KB" for 50 kilobytes per second (a medium-speed cable connection). |
|
2196 |
+ The minimum BandwidthRate is 20 kilobytes per second. |
|
2197 |
+ </li> |
|
2198 |
+ <li> |
|
2199 |
+ BandwidthBurst is a pool of bytes used to fulfill requests during |
|
2200 |
+ short periods of traffic above BandwidthRate but still keeps the |
|
2201 |
+ average over a long period to BandwidthRate. A low Rate but a high |
|
2202 |
+ Burst enforces a long-term average while still allowing more traffic |
|
2203 |
+ during peak times if the average hasn't been reached lately. For example, |
|
2204 |
+ if you choose "BandwidthBurst 50 KB" and also use that for your |
|
2205 |
+ BandwidthRate, then you will never use more than 50 kilobytes per second; |
|
2206 |
+ but if you choose a higher BandwidthBurst (like 1 MB), it will allow |
|
2207 |
+ more bytes through until the pool is empty. |
|
2208 |
+ </li> |
|
2209 |
+ </ul> |
|
2210 |
+ <p> |
|
2211 |
+ If you have an asymmetric connection (upload less than download) such |
|
2212 |
+ as a cable modem, you should set BandwidthRate to less than your smaller |
|
2213 |
+ bandwidth (Usually that's the upload bandwidth). (Otherwise, you could |
|
2214 |
+ drop many packets during periods of maximum bandwidth usage -- you may |
|
2215 |
+ need to experiment with which values make your connection comfortable.) |
|
2216 |
+ Then set BandwidthBurst to the same as BandwidthRate. |
|
2217 |
+ </p> |
|
2218 |
+ <p> |
|
2219 |
+ Linux-based Tor nodes have another option at their disposal: they can |
|
2220 |
+ prioritize Tor traffic below other traffic on their machine, so that |
|
2221 |
+ their own personal traffic is not impacted by Tor load. A <a |
|
2222 |
+ href="https://gitweb.torproject.org/tor.git/blob/HEAD:/contrib/linux-tor-prio.sh">script |
|
2223 |
+ to do this</a> can be found in the Tor source distribution's contrib |
|
2224 |
+ directory. |
|
2225 |
+ </p> |
|
2226 |
+ <p> |
|
2227 |
+ Additionally, there are hibernation options where you can tell Tor to |
|
2228 |
+ only serve a certain amount of bandwidth per time period (such as 100 |
|
2229 |
+ GB per month). These are covered in the <a |
|
2230 |
+ href="#LimitTotalBandwidth">hibernation entry</a> below. |
|
2231 |
+ </p> |
|
2232 |
+ <p> |
|
2233 |
+ Note that BandwidthRate and BandwidthBurst are in <b>Bytes,</b>not Bits. |
|
2234 |
+ </p> |
|
2235 |
+ |
|
2236 |
+ <hr> |
|
2237 |
+ |
|
2238 |
+ <a id="LimitTotalBandwidth"></a> |
|
2239 |
+ <h3><a class="anchor" href="#LimitTotalBandwidth">How can I limit the |
|
2240 |
+ total amount of bandwidth used by my Tor relay?</a></h3> |
|
2241 |
+ <p> |
|
2242 |
+ The accounting options in the torrc file allow you to specify the maximum |
|
2243 |
+ amount of bytes your relay uses for a time period. |
|
2244 |
+ </p> |
|
2245 |
+ <pre> |
|
2246 |
+ AccountingStart day week month [day] HH:MM |
|
2247 |
+ </pre> |
|
2248 |
+ <p> |
|
2249 |
+ This specifies when the accounting should reset. For instance, to setup |
|
2250 |
+ a total amount of bytes served for a week (that resets every Wednesday |
|
2251 |
+ at 10:00am), you would use: |
|
2252 |
+ </p> |
|
2253 |
+ <pre> |
|
2254 |
+ AccountingStart week 3 10:00 |
|
2255 |
+ AccountingMax N bytes KB MB GB TB |
|
2256 |
+ </pre> |
|
2257 |
+ <p> |
|
2258 |
+ This specifies the maximum amount of data your relay will send during an |
|
2259 |
+ accounting period, and the maximum amount of data your relay will receive |
|
2260 |
+ during an account period. When the accounting period resets (from |
|
2261 |
+ AccountingStart), then the counters for AccountingMax are reset to 0. |
|
2262 |
+ </p> |
|
2263 |
+ <p> |
|
2264 |
+ Example. Let's say you want to allow 1 GB of traffic every day in each |
|
2265 |
+ direction and the accounting should reset at noon each day: |
|
2266 |
+ </p> |
|
2267 |
+ <pre> |
|
2268 |
+ AccountingStart day 12:00 |
|
2269 |
+ AccountingMax 1 GB |
|
2270 |
+ </pre> |
|
2271 |
+ <p> |
|
2272 |
+ Note that your relay won't wake up exactly at the beginning of each |
|
2273 |
+ accounting period. It will keep track of how quickly it used its |
|
2274 |
+ quota in the last period, and choose a random point in the new interval |
|
2275 |
+ to wake up. This way we avoid having hundreds of relays working at the |
|
2276 |
+ beginning of each month but none still up by the end. |
|
2277 |
+ </p> |
|
2278 |
+ <p> |
|
2279 |
+ If you have only a small amount of bandwidth to donate compared to your |
|
2280 |
+ connection speed, we recommend you use daily accounting, so you don't |
|
2281 |
+ end up using your entire monthly quota in the first day. Just divide |
|
2282 |
+ your monthly amount by 30. You might also consider rate limiting to |
|
2283 |
+ spread your usefulness over more of the day: if you want to offer X GB |
|
2284 |
+ in each direction, you could set your BandwidthRate to 20*X. For example, |
|
2285 |
+ if you have 10 GB to offer each way, you might set your BandwidthRate to |
|
2286 |
+ 200 KB: this way your relay will always be useful for at least half of |
|
2287 |
+ each day. |
|
2288 |
+ </p> |
|
2289 |
+ <hr> |
|
2290 |
+ |
|
2097 | 2291 |
<a id="ExitPolicies"></a> |
2098 | 2292 |
<h3><a class="anchor" href="#ExitPolicies">I'd run a relay, but I |
2099 | 2293 |
don't want to deal with abuse issues.</a></h3> |
2100 | 2294 |