Tor Relay Operator

[sqrrm]

Docs:
Team: @bisq-network/tor-relay-operators
Primary owner: @sqrrm

---

As discussed in bisq-network/proposals#15 (comment)

The tor relay operator should keep a tor relay running with reasonable stats on https://metrics.torproject.org/rs.html#search

To be eligible for compensation the operator should:

• be a regular contributor to bisq
• announce their intention to run relay nodes here
• link to stats for node showing reasonable consensus weight

Installation

There are instructions on how to set up a relay at https://trac.torproject.org/projects/tor/wiki/TorRelayGuide and a tool to locally manage multiple relays at https://github.com/nusenu/ansible-relayor

Example

I followed the guide at https://medium.com/@nusenu/deploying-tor-relays-with-ansible-6612593fa34d
Setting up relays on three VPSs with 2GB RAM (probably overkill) and 20GB SSD (definitely more than needed). The VPSs run ubuntu 16.04.

From the control machine which would typically not be running tor relays itself (my local laptop in my example)

sudo apt-add-repository ppa:ansible/ansible
sudo apt update

// On control machine: (ubuntu 16.04 in my example)
apt install ansible tor python-netaddr

// If tor is not needed on the control machine
systemctl disable --now tor

// Add config files
sqrrm@sqrrm:~ $ cat ~/.ansible.cfg 
[defaults]
inventory = ~/ansible/hosts
roles_path = ~/ansible/roles

sqrrm@sqrrm:~ $ cat ~/ansible/hosts 
[relays]
relay2.sqrrm.net
relay3.sqrrm.net
relay4.sqrrm.net

// Install relayor
ansible-galaxy install nusenu.relayor

// Add role
sqrrm@sqrrm:~ $ cat ~/ansible/roles/sqrrm-relay.yml 
---

- hosts: relays
  remote_user: relay
  vars:
    tor_ContactInfo: [email protected]
    tor_signingkeylifetime_days: 90
    tor_nickname: sqrrm
    tor_IPv6: False
  roles:
   - nusenu.relayor

// Install relays
ansible-playbook ~/ansible/roles/sqrrm-relay.yml --ask-sudo-pass

All relays should now be up and running, two per VPS.

[sqrrm]

I'm running https://metrics.torproject.org/rs.html#details/D4FBE51BC35C3921F31B6E561FD8C07BC56F9D71 which I will use as a baseline for what reasonable relay node stats would be. This setup costs about USD6 per month.

[sqrrm]

Using https://github.com/nusenu/ansible-relayor I have now setup 6 more relays on 3 VPSs, 2 per instance according to recommendations from the Tor relay guide.

I've tried this before but it didn't work properly but with the newest ansible-relayor it might be better. Hopefully this works as it seems like a much more solid way to manage relays.

[ghost]

Little technical question:
I have seen some low-cost VPS, located in Asia, but there is a little lag. Little but however existent.
I suppose this is a problem for using such VPS as a tor-relay ?

[sqrrm]

I think it's more important to spread the relays but maybe it's no good if there is too much lag. Typically the Tor community recommends spreading out the relays as much as possible and Africa in particular is under represented and I think Asia could also use more relays. If you're in the mood you should try it out and see if you get any usage.

[ghost]

In fact, I had a look 6 months or one year ago, but I read that the install was rather complicated (?), so I didn't try.
But reading your posts here makes me rethink.

Here, from Europe, I experimented sure lag with a VPS in Asia (thru ssh).
But maybe/probably for Asia/Asia usage, there is no lag (?).

[sqrrm]

@HarryMacfinned That's probably part of the lag at least. If you want to just setup a single relay to test follow the Tor Relay Guide. I added a link in the initial comment. It's not hard if you're already comfortable setting up your own linux VPS.

[sqrrm]

2018.07 report

This was the first month running tor relays and asking compensation. The relays I run can be found at https://metrics.torproject.org/rs.html#search/sqrrm and specifically
https://metrics.torproject.org/rs.html#details/D4FBE51BC35C3921F31B6E561FD8C07BC56F9D71
https://metrics.torproject.org/rs.html#details/1B9C26C1DAB190EAD3EBADB70914E0949ADC2588
https://metrics.torproject.org/rs.html#details/EE556626236B477A40770AACDE5BB140006EFB4D
https://metrics.torproject.org/rs.html#details/8C3AD2C2AAF7F7B7E92B81F13C1A9267B39416DA
https://metrics.torproject.org/rs.html#details/406788A9108C14F10067BE7960985EB2EC8224D2
https://metrics.torproject.org/rs.html#details/793ED35AA169BB4269CD49A31ABE35E05A960C96
https://metrics.torproject.org/rs.html#details/ACEC94B015533531CEE55DBF6FE0AAC36B21174A

They are all > 4MB/s now. The first one is running on its own server and has been running for several months, it's also used as guard. The other 6 are sharing a server for two instances and only started running for this month. I'm not sure why they're not yet used as guards, could be they're still too new.

[sqrrm]

2018.08 report

All relays have been running without any trouble, see https://metrics.torproject.org/rs.html#search/sqrrm

I think it's a good thing we support relay nodes considering how dependent bisq is on the tor network, would be good if some more people were to run them.

[ManfredKarrer]

@sqrrm Could you provide some info how to get a Tor relay node setup? System requirements, install scripts,...

[alexej996]

@ManfredKarrer it is really simple to be honest. You just need to install Tor with "apt-get install tor", uncomment "RunAsDeamon 1" and "ORPort 9001" option in /etc/tor/torrc.

Those two are the only required options, but of course there are all kinds of nice little options under that "just for relays" section in torrc file. You can setup a DNS address so the relay isn't just known by the IP, you can setup a nickname for the node so you can recognize it by more then just a fingerprint.
Adding contact info is also cool so they can contact you if something is wrong.

Only options that is concerning security is the "MyFamily" option where you list fingerprints of your other nodes.
The rest is just some specifics if you want. For example uncommenting "DirPort" if you got decent bandwidth.

Personally I would love to run a relay on a VPS one day, as I like running them whenever I am in position to do so, at least a bridge if nothing else, but currently I am not is position to do so for Bisq.
I am looking forward to it in future though.

[sqrrm]

2018.09 report

All relays have been running without any trouble at reasonable rates, see https://metrics.torproject.org/rs.html#search/sqrrm

Added installation instructions in issue description #72 (comment)

[clearwater-trust]

I decided to run a couple of tor relays after reading this role and recent forum post https://bisq.community/t/how-to-deal-with-repeated-tor-problems/6334/

My goal is to better understand bisq, the dao, and how i might be able to help. This seems like a good place for me to start.

https://metrics.torproject.org/rs.html#details/038D03689EE87ADA0224ED0671C109506039A8B5
https://metrics.torproject.org/rs.html#details/615F7FAEF7F23DFAD24ECC5E09DADE221B37878D

The relays reside on digital ocean. tor specifically names this hosting provider as over-saturated :(

I'm expecting to see advertised bandwidth increase in 72 hours according to tor documentation.

Admittedly, low hanging fruit. But you have to start somewhere.

[ManfredKarrer]

@clearwater-trust Great thanks!

[sqrrm]

@clearwater-trust It might be low hanging fruit but you're the first to do it after the role was created, good initiative.

I noticed 188.166.21.247:9001 (clearwatertrustx2) has been down for a few days, in case you're not aware.

[clearwater-trust]

@sqrrm thanks for the heads up! I'm serving bisq.shop from the vps and probably need to run the relay elsewhere. I switched the relay off in the interim.

[ManfredKarrer]

@sqrrm It would be good if we communicate a bit more in our community as well it the Tor community that we support Tor relay nodes by paying BSQ.

[sqrrm]

2018.10 report

I have run 7 relays on 4 servers. All relays have been running without any trouble at reasonable rates, see https://metrics.torproject.org/rs.html#search/sqrrm

[sqrrm]

2018.11 report

I run 7 relays on 4 servers. This month there was an issue with upgrading to a new tor version. There was some trouble upgrading but all now looks good, see https://metrics.torproject.org/rs.html#search/sqrrm

bisq-network/compensation#173

[sqrrm]

2018.12 report

One of the relays (185.25.51.202) got a complaint and bacloud suspended the service. After explaining that I run a relay and it's possible whoever complained don't understand the activity they thought were port scans I got it unsuspended. It's not exactly clear what caused the complaint but others running relays have had similar issues when the complainer were running a tor client and not understanding the replies. I'm currently monitoring the ip that complained to see if there is any further activity.

Complaint:

To Whom it May Concern,

You have a system on your network that is actively scanning and/or attacking external sites on the Internet. This can come from many sources and because it is often difficult to detect this activity, we are sending this E-mail in an attempt to help you solve the problem.

We have detected your system with an IP of, 185.25.51.202, scanning a client we monitor. This was not a short attack but a prolonged scan and/or probe that was designed to find and intrude into the target network.

This may be someone on your network who is actively trying to hack others. This person may be a legitimate user on your network or it may be that this system has been compromised and is being used by someone to hack others. It is also likely that the system is running automated tools that have been installed to perform these actions without any human intervention.

Below is the information about the attack. Keep in mind that the source IP of our client has been sanitized for anonymity.

To conclude December, there was some work to sort this out but after I spoke with the support and restarted my services there hasn't been any more issues. I hope this was a one time thing but I suspect it will happen again, the question is how often. During the downtime my relays lost their guard status but are not mostly back. https://metrics.torproject.org/rs.html#search/sqrrm

bisq-network/compensation#190

[sqrrm]

2019.01 report

No issues this month, running 7 relays without trouble https://metrics.torproject.org/rs.html#search/sqrrm

bisq-network/compensation#213

[sqrrm]

2019.02 report

Still no issues or complaints, running 7 relays without trouble https://metrics.torproject.org/rs.html#search/sqrrm

bisq-network/compensation#228 (comment)

[sqrrm]

Cycle 24 report

4 nodes running https://metrics.torproject.org/rs.html#search/sqrrm

bisq-network/compensation#838

[sqrrm]

Cycle 25 report

4 nodes running, metrics not working right now, but can usually be found at https://metrics.torproject.org/rs.html#search/sqrrm

bisq-network/compensation#855

[sqrrm]

Cycle 26 report

4 nodes running, metrics now working again, https://metrics.torproject.org/rs.html#search/sqrrm

bisq-network/compensation#874

[sqrrm]

@bisqubutor looks great. I would support your relay nodes for compensation as long as the ask is reasonable.

[sqrrm]

Cycle 27 report

4 nodes running, metrics at https://metrics.torproject.org/rs.html#search/sqrrm

bisq-network/compensation#897

[sqrrm]

@bisqubutor While I think it's a good thing to support tor nodes, that is a considerable jump in the number of nodes you are requesting compensation for. I didn't realize you intended to run this many and I'm not sure the bisq DAO is ready to support USD900 monthly for tor relays at this stage, considering the current trading volume and corresponding fees.

I hope that other contributors would add their opinions on this as well.

[sqrrm]

Cycle 28 report

4 nodes running, metrics at https://metrics.torproject.org/rs.html#search/sqrrm

bisq-network/compensation#916

[Emzy]

@bisqubutor While I think it's a good thing to support tor nodes, that is a considerable jump in the number of nodes you are requesting compensation for. I didn't realize you intended to run this many and I'm not sure the bisq DAO is ready to support USD900 monthly for tor relays at this stage, considering the current trading volume and corresponding fees.

I hope that other contributors would add their opinions on this as well.

I agree, this is an exorbitant 20x increase in nodes and compensation.

Is there any prior talk/documentation about this action?

[wiz]

bisqubutor is not assigned to this role, no idea why is he making reports and claiming compensation

[sqrrm]

Cycle 29 report

4 nodes running, metrics at https://metrics.torproject.org/rs.html#search/sqrrm

Regarding bisqubutor's relays, could we come to some agreement to support some of their nodes? It seems good to support some, although 80+ is a bit much.

bisq-network/compensation#930

[sqrrm]

Cycle 30 report

4 nodes running, metrics at https://metrics.torproject.org/rs.html#search/sqrrm

bisq-network/compensation#952

[sqrrm]

Cycle 31 report

4 nodes running, metrics at https://metrics.torproject.org/rs.html#search/sqrrm

bisq-network/compensation#962

[sqrrm]

@bisqubutor I understand you had to cancel the servers. I think adding so many servers doesn't sit right with most bisq contributors. If you're still interested in running a few nodes, then we should get a consensus from the ops team and approval from @Emzy to include this in the bisq budget. That way know also how much you can claim and how to budget from your side.

I'm sorry for my slow reply, I've been rather inactive the last few months.

[sqrrm]

Cycle 32 report

4 nodes running, metrics at https://metrics.torproject.org/rs.html#search/sqrrm

bisq-network/compensation#990

[Emzy]

In short, I think we should stop this role.
See: bisq-network/proposals#363

[sqrrm]

Cycle 33 report

4 nodes running, metrics at https://metrics.torproject.org/rs.html#search/sqrrm

I think this will be my last cycle doing this role from the look of it.

bisq-network/compensation#1011

[pazza83]

The proposal to discontinue this role was accepted in cycle 33 bisq-network/proposals#363