4 tor bridges same setting but only one have this problem？

I have 4 tor bridge, A B C D

yesterday, I just found that China GFW block my tor bridge A IP address, I don’t know why I got blocked, I just guess is China GFW detected my tor bridge？so I use ssh, login to tor bridge A system, I use nyx to check, I’ve see that, there have many data go through my bridge , total around 1.2TB,

螢幕截圖 2022-11-27 上午12.17.063092×506 48.7 KB

tor bridge A blocked by GFW, is this because too many data through my tor bridge transfer, bring GFW to attention ?

Bridge B, C, D is safe, IP didn’t get blocked

Both A, B, C, D config file is the same

here is the A, B, C, D config file:

Log notice file /var/log/tor/notices.log
RunAsDaemon 1
SOCKSPort 127.0.0.1:1090
ORPort auto
DirPort auto
AssumeReachable 1
Exitpolicy reject :
CookieAuthentication 0
HashedControlPassword 16:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
BridgeRelay 1
ServerTransportPlugin obfs4 exec /usr/bin/obfs4proxy
ServerTransportListenAddr obfs4 [::]:24689
ExtORPort auto
AuthDirGuardBWGuarantee 4 MB
MaxAdvertisedBandwidth 3.5 MB
RelayBandwidthRate 3 MB
RelayBandwidthBurst 4 MB
ExcludeNodes {hk},{cn},{mo},{kp},{ir},{sy},{pk},{cu},{vn}
strictnodes 0
ContactInfo abcd@abc.com
Nickname torbridgeA

when I go to tor relay search, and search my bridge, I’ve see that, tor bridge A, online already 3months, and other 3 bridges B, C, D, they will offline for while, bridge A, It’s almost like when I started tor and it just keeps going online.

螢幕截圖 2022-11-27 上午12.02.241920×307 40.7 KB

bridge B,C,D have down time, just like:

Downtime
1 hour 23 minute and 1 second
Last Seen
2022-11-26 14:43:05

but bridge A only have uptime, it didn’t get down, because it always online:

Uptime
95 days 3 hours 44 minutes and 34 seconds

again, bridge A,B,C,D config file is the same

in tor relay search result, bridge A Bridge distribution mechanism it show Moat

bridge B,C,D Bridge distribution mechanism is none

I don’t understand is :

why 4 bridge config file is the same, one bridge (A) always online and Bridge distribution mechanism show Moat,

but B,C,D they will go offline, and the Bridge distribution mechanism is none？

both A,B,C,D tor bridge can use normally

bridge A. tor version: 0.4.5.10 / obfs4proxy version: 0.0.8

bridge B. tor version: 0.4.5.10 / obfs4proxy version: 0.0.8

bridge C. tor version: 0.4.7.11 / obfs4proxy version: 0.0.14

bridge D. tor version: 0.4.7.10 / obfs4proxy version: 0.0.8

How did you find out that your bridge was blocked in China?

Please ignore the downtime in Metrics, it seems there is an issue with the bridge authority reporting bridges being offline while they are running and online.

Moat is the most popular bridge distributor method, but it’s also the method that bridges get blocked more quickly by censors.

ExcludeNodes {hk},{cn},{mo},{kp},{ir},{sy},{pk},{cu},{vn}

I’m curious to understand what are you trying to do with this line in your torrc.

Finally, please upgrade your obfsproxy to 0.0.14.

Edit: actually, your torrc is pretty weird. Could you explain a little bit about your choices here? And why you didn’t follow our official bridge guide?

How did you find out that your bridge was blocked in China? I mean my bridge IP was blocked by GFW, go to https://ping.pe , input my bridge IP, all China node turn RED, I’m guessing, could it be a tor bridge issue？ It was detected by the GFW because there was a lot of traffic passing through？My tor bridge system did not install any by-pass GFW software

Moat is the most popular bridge distributor method, but it’s also the method that bridges get blocked more quickly by censors. that’s what i want to ask
, why my Bridge A get “Moat”？but another 3 bridges show “none”？（4 bridges config file is the same) , In fact, my bridge A IP it was blocked by GFW.

I’m curious to understand what are you trying to do with this line in your torrc. before, I was build a relay, but I found that, GFW will block the relay IP, so I change to build a bridge, base on the relay config file , so I dunno some config line is useless,

Finally, please upgrade your obfsproxy to 0.0.14. I will do it as soon as possible

actually, your torrc is pretty weird. please help me to make some optimization in the config file. if u think the config file is not good enough, thanks

Could you explain a little bit about your choices here? I just base on relay setting, add this line BridgeRelay 1 , to make it as a bridge.

And why you didn’t follow our official bridge guide? Because I thought it was a very simple thing, no need to read the guide. seems I’m wrong.

This is not the best method — I don’t know which of these servers are behind the GFW —, but these results can give us some hints. If you would like us to test your bridge, please share the bridge line in private.

When you run a bridge, BridgeDB will assign your bridge to a distributor: moat, settings (circumvention API), telegram, email, reserved, and https (bridges.torproject.org). BridgeDB algorithm assign bridges automatically to different distributors. Some of these distributors are easier for censors to enumerate the bridges. Read more about bridge distributors: How do I change my bridge distribution method? | Tor Project | Support

So, yeah, probably censors in China discovered your bridge, but this is not your fault. How to “fix” this: if you can, just rotate your bridge IP address and your bridge will be back to the Internet freedom game.

Bridges distributor marked as none: I believe it is just a connectivity issue with your bridges and Serge, the bridge authority. I will check with the bridge authority if Serge is working well. I’m seeing other bridges offline and marked as none even though I can connect and use them.

Here is a torrc example, please change TODO1 to a random port (avoid 9001, 80, 443, 22):

BridgeRelay 1

Log notice file /var/log/tor/notices.log
RunAsDaemon 1
# Replace "TODO1" with a Tor port of your choice.
# Avoid port 9001 because it's commonly associated with Tor and censors may be scanning the Internet for this port.
ORPort TODO1
AssumeReachable 1
ServerTransportPlugin obfs4 exec /usr/bin/obfs4proxy
ServerTransportListenAddr obfs4 [::]:24689
ExtORPort auto
# AuthDirGuardBWGuarantee 4 MB
MaxAdvertisedBandwidth 3.5 MB
RelayBandwidthRate 3 MB
RelayBandwidthBurst 4 MB
ContactInfo abcd@abc.com
Nickname torbridgeA
CookieAuthentication 0
HashedControlPassword 16:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

thanks, I will try to follow your config file example to configure my bridge, and I’ve sent my Bridge A line to you from private message

A post was split to a new topic: My bridge seems to be offline