I own a Tor relay in Russia. And, of course, I experience all the difficulties of our censorship now. My relay was working pretty well until last days. Now it cannot connect to the Tor network.
Firstly, I’d like to ask you: does it make sence to maintain the relay in such hard conditions? Is it still useful for the community and users?
Secondly, if you answer positively, here is my next question. What cam you advise to overcome the censorship for the relay?
I have *nix system with the newest Tor 0.4.7.7 and here is my current torrc:
SocksPort 9050 # what port to open for local application connections
Log notice file /var/log/tor/notices.log
RunAsDaemon 1
Nickname ******
ContactInfo ******
ORPort 0.0.0.0:9001 IPv4Only
BandwidthRate 500 KB
BandwidthBurst 750 KB
ClientTransportPlugin obfs4 exec /usr/local/bin/obfs4proxy
ServerTransportPlugin obfs4 exec /usr/local/bin/obfs4proxy
ExtORPort auto
BridgeRelay 1
<several lines "bridge obfs4 ...">
ExitRelay 0
PidFile /var/run/tor/tor.pid
ExcludeExitNodes {RU},{UA},{BY}
Is this config correct? Before the problem, I didn’t use bridges and BridgeRelay option. Now I tried to use but anyway I fail to connect. Usual last line in my log file are:
...
May 03 14:56:19.000 [notice] Bootstrapped 0% (starting): Starting
May 03 14:56:25.000 [notice] Starting with guard context "default"
May 03 14:56:25.000 [notice] Registered server transport 'obfs4' at '[::]:29669'
May 03 14:56:26.000 [notice] Unable to find IPv4 address for ORPort 9001. You might want to specify IPv6Only to it or set an explicit address or set Address.
May 03 14:56:26.000 [notice] Bootstrapped 5% (conn): Connecting to a relay
May 03 14:59:01.000 [warn] Problem bootstrapping. Stuck at 5% (conn): Connecting to a relay. (Operation timed out; TIMEOUT; count 10; recommendation warn; host ***** at *****:443)
May 03 14:59:01.000 [warn] 9 connections have failed:
May 03 14:59:01.000 [warn] 9 connections died in state connect()ing with SSL state (No SSL object)
May 03 14:59:02.000 [warn] Problem bootstrapping. Stuck at 5% (conn): Connecting to a relay. (Operation timed out; TIMEOUT; count 11; recommendation warn; host ***** at *****:443)
May 03 14:59:02.000 [warn] 10 connections have failed:
May 03 14:59:02.000 [warn] 10 connections died in state connect()ing with SSL state (No SSL object)
May 03 14:59:02.000 [warn] Problem bootstrapping. Stuck at 5% (conn): Connecting to a relay. (Operation timed out; TIMEOUT; count 12; recommendation warn; host ***** at *****:443)
I will be glad to your advice and support. I don’t want to give up
Is this config correct? Before the problem, I didn’t use bridges and BridgeRelay option. Now I tried to use but anyway I fail to connect.
With those settings, you enable the obfs4 options, it means that your relay becomes a bridge. You can read the differences between a middle relay and a bridge here : Tor Project | Types of relays on the Tor network
→ If you want to set your server as a bridge : Have you allowed the obfs4 port in your firewall / router ?
You can add this setting into the torrc file to put a specific obfs4 port to your bridge (port 443 is recommended to bypass restrictive firewalls) : ServerTransportListenAddr obfs4 0.0.0.0:443
Maintaining a bridge or relay in a censored country (like Russia) is very difficult and you always have to change the IPv4 address if it is a bridge, which makes the task too long and complex to do over time.
Since you are hosting inside, it is not easy for you and you risk to be blocked very often because they observe the network to block Tor.
For these reasons it is not recommended to host there, although it is still feasible.
Don’t hesitate to give feedback or ask questions if you still have some, thanks for helping the network
I don’t know if you’re familiar with OONI, but it would be great to test and measure Internet censorship in Russia. You can run ooniprobe to collect which websites and services are blocked in your ISP.
Thank you but nothing helped. I changed the port etc but still get a log message “Unable to find IPv4 address…”
My server is behind router (port forwarding ok) and has dynamic IP. OS FreeBSD. I suppose this problem is a consequence of misconfiguration, not censorship.
By the way, after adding this string into config:
ServerTransportListenAddr obfs4 0.0.0.0:4932
and restarting Tor service I get a log message:
Registered server transport 'obfs4' at '[::]:4932'
Check your computer’s firewall, to be sure the correct ports are opened for Tor. I messed that up the first time. Check carefully, I’d transposed two numbers and that was what tripped me up for hours.
Did you add the ‘Address’ tag to your torrc?
You’ll have to get your WAN (public) IP address and put it in… so for instance:
Address 68.137.126.29
That’s just an example, with an IP address pulled from thin air, but you get the idea.
Every time you change your dynamic IP address, you’ll have to edit your torrc to update it with your new public IP address.
I’m having the same problem, my Tor node can’t find my public IP address (double-NAT’d, dynamic IP address connection). Putting ‘Address’ into torrc fixed it.
