I own a Tor relay in Russia. And, of course, I experience all the difficulties of our censorship now. My relay was working pretty well until last days. Now it cannot connect to the Tor network.
Firstly, I’d like to ask you: does it make sence to maintain the relay in such hard conditions? Is it still useful for the community and users?
Secondly, if you answer positively, here is my next question. What cam you advise to overcome the censorship for the relay?
I have *nix system with the newest Tor 0.4.7.7 and here is my current torrc:
SocksPort 9050 # what port to open for local application connections
Log notice file /var/log/tor/notices.log
ORPort 0.0.0.0:9001 IPv4Only
BandwidthRate 500 KB
BandwidthBurst 750 KB
ClientTransportPlugin obfs4 exec /usr/local/bin/obfs4proxy
ServerTransportPlugin obfs4 exec /usr/local/bin/obfs4proxy
<several lines "bridge obfs4 ...">
Is this config correct? Before the problem, I didn’t use bridges and BridgeRelay option. Now I tried to use but anyway I fail to connect. Usual last line in my log file are:
May 03 14:56:19.000 [notice] Bootstrapped 0% (starting): Starting
May 03 14:56:25.000 [notice] Starting with guard context "default"
May 03 14:56:25.000 [notice] Registered server transport 'obfs4' at '[::]:29669'
May 03 14:56:26.000 [notice] Unable to find IPv4 address for ORPort 9001. You might want to specify IPv6Only to it or set an explicit address or set Address.
May 03 14:56:26.000 [notice] Bootstrapped 5% (conn): Connecting to a relay
May 03 14:59:01.000 [warn] Problem bootstrapping. Stuck at 5% (conn): Connecting to a relay. (Operation timed out; TIMEOUT; count 10; recommendation warn; host ***** at *****:443)
May 03 14:59:01.000 [warn] 9 connections have failed:
May 03 14:59:01.000 [warn] 9 connections died in state connect()ing with SSL state (No SSL object)
May 03 14:59:02.000 [warn] Problem bootstrapping. Stuck at 5% (conn): Connecting to a relay. (Operation timed out; TIMEOUT; count 11; recommendation warn; host ***** at *****:443)
May 03 14:59:02.000 [warn] 10 connections have failed:
May 03 14:59:02.000 [warn] 10 connections died in state connect()ing with SSL state (No SSL object)
May 03 14:59:02.000 [warn] Problem bootstrapping. Stuck at 5% (conn): Connecting to a relay. (Operation timed out; TIMEOUT; count 12; recommendation warn; host ***** at *****:443)
I will be glad to your advice and support. I don’t want to give up
Sorry for the late answer.
Is this config correct? Before the problem, I didn’t use bridges and BridgeRelay option. Now I tried to use but anyway I fail to connect.
With those settings, you enable the obfs4 options, it means that your relay becomes a bridge. You can read the differences between a middle relay and a bridge here : Tor Project | Types of relays on the Tor network
→ If you want to set your server as a bridge : Have you allowed the obfs4 port in your firewall / router ?
You can add this setting into the torrc file to put a specific obfs4 port to your bridge (port 443 is recommended to bypass restrictive firewalls) :
ServerTransportListenAddr obfs4 0.0.0.0:443
Last thing you need to check since your server is a bridge, I recommend that you read the answer someone has sent today on the forum which helps to know if your bridge is blocked in Russia : Periodically disposing of current public IP on bridge node, a good thing? - #6 by irl
Maintaining a bridge or relay in a censored country (like Russia) is very difficult and you always have to change the IPv4 address if it is a bridge, which makes the task too long and complex to do over time.
Since you are hosting inside, it is not easy for you and you risk to be blocked very often because they observe the network to block Tor.
For these reasons it is not recommended to host there, although it is still feasible.
Don’t hesitate to give feedback or ask questions if you still have some, thanks for helping the network
I don’t know if you’re familiar with OONI, but it would be great to test and measure Internet censorship in Russia. You can run ooniprobe to collect which websites and services are blocked in your ISP.
From your logs, it looks like it can’t find your public IP address.
[notice] Unable to find IPv4 address
So add your public IP address to your torrc:
… where the 'x’s are your public IP address.
ORPort 0.0.0.0:9001 IPv4Only
Tor port of your choice.
This port must be externally reachable.
Avoid port 9001 because it’s commonly associated with Tor and censors may be scanning the Internet for this port.
So I’d change it to something else, for instance:
ORPort 0.0.0.0:8888 IPv4Only
Also, you need to specify a port for your OBFS4 bridge:
ServerTransportListenAddr obfs4 0.0.0.0:8787
Thank you. I’ve just installed OONI and made the first run of ooniprobe.
Thank you but nothing helped. I changed the port etc but still get a log message “Unable to find IPv4 address…”
My server is behind router (port forwarding ok) and has dynamic IP. OS FreeBSD. I suppose this problem is a consequence of misconfiguration, not censorship.
By the way, after adding this string into config:
ServerTransportListenAddr obfs4 0.0.0.0:4932
and restarting Tor service I get a log message:
Registered server transport 'obfs4' at '[::]:4932'
It connects to IPv6 though I set IPv4. Strange.
Check your computer’s firewall, to be sure the correct ports are opened for Tor. I messed that up the first time. Check carefully, I’d transposed two numbers and that was what tripped me up for hours.
Did you add the ‘Address’ tag to your torrc?
You’ll have to get your WAN (public) IP address and put it in… so for instance:
That’s just an example, with an IP address pulled from thin air, but you get the idea.
Every time you change your dynamic IP address, you’ll have to edit your torrc to update it with your new public IP address.
I’m having the same problem, my Tor node can’t find my public IP address (double-NAT’d, dynamic IP address connection). Putting ‘Address’ into torrc fixed it.