[tor-relays] Ext Relay Operators: Please Upgrade to 0.4.7.7!

Tor 0.4.7.7-stable contains a very important performance improvement, called Congestion Control.

You can read more about this improvement here:

The TL;DR is that users of Tor 0.4.7 will experience faster performance when using Exits or Onion Services that have upgraded to 0.4.7.

We have packages in available for Debian, Ubuntu, Fedora, CentOS, and BSD:
   - Debian: Why and how I can enable Tor Package Repository in Debian? | Tor Project | Support
   - Ubuntu: How do I make sure that I'm using the correct packages on Ubuntu? | Tor Project | Support
   - Fedora/CentOS: How can I install Tor rpm package | Tor Project | Support
   - BSD: [tor-relays] BSD tor ports/packages and impending 0.4.7.7 release

We would like to have a large fraction of Exit relays upgraded before our next Tor Browser Stable Release, on May 31st. Please let us know if you have any problems upgrading to this release.

Additionally, while non-Exit relays do not need to upgrade, they will notice the effects of congestion control.

All relay operators who pay for bandwidth by the gigabyte may want to consider enabling hibernation, to avoid surprise cost increases:

All relays may also experience higher CPU usage. If this is a problem, rate limiting relay bandwidth will also help:

We also recently fixed an issue with overload reporting in 0.4.6.10 and 0.4.7.7:

This should mean that there are far fewer false positives in the overload reporting on Relay Search.

If after upgrading to either of those versions, you still see overload, please see:

P.S. There is a known warn bug with vanguards-lite on first startup. It is harmless: Frequent Warn: Failed to find node for hop #2 of our path (#40603) · Issues · The Tor Project / Core / Tor · GitLab

Is that why the advertised bandwidth jumps well over 100 MB for some relays?
On April 25, for some, it went up steeply. Some have even overtaken XOR, the
fastest exit so far. Or is a bwauth on steroid?
https://metrics.torproject.org/rs.html#search/flag:exit%20

by the way:
Buster also has a kernel upgrade. Upgrade Tor and reboot go well together.

lists@for-privacy.net:

Tor 0.4.7.7-stable contains a very important performance improvement,
called Congestion Control.

You can read more about this improvement here:
Congestion Control Arrives in Tor 0.4.7-stable! | The Tor Project

The TL;DR is that users of Tor 0.4.7 will experience faster performance
when using Exits or Onion Services that have upgraded to 0.4.7.

Is that why the advertised bandwidth jumps well over 100 MB for some relays?

Yes, we believe that's caused by the congestion control arriving in 0.4.7. You see as well a general jump in advertised bandwidth:

https://metrics.torproject.org/bandwidth.html?start=2022-02-04&end=2022-05-02

That's similar to the flooding experiments we did earlier last year, which you might recall, and is expected.

On April 25, for some, it went up steeply. Some have even overtaken XOR, the
fastest exit so far. Or is a bwauth on steroid?

Nope. No bwauth on steroids.

Georg

Tor 0.4.7.7-stable contains a very important performance improvement,
called Congestion Control.

....

We have packages in available for Debian, Ubuntu, Fedora, CentOS, and
BSD:
- Debian: Why and how I can enable Tor Package Repository in Debian? | Tor Project | Support
- Ubuntu: How do I make sure that I'm using the correct packages on Ubuntu? | Tor Project | Support
- Fedora/CentOS: How can I install Tor rpm package | Tor Project | Support
- BSD:
[tor-relays] BSD tor ports/packages and impending 0.4.7.7 release

Anyone know when the EPEL TOR packages will updated? The EL 8 repos only
offer 0.4.5.11. EL 9 is only a little newer with RPMs for TOR 0.4.6.8.
Fedora 35 and 36 (with the latter launching today) have only been
updated to 0.4.6.9. As of now, it appears that only Fedora 37 has been
updated to 0.4.7.7.

Yes, I know, there is a 0.4.7.7 RPM for EL 8 inside the TOR repo, but
I'm wondering if anyone knows when the Fedora/EPEL repos will be
updated? Anu more importantly why they haven't been updated already?
When I compared the packages from EPEL and TOR a couple of years ago
(both offered the sane TOR release at that point) I discovered the TOR
package was built differently - assuming thta is still the case, it
means the RPMs aren't interchangeable for someone with a torrc file that
has evolved beyond the default.

Fedora repo for the TOR package:

https://src.fedoraproject.org/rpms/tor

Drect download Link for the TOR repo RPM in case anyone wants it:

https://rpm.torproject.org/centos/8/x86_64/tor-0.4.7.7-1.el8.x86_64.rpm

L~

I don't know the philosophy of Fedora/EPEL (CentOS/RHEL). In general, no
configuration-breaking software is installed on productive systems.
With debian, once the release is frozen and stable, there are _no_ upgrades.
This is the main reason for the stable archive! There are only updates,
security updates in the 'stable main' archive
Some new features are offered in backports if they don't break configs of
stable packages. There are very few upgrades (virus scanners and timezone
data) in stable-updates, formerly volatile.

Therefore, Tor upgrades with new features must be installed from the Tor
project repro.
EPEL (CentOS/RHEL) may have a similar policy and you must grab packages from
the Tor project if you want to upgrade.

EPEL generally never updates anything major, and I think in this case
they counted it as a major update. More details can be found at [0].

[0] EPEL Updates Policy - Fedora Project Wiki

Kushal

You are correct, in that they don't like to replace a version package to
get trivial updates or new features. BUT for critical issues, they
either backport the requisite fix/feature/code, or if that isn't
feasible, update the package. And if using 0.4.5.11 means those relays
will get booted from the network, it would seem to qualify as important.

I don't know about EPEL, but Red Hat, if it's possible, likes to release
major package update along with an OS point release. For example, a
number of packages got major upgrades along with the 8.5 to 8.6 release
on May 10th.

I don't have any inside info, which is why I asked the list. But I think
that when it comes to EPEL packages, the community maintainer makes
these kinds of decisions. And Mister Perry did a good job of making the
update sound important. So I was wondering if a) anyone was in touch
with maintainer, or he was on this list, and could tell us when an
update would arrive, etc?

L~

I am not sure if the EPEL maintainer is on this list. I started
building the rpm packages because I found there were a delay in getting
the latest Tor packages in Fedora. And that was before the current
maintainer at Fedora picked up from the previous maintainer.

This is also the reason why I keep pushing the latest update to our rpm
repository.

Kushal