[tor-relays] Maybe the next step in russian Tor discrimination

Hello,

i have a relay at profitserver.ru at their Chelyabinsk location and recently the relay fell out of the consensus.

I can ping all authorities with IPv4 and IPv6 and torproject.org is not blocked.

I opened the ControlPort and tried to manually create circuits to the authorities.

extendcircuit 0 authoritynickname

getinfo circuit-status

I observed that i can successfully create circuits to no more than three authorities and it seems to change to which authorities i can create circuits.

The unsuccessful circuits stay in EXTENDED but never reach BUILT until Tor gives up eventually.

Currently no other of my russian relays are affected.

I am not an expert with the ControlPort but i hope this is proving what i tried to prove.

Here is the conversation with the support:

me:

Hello,

I am running a (non-exit) Tor relay on the VPS and it stopped working a few weeks ago.

I can ping the Tor authorities IP addresses but when i try to manually create a Tor circuit it seems to timeout 6 out of 9 times which indicates some blocking attempts on your (or your upstream providers) side.

I have a couple of other Tor relays in russia and i have never seen routinely failing manually created circuits to the Tor authorities.

Do you block Tor or do you otherwise mess with Tor traffic?

support agent:
Hello, i can’t say something about TOR network, now.
We have black box from government, which can control traffic, and perhaps block TOR.
Ourselves don’t block TOR

me:
Thanks for your answer.
The TSPU from Roskomnadzor that is doing Deep Packet Inspection?
I feel with you and all the russian citizens…
Good luck

support agent:

Maybe it’s a black box

If this is indeed their blackbox messing with Tor traffic then it is quite subtile because it does not block torproject.org and pings to the authorities are going through.
The relay suddenly was online for one consensus in the last weeks and i can still use it when i manually set it as a Guard in my Tor client.

So if you run a relay in russia and you experience weird stuff with it then you may not only want to check if you can reach the authorities by ping but you may want to try to manually craft a circuit to all of them.

Hope that helps anyone

Cheers

On 02.01.2022 16:09, abuse--- via tor-relays wrote:

Very interesting!

I have two VPS at different locations with justhost.ru (IQ Data St.
Petersburg and DataLine Moscow - AS51659) and have also noticed a
change:

- on December 30th, both servers could not reach deb.torproject.org
and the torproject.org web page. Both IPv4 and IPv6 were blocked.

- I tried again today and everything worked fine. I even downloaded
the tor browser bundle for Windows over one of the servers just to see
if it works. It does and the signature also checks out (verified on a
different server outside Russia)

- running tor nodes at both locations continues to work

Best Regards,

Kristian

Jan 2, 2022, 08:22 by torrelaysaregreat@gmail.com:

Hello,

i have a relay at profitserver.ru [1] at their Chelyabinsk location
and recently the relay fell out of the consensus.

I can ping all authorities with IPv4 and IPv6 and torproject.org [2]
is not blocked.

I opened the ControlPort and tried to manually create circuits to
the authorities.

extendcircuit 0 authoritynickname

getinfo circuit-status

I observed that i can successfully create circuits to no more than
three authorities and it seems to change to which authorities i can
create circuits.

The unsuccessful circuits stay in EXTENDED but never reach BUILT
until Tor gives up eventually.

Currently no other of my russian relays are affected.

I am not an expert with the ControlPort but i hope this is proving
what i tried to prove.

Here is the conversation with the support:

me:

Hello,

I am running a (non-exit) Tor relay on the VPS and it stopped
working a few weeks ago.

I can ping the Tor authorities IP addresses but when i try to
manually create a Tor circuit it seems to timeout 6 out of 9 times
which indicates some blocking attempts on your (or your upstream
providers) side.

I have a couple of other Tor relays in russia and i have never seen
routinely failing manually created circuits to the Tor authorities.

Do you block Tor or do you otherwise mess with Tor traffic?

support agent:
Hello, i can't say something about TOR network, now.
We have black box from government, which can control traffic, and
perhaps block TOR.
Ourselves don't block TOR

me:
Thanks for your answer.
The TSPU from Roskomnadzor that is doing Deep Packet Inspection?
I feel with you and all the russian citizens...
Good luck

support agent:

Maybe it's a black box

If this is indeed their blackbox messing with Tor traffic then it is
quite subtile because it does not block torproject.org [2] and pings
to the authorities are going through.
The relay suddenly was online for one consensus in the last weeks
and i can still use it when i manually set it as a Guard in my Tor
client.

So if you run a relay in russia and you experience weird stuff with
it then you may not only want to check if you can reach the
authorities by ping but you may want to try to manually craft a
circuit to all of them.

Hope that helps anyone

Cheers

Links:
------
[1] http://profitserver.ru
[2] http://torproject.org
_______________________________________________
tor-relays mailing list
tor-relays@lists.torproject.org
tor-relays Info Page

_______________________________________________
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Hi,
I’ve made the same experience with my node in RU.

Greetings,
Sebastian Elisa

On 02.01.2022 16:09, abuse— via tor-relays wrote:

Very interesting!

I have two VPS at different locations with justhost.ru (IQ Data St.
Petersburg and DataLine Moscow - AS51659) and have also noticed a
change:

• on December 30th, both servers could not reach deb.torproject.org
  and the torproject.org web page. Both IPv4 and IPv6 were blocked.

• I tried again today and everything worked fine. I even downloaded
  the tor browser bundle for Windows over one of the servers just to see
  if it works. It does and the signature also checks out (verified on a
  different server outside Russia)

• running tor nodes at both locations continues to work

Best Regards,

Kristian

Jan 2, 2022, 08:22 by torrelaysaregreat@gmail.com:

Hello,

i have a relay at profitserver.ru [1] at their Chelyabinsk location
and recently the relay fell out of the consensus.

I can ping all authorities with IPv4 and IPv6 and torproject.org [2]
is not blocked.

I opened the ControlPort and tried to manually create circuits to
the authorities.

extendcircuit 0 authoritynickname

getinfo circuit-status

I observed that i can successfully create circuits to no more than
three authorities and it seems to change to which authorities i can
create circuits.

The unsuccessful circuits stay in EXTENDED but never reach BUILT
until Tor gives up eventually.

Currently no other of my russian relays are affected.

I am not an expert with the ControlPort but i hope this is proving
what i tried to prove.

Here is the conversation with the support:

me:

Hello,

I am running a (non-exit) Tor relay on the VPS and it stopped
working a few weeks ago.

I can ping the Tor authorities IP addresses but when i try to
manually create a Tor circuit it seems to timeout 6 out of 9 times
which indicates some blocking attempts on your (or your upstream
providers) side.

I have a couple of other Tor relays in russia and i have never seen
routinely failing manually created circuits to the Tor authorities.

Do you block Tor or do you otherwise mess with Tor traffic?

support agent:
Hello, i can’t say something about TOR network, now.
We have black box from government, which can control traffic, and
perhaps block TOR.
Ourselves don’t block TOR

me:
Thanks for your answer.
The TSPU from Roskomnadzor that is doing Deep Packet Inspection?
I feel with you and all the russian citizens…
Good luck

support agent:

Maybe it’s a black box

If this is indeed their blackbox messing with Tor traffic then it is
quite subtile because it does not block torproject.org [2] and pings
to the authorities are going through.
The relay suddenly was online for one consensus in the last weeks
and i can still use it when i manually set it as a Guard in my Tor
client.

So if you run a relay in russia and you experience weird stuff with
it then you may not only want to check if you can reach the
authorities by ping but you may want to try to manually craft a
circuit to all of them.

Hope that helps anyone

Cheers

Links:

[1] http://profitserver.ru
[2] http://torproject.org

---

tor-relays mailing list
tor-relays@lists.torproject.org
tor-relays Info Page

---

tor-relays mailing list
tor-relays@lists.torproject.org
tor-relays Info Page