[tor-relays] Tor Relay Operator Meetup - April 15th, 2023 at 19 UTC

Hello,

The next Tor Relay Operator Meetup will happen on April 15th, 2023, at 19 UTC.

We're still working on the agenda, feel free to add your topics and/or
questions on the pad:
https://pad.riseup.net/p/tor-relay-op-meetup-april-keep
onionsite:
http://kfahv6wfkbezjyg4r6mlhpmieydbebr5vkok5r34ya464gqz6c44bnyd.onion/p/tor-relay-op-meetup-april-keep

WHERE
Room link: Tor Relay Operator Meetup

Registration

No need for a registration or anything else, just use the room-link
above. We will open the room 10 minutes before so you can test your mic setup.

Please share with your friends, social media and other mailing lists!

Gus

Reminder! This event is in 21.5 hours, which depending on your
time zone might count as "tomorrow".

Looking forward to seeing you there,
--Roger

Hello,

Thanks everyone who joined us in the last meetup, in April.
Here are the meetup notes, sorry for taking a long time to send it to
the list.

We're still figuring out the next meetup date -- probably June 24 --
and we will announce officialy soon here in the list.

In the next weeks Tor staff will be at SIF[1] and Rightscon[2].
If you're joining these events, come to say hi!

cheers,
Gus
[1] https://stockholminternetforum.se/
[2] https://www.rightscon.org/

# Tor Relay Operator meetup - 2023-04-15 . 19.00 - 20 UTC

## Agenda

### Announcements

- Update on Censorship in Turkmenistan:
    - obfs4 bridges on residential connections + obfs4 port 80, 443, 8080
    - Paper: [2304.04835] Measuring and Evading Turkmenistan's Internet Censorship: A Case Study in Large-Scale Measurements of a Low-Penetration Country
    - TMC dashboard: https://tmc.np-tokumei.net/
    - Article:
      New study finds internet censorship in Turkmenistan reaches over 122,000 domains · Global Voices
- Tor relays running EOL
- Tor Weather - https://weather.torproject.org
    - `HTTP/1.1 503 Service Unavailable` womp womp.
    - Right, I'll enable the service on Monday again and, hopefully, it
      will stay available longer than the last time(s). Pretty bumpy launch --GeKo
- Google Summer of Code
  - We might have two network health related projects; the application
    deadline is over and we are sorting through proposals. Those are for
the relay-to-relay connectitity checking tool and the network status API
projects on: GSoC · Wiki · The Tor Project / Organization · GitLab. If we
are lucky, we get mentees for both of them, we'll see... --GeKo
- DoS update
  "Load decreased by ~80% for our servers consistently. It's quite
manageable now. Servers are mostly idling now even without all the
attacks"

- Upcoming EFF university Tor relay advocacy campaign, still taking
  shape but now with a more detailed roadmap:
    EFF University Tor relay advocacy campaign (#67) · Issues · The Tor Project / Community / Relays · GitLab
- The Tor network has a status page! https://status.torproject.org/ --
  on this page we try to summarize critical issues about which pieces of
our infrastructure are having issues.

### (Discussion) Proposals towards a more trusted relay operator
community

- Timeline of this process

October 2022 - January 2024

- We called for proposals from the community (March 3 2023)
- Work on proposals (TPO) (like meta proposal about the process and
   governance and different stake holders) (March/April)
- Proposal evaluation (May/July)
- Events and offline discussions with community (August/September)
- Approving proposals after feedback from the community and figuring
   out the details of enforcement/adhering to them (September-December)
- Proposals go live (January 2024)

### Status update on the "Bumping the 4 relays per ip to 8 relays per
ip"?

We want to do the analysis for the bump to 4 relays per IP which won't
happen in April anymore but I try to sneak this into my May ToDo list.
Afterwards we can consider bumping the limit further in case the
analysis looks fine as expected. --GeKo
^^ I made a change to moria1 so it publishes its

AuthDirMaxServersPerAddr value in its v3 vote:
Consensus health so we can know
if the dir auths are even allowing the new 4 number yet. Alas, it
appears that I am still the only dir auth using this patch.
dir auths should advertise their AuthDirMaxServersPerAddr value (#40753) · Issues · The Tor Project / Core / Tor · GitLab seems to think
it will be in an upcoming Tor version. --Roger

### Q&A

Q: Is there a way for me to tell if my bridge is reachable from
Turkmenistan?
pass your bridge address to users in-country and ask them to test your
bridge. Email gus@ if you want to learn the answer! Only residential
connections are working there, so 'cloud' (data center) obfs4 bridges
probably do not work.

Q: Is it still unwise to run both a snowflake and also an obfs4 bridge
at home?
if one of them gets your IP address blocked by a censor somewhere, then
the other one will end up blocked too.

Q: What if my IP address changes every few hours?
because clients will learn about your address too late to use it. *But*,
this is a perfect situation for running a Snowflake proxy!

Q: When will we start bumping out Tor relays running 0.4.5?
because they are more scarce. We might make an exception for 0.4.5
bridges that are popular.
Update:

Q: Re: the EFF University Relay campaign, University libraries will be
helpful here; did anything much result from the Library Freedom
Project's Tor Exit Relay Project?
(https://libraryfreedomproject.org/torexitpilotphase1/)
as UNC's ibiblio project. But yes you make a great point that Alison and
the LFP folks are good resources here. I will make an internal note to
remind ourselves to connect to them when the time is right.
^ It seems there are some relays running right now in the network that
are LFP-related, so an easy first step would be to label them better so
we can celebrate them more.

Q: Does anyone know why increased inbound ORPort connection rates no
longer result in increased CPU usage on relays?
many connections then receiving another one involves a surprising amount
of work because Tor is inefficient with its data structures somehow? Or
maybe, the inbound connections used to be doing something especially
expensive and denial-of-service-y, and 'normal' Tor connections don't do
that? Let us know if you have any more hints and have any new info.

Q: Do you have an estimate of how many relay operators there are? (Or
maybe a count of "good" operators)
same thing. One of our upcoming plans is to build a tool for us to
annotate which relays and relay operators we 'know', which will let us
better understand how much of our relay operator community we are
already connected to. The idea isn't to accuse the un-annotated people
of being bad, but it's to have a starting point to map who we know.

Q: Are there any long-term plans to have Arti be used for relays?
    The Tor Project / Core / Arti · GitLab
    Announcing Arti, a pure-Rust Tor implementation | The Tor Project
    "And then? We also want support for running a Tor Relay in Rust."
It probably won't even start until 2024, *if* our funding proposals
get approved etc. Alex and Micah are good people to ask about details
and timeline.

Q: What would it take to get an official Docker image for relays? It
would be very helpful for those of us running multiple daemons on the
same machine on high bandwidth uplinks. Currently available open source
versions each have severe limitations or bugs

Q: Could you include a dateful.com link for future events? It makes it
easier across timezones.
- Maybe an ical people can import would be nice?
Could someone provide a website that doesn't track and collect users
data?

Q: After the last meetup trinity worked on
add new metrics entry for cert expiration (!698) · Merge requests · The Tor Project / Core / Tor · GitLab and it
is stuck since then. What is the best way to get this moving again?
unstuck?

Q: Can you publish a list of events and offline meetings (including
date) that you have in mind regarding the trusted relay operator
community?
https://blog.torproject.org/ but you're right that we don't have a
separate section specifically for relay operators. It is a good
suggestion -- we should try harder to organize and announce and schedule
in-person meetups at various hacker cons.

Q: Can we get metricsport documentation at some point, what is a
realistic timeframe?

Q: I recently tried Freedombox, which can operate over Tor. Per default
it enables relay functionality after installing the Tor app. However, if
using Tor to access Freedombox via a hidden service, this is considered
to potentially deanonymize the server location, right?
because being a relay exposes some potential side-channel issues: people
can send traffic through your relay, and also send traffic to the onion
service, and notice congestion that correlates. So if you care enough
about the privacy of your onion service, consider not doing both. (If
you don't care much about the privacy of your onion service, it is fine
to do both.)

Q: Another issue with Freedombox, or Debian (as it is based on it) is
that Tor version is 0.4.16, which is considered obsolete. However,
adding the Debian Tor repository doesn't work either, as upgrading fails
due to missing libevent>=2.1.8 dependency. Any workaround or solution
for that?
Debian bookworm might have exactly the packages you want.