New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Wanted: Cheap KVM for TOR Relay (Low Mem, High BW)
raindog308
Administrator, Veteran
in General
Listening to the BSD Now podcast, they observed that the TOR relay system needs added platform diversity. And since I'm a BSD guy, I thought I'd run one to contribute, as that is an under-represented platform.
I've looked at some options. My favorites (BuyVM, Ramnode) are of course possibilities. A few provides specifically say "no tor" in their AUP (SecureDragon, Crissic, Iperweb). I don't want to spend much per month for this.
Any place else to look? I think 256MB RAM is enough to start...ideally at least 1TB BW but more would be better. When I've run a relay before, it was very low CPU and I don't need hardly anything for disk.
BuyVM or Ramnode are $3.50-$5.00 per month for 256MB/1TB, which might be the best options...?
Comments
I'm not sure if it's KVM, but http://www.domflow.it/oneplans.php
I hear good things about them.
Iperweb says no exit Tor nodes but relays can be except on Biz servers were low latency and high availability are critical.
@black Looks like it is. When you go to purchase you can pick Windows or FreeBSD. So, depending on the TOS, would probably be a solid choice.
No mention of tor in DomFlow's tos.
DomFlow does allow Tor relays.
But Tor is not low-CPU at all, in fact that's usually the botneck.
We have 512MB/1TB KVM in Toronto at $3.6/mo (https://dynamic.lunanode.com/info.php); you can upload ISO from the control panel. CPU policy is < 20% per vcore (as viewed on host node) on average.
@raindog308 So can people running TOR on BSD only connect to BSD relays/exits? I'm a little confused what you mean by "the TOR relay system needs added platform diversity". I've got a 256MB KVM VPSs with BuyVM in their LV location I don't use for anything but don't want to cancel it. I can throw BSD and a TOR relay node on it if it will help out.
You can try it here http://itldc.com/
No, the idea was that within the TOR relay network, the overwhelming percentage of systems are Linux. Quoting from BSD Now Episode 63 (which is quoting from the tor-relay mailing list), the TOR network consists of the following OSes:
So that's 7,892 severs of which Linux is 76%. So if there is a serious Linux bug or vulnerability - for example, shellshock - it could take 76% of the TOR network offline.
That's not to say that there couldn't be a serious Windows or Mac or FreeBSD bug/vuln but the point is that if you lost all the FreeBSD machines, you'd lose only a small fraction. The problem is that 76% is Linux - not that there's anything wrong with Linux, it's just a problem when the entire ecosystem is so heavily put on Linux. Imagine if TOR was 100% Linux and shellshock II came along...
The idea is that platform diversity contributes to availability is not unique to this case. For example, Verisign runs the .com root servers with 1/3 Linux, 1/3 FreeBSD, and 1/3 Solaris just so that if tomorrow there's a serious bug or vuln in Solaris, they don't lose the root servers.
I admit it's somewhat theoretical but that's the discussion.
Oh, and anyone using TOR can connect to any OS - that's my understanding, anyway. TOR just forwards packets so you really have no idea what OSes you're going through.
I was about to chime in to explain it, but you did it much better. Thanks.
However, if there is a serious enough bug to put down all Linux kernels on the net (if it targets something else chances are UNIX will be affected too, even share some kernel vulnerability in some conditions), we will have enough Tor left to put up with the remaining part of the interwebs.
Oh, that makes sense. I never even thought of that.
if all the other platforms have trouble, its nice to know that BSD will be there to keep the CP flowing.
A bit off topic, but my favorite piece of this thread is the tag. I'm surprised nobody has mentioned it already.
@Pwner: This tag is great, and probably makes more sense than @JoeMerit's 'flow' regarding the 'why' of that stuff.
If so though, don't worry it's not going to be down too easily.
@raindog308 , do you have some links to why BSD and how is its maintenance for example frequent updates? is it easy to manage and ready to go after install etc ... sorry its off topic but wanted to know if its time to discover the BSD world! Thanks
@raindog308 Basically what @ehab said. Any good guides to getting started with BSD?
@ehab & @mikeyur - regarding FreeBSD the FreeBSD Handbook is what comes to mind:
https://www.freebsd.org/doc/handbook/
Pretty well documented...
freebsd-update fetch
freebsd-update install
freebsd-update rollback
*BSD is one hell of the most stable system in the world. We live by a simple principle. If it secured, stable and not broken, don't fix
There will be some issues for people coming from Linux, but it has all the tools linux has. You will just need to put up with different names, different structure and some (rare) things are not ported yet.
Linux's main advantage is the ecosystem, there are way more people developing for Linux and when they port it to bsd, it is a low priority issue, but BSD does have some advantages which are not (well enough) ported to Linux such as ZFS.