Why run Tor Relay?
Running Tor Relay, you can help Tor network:
- Become faster (hence better)
- Harder to attack
- Become stronger
- Make users safer (more monitoring of more relays is more difficult)
—— Official Guide of Onion Routing Network
(Actually Tor has become faster because of more and more relays. (Sure)
Depending on the type of Tor relay you want to run, the node hardware requirements are also different.
Bandwidth and connection
The most important thing about Tor relay is the bandwidth requirement.
A non-egress relay needs to be able to handle at least 7000 concurrent connections. Consumer-level routers may directly dog the dog with so many connections. IDC is definitely no problem, fast exit relay (100Mbp +) generally needs to handle much more connections (100K +).
It is recommended that the relay provide Tor with at least 16 Mbps of peer-to-peer bandwidth. The minimum requirement for trunking is 10Mbps.
Tor relay uses at least 100GByte of outbound traffic per month (and the same amount of incoming traffic), which translates to an average of 10Mbps per day. The recommended monthly flow is greater than 2TB. The best case is of course unlimited running.
Each relay requires a public IPv4 address, preferably directly on the host, or through NAT and port forwarding.
It does not need to be a static IPv4 address, but it is better to be a static address.
If you are a dynamic IP, it should remain unchanged for at least 3 hours. Because if you frequently change IP, it does n’t make much sense to run a relay or bridge on this machine, because the relay IP list is only distributed once per hour.
An additional IPv6 connection is recommended, but it is not required.
Note: Each public IPv4 address can only run up to two Tor relays. If you want to run more than two relays, you will need more IPv4 addresses.
A 40Mbps non-exit relay requires at least 512M.
40Mbps + non-exit relay requires at least 1GB.
The export relay recommends that each Tor instance has at least 1.5G.
Tor doesn’t take up much space, generally it won’t exceed 200M.
Any modern CPU can run
It is recommended to use a CPU with AES-NI support to improve performance. It can run 400-450Mbps peer-to-peer on a single machine and a single instance.
aeswill support AES-NI.
Ready to work
Debian users can directly install the official Tor maintenance latest deb package, which is very convenient.
(Be aware that a long time ago the latest version of Tor needed to be compiled manually. Now life is much better. It turns out that OpenSSL and Tor and various dependent ./configure can have another nonsense (perfect Tor node) possibility?))
We need to
Debian Busterrelease to install the Tor program. (Will not upgrade? Debian 9 upgrade Debian 10 )
The directly installed version belongs to the Tor of the ancient LTS version, and we install this in 8.
First add the key that Tor officially uses to sign the package.
curl https://deb.torproject.org/torproject.org/A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89.asc | gpg --import gpg --export A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89 | apt-key add -
/etc/apt/sources.listadded the official source.
echo ' deb https://deb.torproject.org/torproject.org buster main deb-src https://deb.torproject.org/torproject.org buster main ' >> /etc/apt/sources.list
Update and install tor and official keyring to ensure the signature key is synchronized
apt update apt install tor deb.torproject.org-keyring
Tor is now installed and started.