Run a Tor node
I am running a Tor relay node and I can highly recommend it. It’s not hard at all and it gives you a good feeling, knowing that you’re helping people in countries where ordinary Internet users are prohibited from reaching the rest of the world.
Here’s how you do it on a NetBSD 5.0 system.
If you’re going to push anything more than a couple of hundreds of kilobytes of data on a NetBSD system, you’ll have to do three things in order to have any success:
- Increase the system maximum number of file descriptors
- Increase the tor process maximum number of file descriptors
- Increase the number of NMBCLUSTERS
A tor node (which is not a bridge node) will eventually establish a TCP connection with each and every other Tor node in the network. This currently means that about 1600 file descriptors is going to be needed for this purpose only. On top of this, any potential Tor client needs its own TCP connection and file descriptor. I decided to increase the system maximum from 1,772 to 20,000.
To do it once:
$ sudo sysctl -w kern.maxfiles=20000
And to make the change survive a reboot, add kern.maxfiles=20000 to /etc/sysctl.conf.
I decided to let the tor process have 15,000 of these by putting this in the script that I use for starting the tor process:
ulimit -n 15000
The last resource that needs tweaking is the NMBCLUSTERS setting in the kernel. I figured 4096 would be a good number for this. It has to be set in the kernel configuration file and the kernel needs to be rebuilt and installed.
I use commands like
printf "#connections | open files | mbuf clusters\n"
printf "%d %d %d\n" \
`netstat -nf inet | egrep ESTAB | wc -l` \
`fstat -p $TORPID | wc -l` \
`netstat -m | awk '/allocated to data/{print $1;}'`
to keep an eye on how these numbers progress and
ps axuwwl | head -1; ps axuwwwl | egrep bin/tor
to see how much RAM the Tor process is using. I’m sure that you can come up with more elaborate things than this yourself.
I use these three tools to keep track of how much traffic I’m pushing:
Please make sure that you don’t expose your statistics to the rest of the world without adding about six or more hours of delay — it may help attackers finding out things about your traffic that can harm your Tor users. Thanks.
