Relay's ORPort reachability

Hello everyone, I set up a relay last night following Tor’s guide + adding a couple things I thought may be useful seen on other guides or review videos. After firing it up everything worked fine at first, I had some traffic going on according to nyx, mostly download, almost no upload was made. After having to restart the service everything went off, almost no traffic at all and after the first 20 minutes I got a warning stating the following (output of journalctl | grep 'Tor'):

Aug 02 10:15:41 tor-relay Tor[1253]: Unable to find IPv6 address for ORPort 443. You might want to specify IPv4Only to it or set an explicit address or set Address. [59 similar message(s) suppressed in last 3540 seconds]

Aug 02 10:35:41 tor-relay Tor[1253]: Your server has not managed to confirm reachability for its ORPort(s) at [IP]:443. Relays do not publish descriptors until their ORPort and DirPort are reachable. Please check your firewalls, ports, address, /etc/hosts file, etc.

I just added IPv4Only right next to ORPort 443, which I guess it should solve that warning. But unless I configure an IPv6, isn’t it supposed IPv4 to be default? I don’t know, it looks a little odd to me, but whatever.

About ORPort reachability, I’m running an instance on Oracle Cloud, set up ORPort on port 443 as it is open by default on VCN config. Same for DirPort on port 80. Oracle assigns my instance a public IP address, as well as a private one.

Here’s my config, did I mess up anywhere? I’m also sharing the instance’s VCN config:

SocksPort 0
DataDirectory /var/lib/tor
ControlPort 9051
CookieAuthentication 1
ORPort 443 (I just added IPv4Only)
Nickname [whatever]
ContactInfo [whatever]
DirPort 80
ExitRelay 0

SOLVED. After reading for quite some time, I came across this problem, which suggests not using UFW as it is problematic with Oracle’s Firewall. Instead, directly manipulate iptables.

#Host Infraestructure

Only directory authorities broadcast their directory address, other relay types no longer use this as of Tor and later.

Alright, I may change that to fine-tune my config. Do you know where can I read more documentation about these options? I’ve spent quite some time reading descriptions provided by nyx on page 3, but can’t really understand when something is useful or not. Thanks in advance

You can read the ## Comments from the torrc sample file in the Tor Github repository for explanations of the available options.

Probably the most useful feature to add to your own torrc file is a reachable IPv6 ORPort. IPv4 address spaces are becoming exhausted so network operators have been incentivized to offer IPv6 addresses for free. I highly suggest checking if Oracle has already provisioned an IPv6 address for your instance.

If you have not already done so, read and act upon the relay post-install and good practices.

Thank you for choosing to become a Tor relay operator.

Thank you for your advise. IPv6 has now been enabled and is working. Not an easy task without some help for a first-timer in Oracle’s Cloud Infraestructure.

Before configuring my relay I made sure to read every line in torrc - and that’s why I enabled DirPort 80 at the beginning, as it says without any further information:

Uncomment this to mirror directory information for others. Please do if you have enough bandwidth.

Since the torrc file hasn’t been updated since early 2019, many of us may try to add additional configuration that isn’t that useful at first.

1 Like

Right, I almost created an entry for the DirPort with my recent relay too, but I always cross-reference with other sources of information. The Tor Project Forum helped me out in this regard.

My torrc file is even older than that because I configured my relay using the Debian instructions instead - it does not even mention exit relays in the torrc file.

1 Like

This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.