Why built-in Snowflake bridge show as offline in relay search when built-in Snowflake bridge available?
Built-in Snowflake bridge fingerprints:
https://metrics.torproject.org/rs.html#details/2B280B23E1107BB62ABFC40DDCC8824814F80A72
https://metrics.torproject.org/rs.html#details/8838024498816A039FCBBAB14E6F40A0843051FA
Both of these bridges are actually handled by a dozen tor instances claiming to be a single one. This is done to handle the large amount of snowflake users and considering how tor is still mostly single-threaded.
The pipeline used to generate metrics isn’t too fond of that, and this has numerous effects on what it reports. Notably, these bridges appears often (always?) offline, the name keep changing every hour or so (flakey11 and crusty6 were the chosen ones when I started writing, now it’s flakey11 and crusty8), and in general, things metrics.tpo shows about them is related to only one of the (currently) 12 instances, and isn’t an aggregation of all bridges under the same fingerprint.
@trinity-1686a there may be much easier explanation: it happens because of bug, which no one wants to deal with:
https://gitlab.torproject.org/tpo/anti-censorship/team/-/issues/112
https://forum.torproject.org/t/my-bridge-seems-to-be-offline/6117/1
Same “offline for 2 hours” happens also for Conjure bridge:
https://metrics.torproject.org/rs.html#details/A84C946BF4E14E63A3C92E140532A4594F2C24CD
It have single instance, right?
The real direct reason is that the Snowflake bridges do not expose their ORPort—see ORPort 127.0.0.1:auto
in the Snowflake bridge installation guide. It does not have to do with multiple instances. The ORPort is what determines whether the bridge is “online” or “offline” in the field you’re looking at, even though the ORPort has nothing to do with the correct operation of the bridge’s pluggable transport port. It’s a legacy of a time before there were pluggable transports to consider. It is still unfortunately a limitation that ordinary pluggable transport bridges need to export their ORPort in order to be considered “online” and be distributed by rdsys. But the default bridges, including the Snowflake bridges, do not need to be distributed by rdsys, and therefore they can close their ORPort. Ideally, it will be possible for all bridges to do the same in the future.
Why these bridges not reported as permanently offline then?