How may I run multiple Tor relay instances in a single Linux machine?

  • Suppose I have a Linux machine (for example Debian) with more than one public IPs, sufficient bandwidth, memory and CPU resources.

    How may I run more than one Tor relay instance in that single machine? Should there be different users that start every instance? How about the different torrc configuration files?

    Finally are there any implications from running two or more relays in a single machine ?

    If you run more than on relay, you should definitely set the MyFamily option in the torrc of each of them, see https://www.torproject.org/docs/faq.html.en#MultipleRelays.

  • perpetuity

    perpetuity Correct answer

    9 years ago

    Install Tor package:

    # apt-get install -y tor
    

    Create different data dirs:

    # mkdir /usr/local/var/lib/tor{1,2,3}
    

    Create as many as you want(have different IP Addresses) different configuration files:

    For example 3:

    1st

    # cat > /usr/local/etc/torrc1 << EOF
    SocksPort 9051
    Log notice file /usr/local/var/log/tor/notices1.log
    RunAsDaemon 1
    DataDirectory /usr/local/var/lib/tor1
    ControlPort 9061
    ORPort 9001
    ORListenAddress 1.1.1.1:9001
    Nickname relay1
    ContactInfo anonymous1 [email protected]
    DirPort 9031
    DirListenAddress 1.1.1.1:9031
    ExitPolicy reject *:*
    EOF
    

    2nd

    # cat > /usr/local/etc/torrc2 << EOF
    SocksPort 9052
    Log notice file /usr/local/var/log/tor/notices2.log
    RunAsDaemon 1
    DataDirectory /usr/local/var/lib/tor2
    ControlPort 9062
    ORPort 9002
    ORListenAddress 2.2.2.2:9002
    Nickname relay2
    ContactInfo anonymous2 [email protected]
    DirPort 9032
    DirListenAddress 2.2.2.2:9032
    ExitPolicy reject *:*
    EOF
    

    3rd

    # cat > /usr/local/etc/torrc3 << EOF
    SocksPort 9053
    Log notice file /usr/local/var/log/tor/notices3.log
    RunAsDaemon 1
    DataDirectory /usr/local/var/lib/tor3
    ControlPort 9063
    ORPort 9003
    ORListenAddress 3.3.3.3:9003
    Nickname relay3
    ContactInfo anonymous3 [email protected]
    DirPort 9033
    DirListenAddress 3.3.3.3:9033
    ExitPolicy reject *:*
    EOF
    

    There after just start three instance of tor with this config files as arguments:

    # /usr/sbin/tor -f /usr/local/etc/torrc1
    # /usr/sbin/tor -f /usr/local/etc/torrc2
    # /usr/sbin/tor -f /usr/local/etc/torrc3
    

    Watch logs:

    # tail -F /usr/local/var/log/tor/notices?.log
    

    Don't forget to open on firewall six ports:

    # for port in `seq 9001 9003` `seq 9031 9033` ; do iptables -I INPUT -p tcp --dport $port -m state --state NEW -s 0.0.0.0/0 -j ACCEPT ; done
    

    You can start Tor instance as different Users, don't forget to change permissions on DataDirectories and log files. Moreover, if you have fast bandwidth on even one of your network interfaces ( more than 50-100 mb/s ), you may try to wrap one tor client into another tor relay, read this doc, simply start inner instance as the transparently specific user.

    please clarify "wrap one tor relay into another". Isn't Tor over Tor overkill in general, so especially for relays?

    It is optional in my answer. You can to imagine this by your self, what is better: chain with 3 hops or chain with 6 hops? What is longer? etc... (And again, you need at least 50mb/s to do that)

    @perpetuity, thank you. How can I get control over these daemons? How can I stop and restart them?

License under CC-BY-SA with attribution


Content dated before 7/24/2021 11:53 AM

Tags used