[Tor-BSD] Multiple instances of Tor under freeBSD

Christian Sturm reezer at reezer.org
Sun Dec 11 14:43:56 EST 2016


On 12/11/2016 06:54 PM, George Rosamond wrote:
>
>
> pa011:
>> Is there something similar creating multiple instances on freeBSD to
>> the debian version
>>
https://gitweb.torproject.org/debian/tor.git/tree/debian/tor-instance-create.8.txt
>> ? ?
>
> I haven't done it before, and I do wonder if/when it's necessary. There
> are really high-bandwidth FreeBSD relay ops on this list, and it would
> be useful to hear from them.

I used to have a very big relay (sadly because of my provider not
anymore, but planning on reopening it).

The reason for doing this is to make use of all your available
bandwidth, because for the biggest part (resource wise) Tor still is
bound to a single CPU.

In such a scenario I'd also recommend to make sure AES-NI is on. Check
both that the kernel module is loaded and that OpenSSL supports it -
also maybe use the latest OpenSSL/LibreSSL, especially if you don't run
a recent release of your BSD. There have been improvements on ECC
crypto, making it possible to improve your throughput in somewhat recent
releases. Also if I remember correctly those were or still are disabled
in base.

Anyway, I think it would probably be a good idea to transform the port a
bit. Modifying the rc.d-script could be enough to have an option that
has multiple instances.

An example to take some ideas from would be the uwsgi port, which allows
you to have uwsgi_profiles, while still defaulting to a basic
uwsgi_enable with one instance.

I am not sure if that's the best approach, but I think this would make
things easier for people running a relay.



More information about the Tor-BSD mailing list