Configuring a Tor relay


The Tor network relies on volunteers to donate bandwidth. The more people who run relays, the faster the Tor network will be. If you have at least 2 megabits/s for both upload and download, please help out Tor by configuring your Tor to be a relay too.

You can run a Tor relay on pretty much any operating system. Tor relays work best on Linux, OS X Lion or later, FreeBSD 5.x+, NetBSD 5.x+, and Windows Server 2003 or later.

The best approach for most users is to run your relay on Debian or Ubuntu using the system Tor package — the deb takes care of running Tor as a separate user, making sure it has enough file descriptors available, starting it at boot, and so on. Tor relays also run nicely on other Linux flavors, and on FreeBSD and NetBSD for those who are comfortable with those operating systems.

Alas, since Vidalia (a graphical interface for Tor) is no longer included in Tor Browser, there are currently no easy relay packages for Windows and OS X users. One option might be to run Debian in a VM, or use a different means of getting a Tor binary on your system (Expert Bundle, Homebrew, Macports). Please help make this process easier!


Configure Tor by editing the torrc file


Tor's configuration file is named 'torrc'. In the Tor Browser folder, it's located at

Data\Tor\torrc

Open the file with a text editor and add the following lines:

    ORPort 443
    Exitpolicy reject *:*
    Nickname ididntedittheconfig
    ContactInfo human@...
    

If you want to be a bridge, read about the BridgeRelay and ServerTransportPlugin values on this page.

Tor will use all your bandwidth if you don't set limits for it. Some options are described in these FAQ entries.

See the sample torrc file and the man page for other Tor options you may want to set.


Make sure your relay is reachable


If you are using a firewall, open a hole in your firewall so incoming connections can reach the ports you configured (ORPort, plus DirPort if you enabled it). If you have a hardware firewall (Linksys box, cable modem, etc) you might find portforward.com useful. Also, make sure you allow all outgoing connections too, so your relay can reach the other Tor relays.

Restart your relay. If it logs any warnings, address them.

As soon as your relay manages to connect to the network, it will try to determine whether the ports you configured are reachable from the outside. This step is usually fast, but may take up to 20 minutes. Look for a log entry like

Self-testing indicates your ORPort is reachable from the outside. Excellent.
If you don't see this message, it means that your relay is not reachable from the outside — you should re-check your firewalls, check that it's testing the IP and port you think it should be testing, etc.

When your relay has decided that it's reachable, it will upload a "server descriptor" to the directories, to let clients know what address, ports, keys, etc your relay is using. You can search Atlas or Globe for the nickname you configured, to make sure it's there. You may need to wait up to one hour for the directories to publish the new server information.


Once your relay is working


To learn more about the proper care and feeding for your relay, see the advice on the Tor relay on Debian/Ubuntu page.


If you have suggestions for improving this document, please send them to us. Thanks for helping to make the Tor network grow!