Configuring a Tor relay


The Tor network relies on volunteers to donate bandwidth. The more people who run relays, the faster the Tor network will be. If you have at least 50 kilobytes/s each way, please help out Tor by configuring your Tor to be a relay too.

You can run a Tor relay on pretty much any operating system. Tor relays work best on Linux, OS X Tiger or later, FreeBSD 5.x+, NetBSD 5.x+, and Windows Server 2003 or later.

An easy way to get started is with Vidalia, a graphical interface for Tor. Vidalia is not included in the standard Tor Browser Bundle, although it once was.

The Vidalia Bridge Bundle, the Vidalia Relay Bundle and the Vidalia Exit Bundle are available on the download page. These bundles are only available for Windows. They come preconfigured to run Tor as a bridge, a non-exit relay, or an exit relay.

Vidalia is also available as a standalone package from this directory. To use the Vidalia standalone, you will first need to download the Tor Browser Bundle or the Tor Expert Bundle. Unpack the Vidalia package into your Tor Browser folder. This will allow Vidalia to control and configure the Tor Browser Bundle's Tor client. If you use the Expert Bundle, which contains Tor only and no browser, you'll need to inform Vidalia of your Tor's location.

Make sure your Tor works by using Tor as a client (surf with the Tor Browser, for example). Verify that your clock and timezone are set correctly. If possible, synchronize your clock with public time servers.


Configure Tor with the Vidalia Graphical Interface


  1. Right click on the Vidalia icon in your task bar. Choose Control Panel.

  2. Vidalia right click menu
  3. Click "Setup Relaying".
  4. Choose "Relay Traffic for the Tor network" if you want to be a public relay (recommended), or choose "Help censored users reach the Tor network" if you want to be a non-public bridge.

  5. Vidalia basic settings
  6. Enter a nickname for your relay, and enter contact information in case we need to contact you about problems.
  7. Leave "Attempt to automatically configure port forwarding" ticked. Push the "Test" button to see if it works. If it does work, great. If not, see the section on reachability below.
  8. Choose the "Bandwidth Limits" tab. Select how much bandwidth you want to provide for Tor users like yourself.

  9. Vidalia bandwidth limits
  10. Select the "Exit Policies" tab. If you want to allow others to use your relay for these services, don't change anything. Un-check the services you don't want to allow people to reach from your relay. If you want to be a non-exit relay, un-check all services.

  11. Vidalia exit policies
  12. Click "Ok".

Configure Tor by editing the torrc file


You can set up a relay without using Vidalia if you wish. Tor's configuration file is named 'torrc'. In the Tor Browser folder, it's located at

Data\Tor\torrc

Open the file with a text editor and add the following lines:

    ORPort 443
    Exitpolicy reject *:*
    Nickname ididntedittheconfig
    ContactInfo human@...
    

If you want to be a bridge, read about the BridgeRelay and ServerTransportPlugin values on this page.

Tor will use all your bandwidth if you don't set limits for it. Some options are described in these FAQ entries.

See the sample torrc file and the man page for other Tor options you may want to set.


Make sure your relay is reachable


If you are using a firewall, open a hole in your firewall so incoming connections can reach the ports you configured (ORPort, plus DirPort if you enabled it). If you have a hardware firewall (Linksys box, cable modem, etc) you might find portforward.com useful. Also, make sure you allow all outgoing connections too, so your relay can reach the other Tor relays.

Restart your relay. If it logs any warnings, address them.

As soon as your relay manages to connect to the network, it will try to determine whether the ports you configured are reachable from the outside. This step is usually fast, but may take up to 20 minutes. Look for a log entry like

Self-testing indicates your ORPort is reachable from the outside. Excellent.
If you don't see this message, it means that your relay is not reachable from the outside — you should re-check your firewalls, check that it's testing the IP and port you think it should be testing, etc.

When your relay has decided that it's reachable, it will upload a "server descriptor" to the directories, to let clients know what address, ports, keys, etc your relay is using. You can search Atlas or Globe for the nickname you configured, to make sure it's there. You may need to wait up to one hour for the directories to publish the new server information.


Once your relay is working


Subscribe to the tor-announce mailing list. It is very low volume, and it will keep you informed of new stable releases.

As a relay operator, you should consider subscribing to the tor-relays mailing list. You might find other higher-volume Tor lists of interest to you as well.

Tor Weather provides an email notification service to any users who want to monitor the status of a Tor node. Upon subscribing, you can specify what types of alerts you would like to receive. The main purpose of Tor Weather is to notify node operators via email if their node is down for longer than a specified period, but other notification types are available.

Read about operational security to get ideas how you can increase the security of your relay.

If you control the name servers for your domain, consider setting your reverse DNS hostname to 'anonymous-relay', 'proxy' or 'tor-proxy', so when other people see the address in their web logs, they will more quickly understand what's going on. Adding the Tor exit notice on a vhost for this name can go a long way to deterring abuse complaints to you and your ISP if you are running an exit node.

When you change your Tor configuration, remember to verify that your relay still works correctly after the change. If you have problems or questions, see the Support section or contact us. Thanks for helping to make the Tor network grow!


If you have suggestions for improving this document, please send them to us. Thanks!