[tor-relays] tor relay recommended upgrade procedure?

Zenaan Harkness zen at freedbms.net
Sun Mar 30 00:21:02 UTC 2014


On 3/19/14, Zenaan Harkness <zen at freedbms.net> wrote:
> On 3/19/14, Moritz Bartl <moritz at torservers.net> wrote:
>> You should add the torproject repository, and then just let it upgrade
>> whenever there is a new version. There's no need to reboot or wait,
>> having the upgrade process restart the service is fine. Your relay will
>> not lose its flags during short downtimes like that.
>
> Thank you, I did that.
>
> The Debian install script evidently gives tor 30 seconds to
> disconnect, since it did stop tor after 30 seconds.
>
> Then it went through the normal upgrade process, I kept my existing
> config file and voi la - tor was no longer running! This bit does not
> seem quite optimal - surely tor ought to have been auto restarted.
>
> Anyway a quick service tor restart started it again and yes, flags intact.
>
> HOWEVER: killing tor in 30 seconds seems to me a little harsh on all
> those anonymous connections that were previously going through my exit
> relay. Can those clients (if they need) pick up their connections
> after about 3 minutes? It appeared that all connections were
> completely gone when I finally got tor restarted, which makes sense
> but:
>
> Is there are a gentler way such as "don't take new connections, notify
> clients we are going down for an upgrade" but allow continuation for
> say up to 10 or 30 minutes?

There is of course MaxAdvertisedBandwidth -
so ought this option be set to say zero for say 10 or 20 minutes,
before stopping/upgrading the server (either manually by admin, me, or
assuming admin config allows this)?

> Would that be better or could that be worse eg for privacy,
> correlation attacks etc?

Should I forward this question (or rather, create a thread) "optimal
tor relay upgrade protocol" on tor-talk?

TIA
Zenaan


More information about the tor-relays mailing list