Tor relays
52
Transparency Report December 2022
Nothing to hide became a Tor exit relay operator this month, in addition to running only guard/middle relays before. This is a good time to start with monthly transparency reports and so here it is.
The metrics used in this report are rounded extrapolated snapshots of the final day of the month, to not give away too much specific information.
1 Requests & orders
We did not receive any official or unofficial requests or orders this month.
1.1 Law enforcement agencies (LEA)
| LEA | Requests | Orders |
|---|---|---|
| n/a | 0 | 0 |
1.2 Legal entities
| Legal entity | Requests |
|---|---|
| n/a | 0 |
1.3 Natural persons
| Natural person | Requests |
|---|---|
| John Doe | 0 |
2 Service report
2.1 Tor relays
Bandwidth
12.8 Gb/s
Monthly traffic
4.150 TB
This month we added more physical servers to our infrastructure to accomodate for a whole bunch of new Tor exit relays. We expect bandwidth contribution to go up considerably in the near future, but for now the new Tor relays are still ramping-up.
| Period | # Guard | # Exit | Bandwidth | Daily traffic | Monthly traffic |
|---|---|---|---|---|---|
| November 2022 | 18 | 0 | 5.6 Gb/s | 60 TB | 1.800 TB |
| December 2022 | 34 | 18 | 12.8 Gb/s | 138 TB | 4.150 TB |
Note that for these statistics both incoming and outgoing traffic are combined (just like Tor network’s metrics).
2.2 Tor DNS requests
Query response
870 per second
Daily queries
75 million
Monthly queries
2.2 billion
DNS requests on the Tor network are resolved by the Tor exit relays. This means that high capacity Tor exit relays can generate a lot of DNS queries. These queries are being resolved by multiple high capacity DNS resolvers.
This is the first month for our Tor exit relays so the qps rate and total amount of DNS queries are still pretty modest. We expect these numbers to rise considerable when the Tor exit relays have ramped-up. This means we need to work on a adequate DNS infrastructure in Q1 2023.
| Period | Query rate | Daily queries | Monthly queries |
|---|---|---|---|
| November 2022 | 0 | 0 | 0 |
| December 2022 | 870 | 75.000.000 | 2.300.000.000 |
Do note that we don’t log the contents of DNS queries.
2.3 Tor diversity
One of our major goals is to break the GNU/Linux monoculture currently present on the Tor network. Monocultures in nature are dangerous, as vulnerabilities are held in common across a broad spectrum. In a globally used anonymity network, monocultures can be disastrous.
We make the Tor network stronger by running all our relays on FreeBSD. Here we report on our ongoing effort to increase operating system diversity on the Tor network.
| Period | NTH Guard | BSD Guard | GNU Guard | NTH Exit | BSD Exit | GNU Exit |
|---|---|---|---|---|---|---|
| November 2022 | 0.11% | 6.1% | 93.9% | 0.0% | 0.9% | 99.1% |
| December 2022 | 0.12% | 6.2% | 93.8% | 4.46% | 6.0% | 94.0% |
In december the BSD Consensus Weight share of exit relay traffic sextupled. This sadly isn’t as impressive as it sounds though, considering the bleak starting point. It’s a nice start though and we will continue our efforts in 2023.
High capacity guard relays on the other hand are more difficult to run than ever before. The ongoing DDoS attacks make it difficult to get and maintain guard status, so this month we sadly didn’t contribute to a increase in BSD Consensus Weight share of guard relays. In 2023 we will try to implement effective DDoS countermeasures.
2.4 DDoS attacks
This month five big DDoS attacks with a combined duration of ~11 days were endured on our guard/middle relays. The newly installed server was able to withstand the attacks significantly better than the previously used hardware. This resulted in ‘only’ a reduction to our bandwidth contribution to the Tor network of almost 3 Gb/s, instead of the frequent crashes and kernel panics we had to deal with before.
The goal still seems to prevent the middle relays from becoming guard relays, which proves to be successful for now. In 2023 we will look in to countermeasures to thwart the adversaries’ efforts more effectively.