I am in the EU. I want to help make the TOR network more robust by contributing a relay node. I have one of three hardware options: a raspberry pi zero W, raspberry pi 4B, or ThinkPad T470s.
In your practical experience, which of these computers would be the best for the network? As I understand, beyond a point, the CPU power doesn’t matter unless massive traffic loads go through the node.
P.S: Not sure if this is relevant, but I currently have a pihole hosted in a separate RPI zero. I plan to host this at home. I do not have a separate connection line. My router doesn’t support vlan.
Add: Thank you for the kind replies. Based on the feedback, it think I’m currently not setup to help the network. I will instead continue with my annual contribution.
I will look into hosting a node on a VPS and just pay a monthly subscription fee or something.
I have tried hosting a Tor relay on a VPS in the past and it was bottlenecked by the CPU at barely 20MB/s, although to be fair this was without hardware AES. More importantly for you, the server’s IP started getting DDoSed constantly and a whole bunch of big internet services just immediately blocked the address (the list of relay IPs is public and many things just block every address on that list instead of only exit nodes). So any of your machines are probably at least somewhat up to the task (ideally if they have hardware AES support), but this is definitely not something I’d do on my home network.
I ran a relay too way, way back in the day and I remember almost a third of the sites I used blacklisted my IP address within days. It wasn’t cool.
I ended up shutting it down, resetting my cable modem, and spoofing a new MAC address on my router to get a new IP address to get everything working again.
Using a VPN is smarter. I wouldn’t run that on IPv6 whatsoever.
Why not on IPv6? If you received a /64 from your ISP and pick only one IPv6 for Tor, I don’t see what the issue would be…
Personally, I think IPv6 is not a good choice for any service you don’t want associated with a specific device. As I understand it, the prefix delegation comes from the ISP, but often the interface ID is derived from the machine’s MAC address which is a link to specific machine hardware, can reveal information about the host, and possibly deanonymoized across networks.
I’d stick with IPv4 because NAT gives a tad more anonymity. Just my $0.02 though.
I understand your position better, indeed. Thanks for taking the time to explain! You’ll be happy to learn that what you describe, EUI-64, is not the only way to generate an IPv6 address. The router will give you the prefix in any case, but there is the Stable Privacy Addresses scheme if you want the link-local part generated automatically, and you can set up a static IPv6 address (or several) on your machine, and the router will just have to shut up and deal it to you (for the local part, the prefix is still coming from the ISP)
I am hosting a high speed relay right now, and have been for 4+ years, on my home address. I am not getting attacked beyond the usual drivebys that I’d get hit with regardless because I host other outward-facing things.
You do look suspicious to large social media sites, but besides those: I’ve never been blocked from somewhere due to my relay.