4

UPDATE: See my answer below for instructions, I added a Dynamic DNS and added that as the "Address" in torrc. Once I did that I got the "Self-testing indicates your ORPort is reachable. Excellent." message.

I recently started a relay and it appears to be getting traffic OK but the log shows: "Your server (3.11.33.113:443) has not managed to confirm that its ORPort is reachable." "Your server (3.11.33.113:9030) has not managed to confirm that its DirPort is reachable."

I have ORPort advertised on 443 and binding to 9001.

If I check netstat:

watch -d -n0 "netstat -atnp | grep 9001"

I can see established connections to other Tor relays (I checked the IPs in Atlas).

I tested the port forwarding via YouGetSignal and it says the ports are open. I also tested the ports for outbound traffic via portquiz and they worked fine. Is the not managed to confirm error something I need to actively try to fix? If so, how?

Router: Asus RT-N66U w/DD-WRT

Enabled port forwarding through: NAT / QoS => Port Forwarding

Here is a copy of the Port Forwarding table on my router:

Application | Protocol | Source Net | Port from | IP Address | Port to | Enable
Tor-Dir     | TCP      | [blank]    | 63118     | 3.11.33.113 | 63118  | Checked
Tor-OR      | TCP      | [blank]    | 443       | 3.11.33.113 | 9001   | Checked

Relay is being assigned the above IP via static lease tied to it's MAC Address. I have checked the IP address via ifconfig eth0 to confirm it has 3.11.33.113 as it's address.

PopSmith
  • 101
  • 5

3 Answers3

4

Since my IP is dynamic (and Tor couldn't figure out my IP) I had to create a Dynamic DNS and used that in the Address field in torrc.

Once I did that both DirPort and ORPort were able to establish connections.

I used a Dynamic DNS from dnsexit, the additional options were taken from this post on the DD-WRT forums. They are:

--verbose 5 --update_period_sec 43200 --ip_server_name checkip.ns.zerigo.com /

Here's an example settings screenshot for DD-WRT: DynamicDNS screenshot

PopSmith
  • 101
  • 5
1

Yes, you need to fix it, otherwise the Tor network will never learn about your relay. Are you sure the port forwarding from port 443 to port 9001 actually works? Maybe the forward is going to the wrong place.

For testing, just bind and advertise a high port and don't do any port forwarding.

Sebastian
  • 2,229
  • 10
  • 26
1

This probably means there's an issue with your port forwarding configuration. More information here would be helpful.

  • What Router do you have?
  • Can you explicitly say what you edited to configure port forwarding? What changes you made?
  • Are you sure you're forwarding the ports on the correct internal IP (the IP of whatever computer is running your relay?).

Zach

Zach Alberico
  • 161
  • 1
  • 8