Running a Tor relay strengthens the network for everyone. More relays mean faster speeds, better anonymity, and stronger resistance to attacks. Contributing bandwidth to Tor is direct activism supporting internet freedom and privacy rights globally.

Types of Relays

Middle Relays

Middle relays pass traffic between other relays. They see encrypted traffic from the previous relay and forward it to the next relay. They can't see content or destinations.

Middle relays are the safest type to run. Your IP address doesn't appear to connect to destination websites. Abuse complaints don't target middle relay operators.

Most Tor relays are middle relays. They provide the bulk of network capacity and are easiest to justify to ISPs or network administrators.

Guard Relays

Guard relays (entry guards) are the first hop in Tor circuits. They see users' real IP addresses but not where they're going due to encryption.

Guards require stable, high-bandwidth connections. The network promotes reliable middle relays to guard status automatically. You don't explicitly configure guards - you run a middle relay and it might become a guard if it meets criteria.

Running guards carries similar legal exposure to middle relays - minimal. Your IP connects to other Tor relays, not destination sites.

Exit Nodes

Exit nodes make final connections to destination websites. They remove the last encryption layer and send unencrypted requests to actual servers.

Exit nodes see unencrypted traffic and their IP addresses appear to make requests. Destination websites see the exit node's IP. Abuse complaints go to exit operators.

Running exits requires understanding legal exposure and having ISPs tolerant of complaints. Most people run middle relays, not exits. The network needs exits but they require more commitment.

Bridge Relays

Bridges help users in censored countries access Tor. They're unlisted entry guards not in public directories.

Bridges are relatively safe to run. Like middle relays, they pass encrypted traffic. The main difference is privacy - bridge addresses aren't publicly listed.

Recommendation: Start with a middle relay. This provides maximum benefit with minimal risk. Consider exit nodes only if you understand and accept the legal implications.

Requirements

Bandwidth

Useful relays need at least 2 Mbps upstream bandwidth. More is better. The network prioritizes high-bandwidth relays when building circuits.

If bandwidth is limited, set rate limits in configuration. The relay will contribute what it can without overwhelming your connection.

Uptime

Relays should run continuously. Intermittent relays don't contribute much to network stability. Aim for 24/7 operation if possible.

The network measures relay uptime. Consistently running relays get more traffic and become more valuable to the network.

IPv4 Address

Relays need public IPv4 addresses. NAT or firewall configurations must allow incoming connections on the relay port.

IPv6 support is bonus but IPv4 is essential. Most Tor traffic still uses IPv4.

Disk Space

Minimal disk space needed - a few hundred MB for Tor software and logs. Relays don't store user data.

Setup Process

Installing Tor

Linux users install Tor from package managers: apt-get install tor on Debian/Ubuntu, yum install tor on Fedora/CentOS.

Windows and Mac users download Tor from the Tor Project website. Follow installation instructions for your operating system.

Configuration

Edit the torrc configuration file. Common location: /etc/tor/torrc on Linux, Tor Browser folder on Windows/Mac.

Basic middle relay configuration:

ORPort 9001
Nickname YourRelayName
ContactInfo [email protected]
RelayBandwidthRate 1 MByte
RelayBandwidthBurst 2 MBytes

Replace YourRelayName and contact info with your details. Adjust bandwidth limits based on your connection.

Firewall Configuration

Open ORPort (default 9001) in your firewall. The relay must accept incoming connections on this port.

Router port forwarding might be necessary if running behind NAT. Forward external port 9001 to your relay's internal IP and port.

Starting the Relay

Linux: sudo systemctl start tor or sudo service tor start

The relay begins running and registering with the Tor network. Initial registration takes time - your relay won't carry traffic immediately.

Exit Node Specific Setup

Exit Policy

Exit policies control which traffic your exit allows. Reduced exit policies allow common ports (web, email) while blocking potentially abusive ports.

Example reduced exit policy already exists in torrc templates. Most exit operators use these templates rather than creating custom policies.

Legal Preparation

Have a lawyer if running an exit node. Abuse complaints are inevitable. Understanding your legal position before problems arise is essential.

Some countries have precedent protecting Tor exit operators. Research legal status in your jurisdiction.

ISP Communication

Inform your ISP about running an exit. Provide educational materials about Tor. An informed ISP is less likely to panic at abuse complaints.

Use dedicated servers from Tor-friendly hosts rather than home connections. Many VPS providers explicitly allow Tor exits.

Abuse Handling

Set up email to receive abuse complaints. Respond promptly with Tor educational materials. Most complainants understand after explanation.

Template responses exist for common abuse types. The Tor Project provides resources for exit operators handling complaints.

Important Warning: Don't run exit nodes from home IP addresses or on networks you don't control. Use dedicated servers or VPS from providers who explicitly allow Tor exits.

Monitoring Your Relay

Tor Metrics

Visit metrics.torproject.org and search for your relay nickname or fingerprint. This shows bandwidth graphs, flags, and network contribution.

Metrics update daily. New relays take days to appear. Don't worry if your relay isn't listed immediately.

Relay Flags

The network assigns flags to relays: Fast (high bandwidth), Stable (good uptime), Guard (selected as entry guard), Exit (configured as exit).

Flags indicate how the network uses your relay. More flags generally mean your relay contributes more.

Bandwidth Usage

Monitor bandwidth consumption through your router or server monitoring tools. Relays use bandwidth 24/7.

Adjust RelayBandwidthRate if usage exceeds expectations. The relay respects configured limits.

Best Practices

Keep Software Updated

Update Tor software regularly. Security patches and performance improvements are frequent. Old relay versions might get rejected by the network.

Enable automatic updates if possible. This ensures your relay stays current without manual intervention.

Set Contact Info

Provide contact information in torrc. The Tor Project might need to reach relay operators about network issues or security problems.

Use an email address you check regularly. Critical security issues sometimes require immediate relay operator action.

Monitor Logs

Check Tor logs periodically for errors or warnings. Most issues appear in logs before causing problems.

Common log locations: /var/log/tor/ on Linux, Tor Browser folder on Windows/Mac.

Don't Run Browser and Relay Together

Running Tor Browser on the same machine as a relay creates correlation risks. Keep relay and personal Tor use separate if possible.

Scaling Up

Multiple Relays

Run multiple relays if you have bandwidth. Each additional relay increases network capacity.

Set MyFamily configuration option to identify your relays. The network won't use multiple relays from the same family in one circuit.

Dedicated Servers

Serious relay operators use dedicated servers or VPS. These provide better uptime and bandwidth than home connections.

Hetzner, OVH, and some other hosts allow Tor relays explicitly. Check terms of service before deploying.

Community and Support

Tor Relay Mailing Lists

Join [email protected] for discussion with other operators. This list covers technical issues, legal questions, and best practices.

Documentation

The Tor Project maintains comprehensive relay operator documentation at community.torproject.org. This covers advanced configuration and troubleshooting.

IRC Channels

IRC channels provide real-time help. #tor-relays on OFTC network is active with experienced operators.

Legal Considerations

Middle relays are legal everywhere Tor usage is legal. No jurisdiction criminalizes passing encrypted traffic between other servers.

Exit nodes occupy gray area in some jurisdictions. Liability for traffic passing through your exit varies by country. Research local laws or consult lawyers.

Most democratic countries don't hold exit operators liable for user traffic, but abuse complaints and investigations can occur.

Impact and Contribution

Even small relays help. The network needs diverse relay operators more than it needs maximum bandwidth from single sources.

Geographic diversity matters. Relays in underrepresented countries provide valuable circuit diversity.

High-uptime relays contribute more than high-bandwidth relays that frequently disconnect. Consistency matters.

Final Thoughts

Running a Tor relay directly supports internet freedom, privacy rights, and censorship resistance worldwide. Your contribution helps activists, journalists, and ordinary people maintain digital privacy.

Start with a middle relay. Learn the technical aspects. Scale up as you gain experience. The Tor network grows stronger with each new relay operator joining the effort.