Bugless #59
Run a Tor Bridge
Status:
New
Priority:
Normal
Assignee:
-
Category:
hscloud
Description
We'd maybe like to run a Tor Bridge on k0. These seem to not attract unwanted attention (from LE or from skids), but there's a few things to solve before we'd be able to run one comfortably:
- Make sure this is indeed not problematic for the aforementioned reasons.
- Set up TC/QoS on dcsw1, edge01.waw or k8s/calico so that we can limit the bandwidth of the bridge to N Mbps (both incoming and outgoing). Or maybe the bridge software itself can be configured to take care of this?
- Find a way to limit network connectivity: disallow 10/8 and other RFC1918, perhaps disallow parts of 185.236.240.0/22 (like DNS recursors?)
Since k0 is unfortunately still IPv4-only, this would also be IPv4-only for now.