High-Capacity Relays: Can Bigger Bandwidth Make a Bigger Difference?

Exploring how one operator's dilemma could inspire more efficient, scalable Tor infrastructure

If you're a software developer who cares about freedom of information—or an IT ops admin with a spare rack and skills to spare—this post is for you. Let's talk about how you can use your talents to support the Tor network.

A recent discussion in the Tor Project community explored two deployment strategies for running high-capacity relays. Whether you're optimizing for efficiency, uptime, or hands-on learning, there's a lot to consider:

• Option A: Deploy a single server with a 40Gbps connection.
• Option B: Deploy four servers, each with a 10Gbps connection, ideally spread across different networks and locations.

Pros and Cons

Option A: Single 40Gbps Server

• Pros:
  • Simple to manage: great for those who want a quick setup and less admin overhead.
  • Efficient DNS performance for exit relays: one powerful local DNS resolver = better caching and privacy.
  • Lower electricity use: a single server can be more power efficient than multiple.
• Cons:
  • Single point of failure: hardware or network issues could take everything offline at once.
  • Congestion risk: Tor's architecture doesn't scale well under heavy load—expect CPU/NIC pinning and crypto offloading headaches.
  • Limited geographic and jurisdictional diversity: even if you’re on a fast connection, you're still in one place, under one legal framework.

Option B: Four 10Gbps Servers

• Pros:
  • Resilience: if one server fails, 75% of your relays keep running. No total outages during patches or reboots.
  • Geographic diversity: makes surveillance and legal shutdowns harder. Especially valuable if servers are in different ASes and regions.
  • Better system efficiency: fewer relays per box means lower congestion, better performance, and less tuning required.
  • Learning experience: perfect for ops folks who want to sharpen their multi-host deployment skills.
  • Security edge for guard relays: more memory spread across systems = more DDoS headroom and harder for attackers to hit all at once.
  • Exit flexibility: you can tailor exit policies per datacenter based on local restrictions or requirements.
• Cons:
  • Admin overhead: more nodes = more things to monitor, patch, and secure.
  • Higher cost: more servers, more contracts, more power (unless you're in a region with cheap electricity).
  • Relationship management: four data centers means four abuse teams to work with. It’s more work, but also more resilience.
  • Less efficient DNS for exit relays: multiple resolvers reduce caching efficiency—but provide DNS failover and redundancy.

Conclusion

Option B—deploying four 10Gbps servers—was the favored approach in this discussion, thanks to its improved redundancy, performance, and diversity. It’s an excellent model for those who want to contribute meaningfully and sustainably to the Tor network.

For IT admins, this is a chance to put your infrastructure skills to use while building something that defends digital freedom. For developers, it’s an opportunity to architect systems that serve privacy at scale. Whether you choose A or B, your contribution matters.

For a full breakdown and community insights, check out the original thread on the Tor Project mailing list.

Join the Mission