Setting Up Tor Relay Nodes - A Complete Guide
In this guide, you’ll learn step by step how to set up, configure, and maintain a Tor relay, helping to build a freer, more privacy-friendly internet for everyone.
Publish date: 3/13/2025
In this guide, you’ll learn step by step how to set up, configure, and maintain a Tor relay, helping to build a freer, more privacy-friendly internet for everyone.
Publish date: 3/13/2025
Tor (The Onion Router) stands as one of the internet's most important privacy tools, helping millions of people around the world access information freely and communicate securely.
This decentralized network enables anonymous communication by directing internet traffic through a worldwide network of volunteer relays, concealing users' locations and usage patterns from surveillance and traffic analysis.
Behind this privacy friendly network are thousands of volunteer-run relay nodes that form the backbone of Tor's infrastructure. These relay nodes, and those that run them, are what Tor rely on to continue to function.
If you're passionate about a free internet, running a Tor relay node is a great way to contribute, and setting up a Tor relay doesn't have to be complicated. With the right server infrastructure and a straightforward configuration process, you can have your relay contributing to the Tor network in no time. In this guide, we'll explain how. Let's dive in.
Tor works by routing your connection through multiple encrypted layers (like layers of an onion, hence the name).
When you connect to a website through Tor, your traffic is encrypted and passes through at least three different relays before reaching its destination. Each relay only knows the identity of the relay that came before it and the one that comes after it - no single relay knows both the origin and destination of the data.
Tor serves several critical functions in today's internet landscape:
Before diving into the setup process, it's helpful to understand the different types of Tor relays and their roles within the network.
Tor's network architecture uses three types of relays to route traffic:
While exit relays are crucial to the network, they come with significant legal and operational considerations since the traffic leaving these nodes appears to come from your IP address.
Most hosting providers prohibit running exit relays due to these concerns. However, running guard or middle relays remains an excellent way to contribute to the network without the complications of exit traffic. If you're interested in running an exit relay, please see the dedicated section later in this guide.
Note: While xTom allows entry and middle relays, unfortunately we don't allow exit relays at this time.
Running a Tor relay contributes to:
For a successful Tor relay, look for:
xTom's dedicated servers offer excellent network connectivity with guaranteed resoruces, making them perfect for high-capacity relays. Though for many, V.PS's (xTom's VPS brand) NVMe-powered KVM virtual private servers can provide a good balance of performance and cost.
Note: Going forward, I've selected Debian/Ubuntu and RHEL 8/9 as the operating systems to focus on in this guide (all of which are a great choice for a Tor relay), but for a full list of supported operating systems, check out the Tor documentation here.
Once you've provisioned your server, connect via SSH and update your system:
# For Debian/Ubuntu
sudo apt update
sudo apt upgrade -y
# For RHEL 8
sudo yum update -y
sudo yum upgrade -y
# For RHEL 9
sudo dnf update -y
sudo dnf upgrade -y
The recommended way to install Tor is through the Tor Project's official repository:
# Add the Tor repository
sudo apt install apt-transport-https -y
echo "deb [signed-by=/usr/share/keyrings/tor-archive-keyring.gpg] https://deb.torproject.org/torproject.org $(lsb_release -cs) main" | sudo tee /etc/apt/sources.list.d/tor.list
# Add the GPG key
wget -qO- https://deb.torproject.org/torproject.org/A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89.asc | gpg --dearmor | sudo tee /usr/share/keyrings/tor-archive-keyring.gpg >/dev/null
# Update and install
sudo apt update
sudo apt install tor deb.torproject.org-keyring -y
# Add the EPEL repository
sudo yum install epel-release -y
# Install Tor
sudo yum install tor -y
# Add the EPEL repository
sudo dnf install epel-release -y
# Install Tor
sudo dnf install tor -y
Edit the Tor configuration file:
# For all systems
sudo nano /etc/tor/torrc
Add the following configuration, adjusting the values as desired:
# Basic relay configuration
Nickname YourRelayName # Choose a unique name
ContactInfo [email protected] # Optional but recommended
ORPort 443 # The port for Tor traffic, 443 often works best
# Relay type configuration (non-exit)
ExitRelay 0
ExitPolicy reject *:* # Explicitly reject all exit traffic
# Resource limits
RelayBandwidthRate 10 MB # Committed bandwidth
RelayBandwidthBurst 20 MB # Maximum burst bandwidth
AccountingMax 20 TB # Monthly data cap
AccountingStart month 1 00:00 # Reset accounting on the 1st of each month
# Miscellaneous settings
DisableDebuggerAttachment 0
# Start Tor service
sudo systemctl start tor
# Enable Tor to start on boot
sudo systemctl enable tor
# Check the status
sudo systemctl status tor
# Start Tor service
sudo systemctl start tor
# Enable Tor to start on boot
sudo systemctl enable tor
# Check the status
sudo systemctl status tor
sudo ufw allow 443/tcp
sudo ufw reload
sudo firewall-cmd --permanent --add-port=443/tcp
sudo firewall-cmd --reload
Check your logs to ensure everything is working properly:
# For systems using systemd (Debian, RHEL 7/8)
sudo journalctl -u tor@default -f
# or
sudo journalctl -u tor -f
# Alternative for all systems
sudo tail -f /var/log/tor/notices.log
After about 3 hours, check if your Tor relay is working properly by visiting the Tor Metrics website and searching for your Tor relay's nickname.
To see how your Tor relay is performing, you can use tools like:
Exit relays are the critical final nodes in the Tor circuit that connect to the destination websites. They require special consideration due to their higher risk profile and operational requirements.
Before running an exit relay, understand these key points:
For exit relays, you'll need:
Note: While xTom allows entry and middle relays, unfortunately we don't allow exit relays at this time.
To configure an exit relay, you'll need to modify your torrc file with an appropriate exit policy:
# Basic exit relay configuration
ExitRelay 1
# A more restrictive exit policy allowing common ports
ExitPolicy accept *:80
ExitPolicy accept *:443
ExitPolicy reject *:*
# Contact information is especially important for exit relays
ContactInfo [email protected]
# Consider using a separate DNS resolver
DNSPort 5353
When running an exit relay:
The Tor Project provides helpful templates for responding to complaints and explaining the nature of exit relays to those who may not understand the technology.
Keep these resources handy:
TLDR: Running an exit relay is one of the most valuable contributions you can make to the Tor network, but it requires more resources and attention than other relay types.
Running a Tor relay is a meaningful way to support online privacy and freedom.
Tor's role in protecting privacy has never been more important in our increasingly surveilled world. By operating a relay, you're directly contributing to a network that enables free speech, protects vulnerable populations, and preserves the open internet.
If you're looking to set up a Tor relay, xTom provides the perfect foundation with our dedicated servers featuring generous bandwidth allowances, NVMe-powered V.PS virtual servers , or even colocation services if you prefer to use your own hardware. Our global network presence and commitment to privacy-friendly services make us an ideal partner for your Tor relay project.
Thanks for reading, and here's to a free internet!
Tor (The Onion Router) is a privacy network that encrypts your internet traffic and routes it through a series of relays around the world. This process makes it difficult for anyone to track your activity or location. The encryption happens in layers (like an onion), with each relay only knowing a small part of the route.
Yes, running a Tor relay is legal in most countries (though, you should make sure of your own countries stance on Tor before running a relay). Also, middle and guard relays simply pass encrypted traffic and don't allow connections to the regular internet from your IP address.
This depends on your configuration. You can limit your relay to use as little as a few GB per day or allow it to use as much as your connection permits.
Not when using xTom's services with properly configured non-exit relays. xTom allows Tor relay traffic on their network. For other providers, we suggest asking first before running a Tor relay.
Even a basic VPS from xTom's V.PS service can run a small Tor relay. For larger relays, xTom's dedicated servers will provide better performance.
Yes, you can run multiple relays on different servers. This is actually encouraged as it helps the network's diversity and resilience.