# Tor relay stuck at "Bootstrapped 0%: Starting"

## resill

Hi all,

Gentoo newbie here. I just compiled the latest Tor 0.3.1.7 (vanilla, no special use flags or keywords) on my Raspberry Pi and for some reason it's stuck at "Bootstrapped 0%: Starting" until forever. My torrc:

```

#

# Minimal torrc so tor will work out of the box

#

User tor

PIDFile /var/run/tor/tor.pid

Log notice syslog

DataDirectory /var/lib/tor/data

#

# My config

#

SocksPort 0

RunAsDaemon 

ORPort 9001

Nickname NICKNAME

ContactInfo CONTACT

DirPort 9030

ExitPolicy reject *:*

DisableDebuggerAttachment 0

ControlPort 9051

CookieAuthentication 1

```

Nickname and ContactInfo obviously redacted, but here's the syslog excerpt when starting the tor service:

```

Feb 18 18:23:19 localhost Tor[12017]: Not disabling debugger attaching for unprivileged users. 

Feb 18 18:23:19 localhost Tor[12017]: Parsing GEOIP IPv4 file /usr/share/tor/geoip. 

Feb 18 18:23:20 localhost Tor[12017]: Parsing GEOIP IPv6 file /usr/share/tor/geoip6. 

Feb 18 18:23:21 localhost Tor[12017]: Configured to measure statistics. Look for the *-stats files that will first be written to the data directory in 24 hours from now. 

Feb 18 18:23:28 localhost Tor[12017]: Your Tor server's identity key fingerprint is '<NICKNAME> <FINGERPRINT>' 

Feb 18 18:23:28 localhost Tor[12017]: Bootstrapped 0%: Starting 

```

Identity line also obviously redacted but the log literally stops there - no further messages trying to finish bootstrapping. I tried compiling newer versions and it also didn't make a difference. My Pi is behind a NAT router and I forwarded the OR and Dir ports to my Pi in the firewall config of my router, and then I opened the ports using ufw on the Pi itself. I can even nmap the ports using my phone over 4G and verify that they're open, but for some reason my Pi doesn't finish bootstrapping. I'm at a loss here and I was hoping any one of you guys have any idea what's going on? 

Cheers.

----------

## resill

It seems I needed to set the Address option and run a local DNS resolver (I chose Unbound) in order for Tor to resolve my hostname, which apparently was necessary for bootstrapping. Bootstrapping is still stuck at 80%, claiming it can't connect to any hosts. Here's an excerpt from the log:

```

[...]

Feb 20 18:40:24 localhost Tor[19282]: Bootstrapped 0%: Starting 

Feb 20 18:40:40 localhost Tor[19282]: Starting with guard context "default" 

Feb 20 18:40:41 localhost Tor[19282]: Bootstrapped 80%: Connecting to the Tor network 

Feb 20 18:40:50 localhost Tor[19282]: Problem bootstrapping. Stuck at 80%: Connecting to the Tor network. (Connection refused; CONNECTREFUSED; count 10; recommendation warn; host <FINGERPRINT> at <IPADDRESS>:9001) 

Feb 20 18:40:50 localhost Tor[19282]: 9 connections have failed: 

Feb 20 18:40:50 localhost Tor[19282]:  9 connections died in state connect()ing with SSL state (No SSL object) 

Feb 20 18:40:51 localhost Tor[19282]: Problem bootstrapping. Stuck at 80%: Connecting to the Tor network. (Connection refused; CONNECTREFUSED; count 11; recommendation warn; host <FINGERPRINT> at <IPADDRESS>:443) 

Feb 20 18:40:51 localhost Tor[19282]: 10 connections have failed: 

Feb 20 18:40:51 localhost Tor[19282]:  10 connections died in state connect()ing with SSL state (No SSL object) 

[...]

```

Obviously I redacted the fingerprints and IP addresses, but I still can't wrap my head around the SSL issues I'm getting. The log errors above can go on indefinitely until I stop Tor.

This is my current torrc:

```

#

# Minimal torrc so tor will work out of the box

#

User tor

PIDFile /var/run/tor/tor.pid

Log notice syslog

#Log info syslog

DataDirectory /var/lib/tor/data

#

# My config

#

SocksPort 0

ORPort 7347

Nickname REDACTED

ContactInfo REDACTED

ExitPolicy reject *:*

ControlPort 9051

CookieAuthentication 1

```

Nickname and ContactInfo fields obviously redacted. As you can see I now opened a random port for ORPort, hoping it would make a difference, also without success. Going back to the error messages above I tried nmap'ing a few of these addresses and their ports, as can be seen in the log, to see if these ports were open. Curious enough they were closed when scanning from my Pi, yet when scanning using my phone over 4G I noticed they were in fact open. I'm now suspecting my ISP does some filtering/censoring and I'm currently trying to work around it. It seems my Pi can connect using Tor bridges as a client, but it appears it is not possible to configure my Tor daemon to connect to other Tor bridges, while simultaneously be configured as a relay, or even a bridge. Or perhaps I'm wrong, and maybe one of you guys have a suggestion?  :Smile: 

Cheers, and apologies for the lengthy post.

----------

