Tor relay status flags and what they mean - shown in detail

The Tor network, known for its ability to enable anonymous communication on the Internet, consists of a series of relays that work together to provide users with secure and private connections. Each relay in the Tor network can be characterised by a set of status flags that provide information about its properties and performance. These status flags, which are detailed on the metrics.torproject.org website, are essential for managing and improving the network. This report explains the most important status flags to provide a better understanding of their meaning and role in the Tor network.


There are several status flags in the Tor network that provide information about the characteristics and quality of a relay. The "Fast" status flag is one of them. It is assigned to relays that offer high bandwidth and good network connectivity. In detail, this means

### Meaning of the Fast flag

1. **High bandwidth: A relay with the fast flag has above-average bandwidth compared to other relays in the Tor network. This means it can efficiently relay a large amount of data.
   
2 **Good network connectivity**: In addition to high bandwidth, the relay must also have a stable and reliable network connection. This helps to ensure that the relay can maintain a high data transfer rate.

3 **Selection criterion**: The "Fast" flag is one of the criteria taken into account when setting up Tor routes. Relays with this flag are preferred for data connections that require high speed and reliability.

### Benefits to the Tor network

- Improved performance: By using fast relays, the Tor network can ensure faster and more stable connections for users.
- Efficient resource utilisation: By prioritising faster relays, the network can operate more efficiently by routing data through more powerful nodes.

### Technical details

- Measurement and Evaluation: The bandwidth and network quality of a relay is determined by regular measurements and evaluations by the Tor network. Relays that show consistently high performance over a period of time will be flagged as "fast".
- Dynamic assignment: The Fast flag is not permanent and may change if the relay's performance deteriorates or other relays perform better.

In summary, the "Fast" flag on a Tor relay means that this relay provides above-average bandwidth and stable network connections, making it a preferred choice for fast and reliable data connections on the Tor network.


The "Guard" flag plays a crucial role in the Tor network. Relays that receive this flag serve as entry nodes into the Tor network, and are responsible for providing the first point of contact for users connecting to Tor. Here is a detailed explanation of what the guard flag means:

### Meaning of the guard flag

1. **Entry node**: Relays with the guard flag act as entry nodes for users connecting to the Tor network. This means that they are the first relay through which a user's data flows before it is forwarded to other nodes in the network.

2. **Selection criterion**: A relay receives the "Guard" flag if it meets certain criteria that ensure it is trustworthy, stable, and performs well. These criteria include high availability, good bandwidth and a stable network connection over a long period of time.

3 **Security and anonymity**: The use of guard relays increases user security and anonymity. By using only a limited number of relays as ingress and egress nodes, the risk of an attacker controlling both the ingress and egress nodes and de-anonymising traffic is reduced.

### Benefits for the Tor network

- Stability**: Guard relays provide a stable and reliable connection for users because they are carefully selected and must provide consistent performance.
- Security barrier: Guard relays provide an important security barrier, handling the first step of data transmission on the Tor network and protecting users' identities from the rest of the network.
- Long-term use: Users typically keep the same relays for an extended period of time (typically several months), reducing the likelihood that attackers can access traffic through a variety of different relays.

### Technical details

- Selection process: The selection process for Guard relays is based on algorithms that take into account factors such as bandwidth, uptime and reliability. Only relays that consistently meet these criteria over time are selected as Guard relays.
- Rolling selection: Although users tend to keep their guard relays for longer periods of time, they are periodically re-evaluated to ensure that the relays still meet the requirements. If a guard relay no longer meets the criteria, it is replaced with a new one.

In summary, the "Guard" flag on a Tor relay means that this relay serves as a secure and stable entry node that is the first point of contact for users with the Tor network, and thus plays an essential role in the security and stability of the network.


The "HSDir" flag in the Tor network stands for "Hidden Service Directory". This flag is assigned to relays that have a special role in managing and providing hidden services on the Tor network. Here is a detailed explanation of what the HSDir flag means:

### Meaning of the HSDir flag

1. **Hidden service directories: Relays with the HSDir flag act as directory nodes for hidden services on the Tor network. These services allow users to host websites and other online services without revealing their IP addresses, providing a high degree of anonymity.

2 **Publish and store**: When a hidden service is set up, it publishes its "descriptors," which contain information about how to reach the service. These descriptors are stored on multiple HSDir relays so that users can find and access the hidden services.

3 **Availability and redundancy**: Storing the descriptors on multiple HSDir relays ensures that the hidden service information is redundant and available even if some relays go offline. This increases the reliability and availability of hidden services.

### Benefits for the Tor network

- Anonymity for operators and users**: Hidden services allow operators to host their services anonymously, while users can access these services without revealing the identity of the operators or their own.
- Reliable Accessibility: Distributing descriptors across multiple HSDir relays ensures that information about hidden services remains available even if some relays fail.
- Decentralisation: The HSDir system contributes to the decentralisation of the Tor network because there are no central servers to manage hidden services. Instead, information is distributed across many different relays.

### Technical details

- HSDir flag criteria**: A relay must meet certain criteria to receive the HSDir flag. These include stable uptime, sufficient bandwidth and a minimum uptime (typically 96 hours) before receiving the flag.
- Storage of descriptors**: When a relay receives the HSDir flag, it is added to the list of nodes that store hidden service descriptors. These descriptors contain information such as the onion address of the service and the details required to reach the service.
- Accessing Hidden Services**: When a user wants to access a hidden service, their Tor client contacts multiple HSDir relays to obtain the necessary descriptors and connect to the hidden service.

In summary, the HSDir flag on a Tor relay means that this relay acts as a directory node for hidden services. It stores and manages the descriptors needed to locate and access these services on the Tor network, contributing to increased anonymity, availability, and decentralisation.



The "running" flag in the Tor network is one of the basic status flags that indicate whether a Tor relay is up and running. Here is a detailed explanation of what the running flag means:

### Meaning of the running flag

1. **Active operation**: A relay with the Running flag is currently active and ready for operation. This means that it has been successfully integrated into the Tor network and is ready to forward traffic.

2 **Network connection**: The relay has a working and stable network connection. It is responding to connection requests and can forward packets between other relays and end users.

3. **Reliability: Relays with the Running flag are considered reliable enough to be part of the active network. This means that they are checked periodically to ensure that they are available and functional.

### Technical details

- Heartbeat messages**: Tor relays send regular "heartbeat" messages to the Tor directory to indicate that they are active and working. When a relay stops sending these messages, it loses its running flag.
- Directory servers: The directory servers on the Tor network monitor the status of all relays. A relay receives a running flag when the directory servers confirm that it is running properly and responding to requests.
- Dynamic update: The running flag is dynamic and can change. If a relay goes offline temporarily or stops working properly, it will lose the flag. Once it is back online and operational, it can regain the flag.

### Benefits to the Tor network

- Availability: The running flag contributes to the overall availability and stability of the Tor network. It ensures that only active and functioning relays are included in the traffic.
- Efficient forwarding: Using relays with the running flag allows the Tor network to operate more efficiently by routing data only through functioning relays.
- Network security: By considering only running relays as part of the network, the Tor network can provide greater security and reliability.

### Summary

The "running" flag on a Tor relay indicates that the relay is currently active, operational, and capable of forwarding traffic on the Tor network. This flag is assigned by the directory servers based on the relay's current operability and network availability, and ensures that only functioning relays are part of the active network.



The "stable" flag in the Tor network is an indicator of a relay's reliability and availability over time. Here is a detailed explanation of what the stable flag means:

### Meaning of the stable flag

1. **Long term availability**: A relay with the Stable flag has shown that it is constantly online and available over a long period of time. This means that the relay has a high uptime and rarely goes offline.

2 **Reliability**: The Stable flag is assigned to relays that are considered to be particularly reliable. These relays have demonstrated consistent performance and minimal downtime.

3. **Continuous monitoring: The Tor network continuously monitors relay availability and performance. Relays that perform consistently well over an extended period of time are flagged as "stable".

### Stable flag criteria

- Long operating time**: The relay must have maintained high uptime over a significant period of time. A relay that frequently fails or goes offline would not receive this flag.
- Constant power**: In addition to the uptime, the constant power of the relay is also taken into account. A relay must always be able to forward traffic efficiently.
- Low failure rate**: Relays with the stable flag have a low failure rate. This means that they rarely go offline unexpectedly, ensuring high availability.

### Benefits to the Tor network

- Increased reliability: Stable relays contribute to the reliability of the entire network by providing a constant and stable connection.
- Improved network performance: The use of stable relays improves the overall performance of the network as these relays are less likely to fail, allowing continuous data transmission.
- Trust and security: Users and other relays can rely on resilient relays, increasing trust in the network infrastructure and improving security.

### Technical details

- Long-term monitoring: The Tor network's directory servers monitor relays over long periods of time. Relays that are consistently available for weeks or months are considered stable.
- Automatic assignment: The stable flag is automatically assigned by the Tor network's algorithms, based on measured performance and availability data.
- Dynamic update: As with other flags, a relay's status may change. If a previously stable relay goes offline more often, or becomes unreliable, it may lose its stable flag.

### Summary

The Stable flag on a Tor relay indicates that this relay has maintained a high level of reliability and availability over an extended period of time. Relays with this flag are particularly important for the stability and performance of the Tor network, as they ensure continuous and reliable forwarding.


The V2Dir flag in the Tor network stands for Version 2 Directory. This flag identifies relays that act as directory servers in the Tor network and are specifically responsible for providing version 2 directory information. Here is a detailed explanation of what the V2Dir flag means:

### Meaning of the V2Dir flag

1. **Directory server function**: Relays with the V2Dir flag act as directory servers, providing information about other relays in the Tor network. This information is essential to the functioning of the network, as it allows users and other relays to understand and use the current structure of the network.

2 **Version 2 directory protocol**: The "V2Dir" flag refers specifically to support for the Version 2 directory protocol. This protocol was once widely used, but has been replaced by newer versions (notably version 3). However, the V2Dir flag may still be relevant in older installations or for historical purposes.

3 **Providing Router Information**: Relays with the V2Dir flag provide router information, which includes details of the properties, capabilities and status of other relays on the network. This information is useful when planning routes and selecting relays to connect to.

### Technical details

- Criteria for the V2Dir flag**: A relay must meet certain requirements in order to function as a directory server with the "V2Dir" flag. These include stable uptime, sufficient bandwidth and the ability to manage and provide up-to-date directory information.
- Directory Documents: The directory servers provide documents known as "Network Status" and "Router Descriptors". These documents contain information about the availability and characteristics of the relays in the network.
- Update and Distribution: Directory servers regularly update their information and distribute it to other relays and users on the network. These updates are critical to reflect the current network topology and relay status.

### Benefits to the Tor network

- Network transparency: The V2Dir flag allows relays to contribute to network transparency by providing important information about the structure and status of the network.
- Ease of connection: By providing directory information, these relays help users and other relays to establish efficient and secure connections on the network.
- Historical relevance: Although the Version 2 directory protocol has been superseded by newer versions, the "V2Dir" flag may still be relevant in certain contexts and for historical research.

### Summary

The V2Dir flag on a Tor relay identifies relays that act as directory servers, providing information about the network topology and properties of other relays in the Tor network. These relays specifically support the version 2 directory protocol, although newer versions are now more commonly used. V2Dir relays contribute to the transparency, efficiency, and functionality of the Tor network.