sys-whonix, whonix workstation, TOR, AppVMs connected to sys-whonix - How all these work?

Qubes-Whonix
1

Hey people,

I use Qubes for some time and so sys-whonix, whonix workstation and AppVMs connected to sys-whonix.
(AppVMs - VMs created in Qubes using Debian template)

I am trying to understand how all these work because I couldn’t find an architecture.

What I want to achieve is to control the exits because I use also VPN and when I have far exits the connection is slow. So I want to control the exit nodes and set some closer countries. I suppose I need to control also the entry countries to help at speed, otherwise the exit nodes setup is in vain.

  • at sys-whonix level TOR circuit is established
  • at whonix workstation or AppVMs level:
    – in CLI it will be used the TOR circuit set by sys-whonix?
    – in Firefox browser it will be used the TOR circuit set by sys-whonix?
    – in TOR browser it will be set a new (and different) TOR circuit on top of the sys-whonix TOR circuit (already established?). How the traffic goes?

I tried to setup some exit nodes to test and nothing made sense.
I really need your help on this matter.

Thank you for your time.

2

By Whonix default, there is no Tor running inside Whonix-Workstation.
(anon-ws-disable-stacked-tor)

The only place where Tor is running is on Whonix-Gateway.

Users can edit Tor configuration as per:
Edit Tor Configuration

Advanced Tor configuration options are unspecific to Whonix.

These can be researched as per:

In other words:

  1. Imagine you have not heard about Whonix yet.
  2. Use Tor on Debian.
  3. Learn how to configure Tor in the the way you want without involving Whonix.
  4. Now you can re-apply the same knowledge to Whonix by editing its Tor configuration.

related:
How do I Change Other Tor Settings?