<div dir="ltr">Seems my VPS got suspended when I increased the connlimit above 10000. Do you think my INPUT filters which use conntrack could have caused this issue?<div><br></div></div><br><div class="gmail_quote"><div dir="ltr">On Mon, Jan 22, 2018 at 10:55 AM eric gisse <<a href="mailto:jowr.pi@gmail.com">jowr.pi@gmail.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">I can kinda answer that.<br>
<br>
I run an exit node that happily does 200-250mbit/s according to<br>
netdata accounting and my monitoring regularly pegs it at nearly 200k<br>
connections. Usually 100-150k.<br>
<br>
On Sun, Jan 21, 2018 at 4:06 PM, nusenu <<a href="mailto:nusenu-lists@riseup.net" target="_blank">nusenu-lists@riseup.net</a>> wrote:<br>
><br>
><br>
> Quintin:<br>
>> Ah, thats it. My conntrack entries are full and temporarily increasing it<br>
>> resolves the problem.<br>
><br>
> I'm glad we found the problem and the solution.<br>
><br>
> Your exit appears to be offline since 2018-01-20 20:00, expected downtime?<br>
> <a href="https://atlas.torproject.org/#details/92E3764D5485DC4AC01178271FB5A8A2D90DA9FF" rel="noreferrer" target="_blank">https://atlas.torproject.org/#details/92E3764D5485DC4AC01178271FB5A8A2D90DA9FF</a><br>
><br>
>> What would be a reasonable conntrack limit for a tor exit?<br>
><br>
> The amount of states depend on your consensus weight (and probably exit policy),<br>
> do you require a stateful packet filter?<br>
><br>
><br>
> --<br>
> <a href="https://mastodon.social/@nusenu" rel="noreferrer" target="_blank">https://mastodon.social/@nusenu</a><br>
> twitter: @nusenu_<br>
><br>
><br>
> _______________________________________________<br>
> tor-relays mailing list<br>
> <a href="mailto:tor-relays@lists.torproject.org" target="_blank">tor-relays@lists.torproject.org</a><br>
> <a href="https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays" rel="noreferrer" target="_blank">https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays</a><br>
><br>
_______________________________________________<br>
tor-relays mailing list<br>
<a href="mailto:tor-relays@lists.torproject.org" target="_blank">tor-relays@lists.torproject.org</a><br>
<a href="https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays" rel="noreferrer" target="_blank">https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays</a><br>
</blockquote></div><br clear="all"><br>-- <br><div dir="ltr" class="gmail_signature" data-smartmail="gmail_signature"><div dir="ltr"><div><font color="#000000" face="monospace"><span style="font-size:10.5625px">0101100101000001010010000101011101000101010010000010000001000010</span></font></div><div><font color="#000000" face="monospace"><span style="font-size:10.5625px">0100110001000101010100110101001100100000010110010100111101010101</span></font></div></div></div>