Re: [tor-relays] # of connections of a exit relay dropped down by about 90% exactly after 1 month after installation time

On 11/9/18 12:43 AM, teor wrote:

2. If you reject enough IP addresses in your exit policy:

If your exit blocks enough /8 networks, then its exit policy summary becomes reject all.

If the exit policy summary is too long, then it is truncated to a list of accept ports. (That doesn't seem to have happened here.)

Separately, if your exit doesn't exit to at least one /8 on ports 80 and 443, it loses the Exit flag: https://gitweb.torproject.org/torspec.git/tree/dir-spec.txt#n2531

I run the relays as non-exits over night, kicked off a bunch of rather rarely used ports together with few */8 networks today morning and restarted both - the issue is now gone here AFACT.

Thx for the hints (I'm still watching the DNSSEC traffic here).