Logforme:
On 2022-07-06 21:19, Roger Dingledine wrote:
But it was replaced with a new overload (boo), from way too many Tor clients running at a few cloud providers. The main result for relay operators is greatly increased file descriptor use, with a few IP addresses or /24's generating the majority of the new connections.
If your relay is bumping up against its file descriptor limits, or otherwise suffering (e.g. more memory usage than desired), one reasonable option for you might be to set some iptables-level connection limiting. More details in this ticket: https://gitlab.torproject.org/tpo/core/tor/-/issues/40636#note_2818529
I'm running the small non-exit 8F6A78B1EA917F2BF221E87D14361C050A70CCC3.
Since mid-may the relay has been under heavy load. I had to limit my bandwidth using "RelayBandwidthRate" in torrc to about 90% of my real BW to be able to use internet for myself. This solved my laggy internet.
Since the 2nd of July the number of (non torrelay) tor connections to my relay skyrocketed from about 3500 to 20000. A week ago I implemented connection limits per Toralf's post: iptables -A INPUT -p tcp --destination-port 443 -m connlimit --connlimit-mask 32 --connlimit-above 30 -j DROP This reduced the number of connections to about 10000.
I just now noticed that the relay is flagged as overloaded. What to do? Decrease the connection limit from 32 to .. what? Decrease my RelayBandwidthRate even more? Seems like giving in to the DoSer.
Seems the overload on your relay is gone again? We've seen a large spike in overloaded relays on the weekend but so far our indicators show this has been a temporary issue and not sustained overload.
Georg
[snip]