On 26 Oct 2017, at 09:06, Paul Templeton paul@coffswifi.net wrote:
What do you mean when you write "Black Holed" ? Are you referring to
large sites online automatically blocking users, or your traffic being shut down by your provider?
Yes and no - The carrier is doing it - so no traffic can get through to the providers system (My node- even me). It's automated and can be initiated by any entity using the carriers infrastructure.
It's a simple Null Route - Someone is proberble oing a massive DDos...
I run one exit with exit traffic on a separate IP, and every week it gets a DoS attack from somewhere. My provider sends me an email when the DoS starts and ends. (Apparently someone thought it sensible to respond to some connections with a DoS, which is silly in a world with proxies.)
The attacks generally only last ~15 minutes. How long is your relay blackholed for?
You could: * use OutboundBindAddressExit to have your exit connections originate from another IP address * use a more responsive carrier, or one with better blackhole timeouts, if that is an option
Eventually, we'd like to add an option to tor to split exit traffic over multiple IP addresses. If your provider only null routes a single IP address, that would help mitigate this issue. And save you setting up multiple relays.
T