Relays intending to act as Guards choose port 443 because it (and 80) are usually reachable in the tightest of network security situations (where traffic destined for most all other ports is blocked at the gateway/firewall.) At least that's my reasoning for it.
On Wed, Jun 20, 2018 at 11:16 AM nusenu nusenu-lists@riseup.net wrote:
Yes DirPort does not speak TLS, but since 443 is also best used for ORPort (because it is often one of the ports that are allowed to
pass
through firewalls)
- https is not possible on the same IP (when already used by the
ORPort).
Well... that's kind of a hack to handle ORPort going through in various hosting scenarios.
The ORPort selection is primarily important for the client -> guard connection. For relay <> relay connections firewalls shouldn't matter (that much)
I don't know what ORPort most relays use (I guess I can get that from onionoo to some degree) but I do want to hope they are not all riding 443 (I know I don't use 443 for my ORPort on both relays).
Top 20 ORPorts by relay count:
+---------+----------+ | or_port | #relays | +---------+----------+ | 9001 | 3289 | | 443 | 2080 | | 9002 | 67 | | 80 | 62 | | 8443 | 53 | | 8080 | 52 | | 9090 | 35 | | 9100 | 31 | | 110 | 30 | | 444 | 29 | | 21093 | 26 | | 9000 | 22 | | 993 | 22 | | 9003 | 21 | | 21 | 18 | | 9010 | 15 | | 20 | 14 | | 22 | 14 | | 143 | 14 | | 19001 | 13 | +---------+----------+
-- https://twitter.com/nusenu_ https://mastodon.social/@nusenu
tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays