Hi,
There are two likely possibilities here:
On 9 Nov 2018, at 06:17, Toralf Förster toralf.foerster@gmx.de wrote:
Signed PGP part On 11/8/18 9:12 PM, nusenu wrote:
2018-11-06 21:00 UTC
are you sure this is UTC?
ick, it was 21:00 CET (the dropdown may even started at 20:00 CET), but obvious it was an hour later
1. If your exit's DNS fails, it will reject all exit requests in its descriptor.
I did not look at the underlying descriptor data but onionoo data suggests that an exit policy change occurred which could have caused the change in connection counts.
indeed, I added networks to the reject lists at that time, but only 2 */8 class A nets - but will check ofc.
2. If you reject enough IP addresses in your exit policy:
If your exit blocks enough /8 networks, then its exit policy summary becomes reject all.
If the exit policy summary is too long, then it is truncated to a list of accept ports. (That doesn't seem to have happened here.)
Separately, if your exit doesn't exit to at least one /8 on ports 80 and 443, it loses the Exit flag: https://gitweb.torproject.org/torspec.git/tree/dir-spec.txt#n2531
I'm still surprised that you do not have more connections since even non-exits have more than 1k concurrent connections unless you are talking about specific connections only?
I can try to check with "ExitRelay 0" - currently I downgraded to 0.3.4.9 to check that version.
T