[tor-relays] Bridge clients don't *really* update dynamic bridge IPs from fingerprints?

[Rick Huebner]

It may be partially related, in that I've seen it take weeks to 
gradually gain a new set of clients after an IP change, which is why I 
think it's so important to not be abandoning all your clients each time 
but instead let them update their bridge entries to your new address. If 
you've been up for 2 months and changed your IP in the middle, you 
probably cut off and abandoned all your clients after a month just when 
you were starting to get somewhat known, and had to start over from 
scratch and are just now beginning to build up a fresh client list 
again. If you typically get a new IP address every month, you may never 
be able to build up enough clients to see much traffic with the way 
things currently seem to work.

And of course there's a large random factor in just which clients you 
end up being handed out to. If you end up with mostly just people doing 
a little web email once in a while,  they won't add up to much traffic. 
I like to watch my bridge's status page on globe.torproject.org to see 
the traffic history and number of connected clients history graphs, and 
also the Vidalia "Who has used my bridge?" status (or the bridge-stats 
file in your bridge's data directory) to get more detailed feedback than 
just the total bandwidth used.

But another issue may be the random luck of the draw of which bridge 
assignment pool you end up being placed in. As I understand it, to make 
it harder for threats to find all the bridges and censor them, the 
bridges are partitioned off into pools which are only assigned to 
limited subsets of clients via particular distribution methods and 
client IP address ranges, so that no threat source can find out about 
bridges outside of the pool they're allowed to pull from. So if your 
bridge ends up placed in a pool that just doesn't have many clients 
using it, your info will be handed out that much less often. In the 
worst case (from the bridge provider's point of view anyway), I believe 
some bridges are simply held in reserve for emergency use, such as when 
a common obfuscation plugin becomes censored, so that there's a ready 
supply of previously unused and therefore uncensored bridges to hand out 
once Tor figures out how to avoid the new attack method. That's good for 
the network of course, but I'm afraid it's not very satisfying for the 
eager bridge provider who's basically left on the bench as a backup in 
case a first string player gets injured. I suspect there's a lot of 
churn in that pool as people feel useless and quit bothering to provide 
the unused bridge. For what it's worth, the globe status page will also 
show you what pool your bridge has been placed in, which may help 
reassure (or confirm :( ) that worry.