[tor-relays] Reducing Exit Node Connections

[Maarten]

Hi Colin,

On a €3,- VPS I got conntrack errors in my syslog, as it had not enough
resources to track all connections.

So I configured a stateless firewall to no longer have to track the
connections.
Now it seems to be running fine. I got my burst limit on 1Gbps and de
default rate on 0.5Gbps. I have not set a monthly max.

A good place to get started on configuring a stateless firewall is the
arch wiki about tor: https://wiki.archlinux.org/index.php/Tor#iptables

Enjoy,

Maarten


Colin wrote on 13-04-17 21:54:
> Hello all,
> 
> I'm having difficulties running exit nodes on VPS provided by Pulse
> Servers.
> 
> Conntrack shows the number of connections climbing to 30,000 and this is
> untenable (at least for the cheap vps from this provider).
> 
> I have tried MaxAdvertisedBandwidth at many settings with the same
> results, number of connections eventually climbs to around 30k.
> 
> I'm interested in input regarding:
> 
> * is it possible to reduce the number of connections, how does one
> achieve this?
> * given I have no other points of reference, is 30k connections on a
> typical low-cost VPS unreasonable?
> * anything else I should be considering?
> 
> Thanks all.
> -- 
> Colin
> 
> 
> _______________________________________________
> tor-relays mailing list
> tor-relays at lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
> 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: tBKwtWS.vcf
Type: text/x-vcard
Size: 110 bytes
Desc: not available
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20170418/8d9d9089/attachment.vcf>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20170418/8d9d9089/attachment.sig>