[tor-relays] Limiting connection count

teor teor2345 at gmail.com
Sat Feb 3 11:38:38 UTC 2018


> On 3 Feb 2018, at 22:33, Moritz Kammerer <kammerer.moritz at gmail.com> wrote:
> 
> Hi,
> 
> I'm running a Tor relay on a Raspberry 2 behind a router using port
> forward. Relay bandwidth is set to 1 MByte / second. Tor is accepting so
> many connections that my Raspi can't keep up and my router is getting
> very slow (I assume because of a crappy NAT implementation). Bandwidth
> is not an issue, its the open connection count.

There is some extra client load on the network.
This means that most relays are connecting to every other relay.

> Is there a way to limit the maximum number of connections? I tried to
> apply a ulimit on open files via systemd, but Tor is then showing a warning.

systemd Limit NOFILE is a supported way to adjust Tor's file descriptor limit.

What was the limit? 1000?
What was the warning?

> At the moment I run a iptables rule which restricts the connection count
> to port 9001 (OR port) to 1000. But I'm not sure how this will affect
> the relay, for example Tor Metrics is showing the relay as offline.

If the warning said something like:
"You need to have at least 6000 file descriptors to be a good relay"
then what it said was true. Each relay needs to be able to connect to
every other relay.

If other relays can't connect to your relay, it will be marked as down.

Try running a bridge, or getting a better NAT box.

T



More information about the tor-relays mailing list