[tor-relays] Limiting connection count
Moritz Kammerer
kammerer.moritz at gmail.com
Sat Feb 3 11:49:54 UTC 2018
Thanks for clarification. I will try LimitNOFILE = 6000. If that crashes
my NAT box, I'm going to run a bridge.
Am 03.02.2018 um 12:38 schrieb teor:
>
>> On 3 Feb 2018, at 22:33, Moritz Kammerer <kammerer.moritz at gmail.com> wrote:
>>
>> Hi,
>>
>> I'm running a Tor relay on a Raspberry 2 behind a router using port
>> forward. Relay bandwidth is set to 1 MByte / second. Tor is accepting so
>> many connections that my Raspi can't keep up and my router is getting
>> very slow (I assume because of a crappy NAT implementation). Bandwidth
>> is not an issue, its the open connection count.
>
> There is some extra client load on the network.
> This means that most relays are connecting to every other relay.
>
>> Is there a way to limit the maximum number of connections? I tried to
>> apply a ulimit on open files via systemd, but Tor is then showing a warning.
>
> systemd Limit NOFILE is a supported way to adjust Tor's file descriptor limit.
>
> What was the limit? 1000?
> What was the warning?
>
>> At the moment I run a iptables rule which restricts the connection count
>> to port 9001 (OR port) to 1000. But I'm not sure how this will affect
>> the relay, for example Tor Metrics is showing the relay as offline.
>
> If the warning said something like:
> "You need to have at least 6000 file descriptors to be a good relay"
> then what it said was true. Each relay needs to be able to connect to
> every other relay.
>
> If other relays can't connect to your relay, it will be marked as down.
>
> Try running a bridge, or getting a better NAT box.
>
> T
>
> _______________________________________________
> tor-relays mailing list
> tor-relays at lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
>
More information about the tor-relays
mailing list