[tor-relays] Number of connections on dir port

teor teor2345 at gmail.com
Mon Jun 25 03:33:29 UTC 2018 


> On 28 May 2018, at 00:04, Logforme <m7527 at abc.se> wrote:
> 
> After reading this post https://lists.torproject.org/pipermail/tor-relays/2018-May/015277.html I started looking into what is happening on the dir port on my relay (855BC2DABE24C861CD887DB9B2E950424B49FC34)
> 
> The bandwidth ratio of dir/or traffic is around 3% to 4%. Not excessive according to the linked post.
> 
> Looking at the conntrack table I see many IP addresses (usually from Ukraine or Russia) with 100+ connections. Atm there are around 10 IP addresses with 100+ connections and around 30 with 10+ connections. None of the IP addresses I've looked at are Tor relays.
> 
> Some questions:
> Is this expected behaviour against on a fallbackdir flagged relay?

I don't think this has anything to do with your relay being a fallback
directory mirror.

It's more likely that there are lots of old (<0.2.8) clients or unpublished
relays on those IP addresses.

> Does the DoS prevention implemented recently address abuse against the dir port?

I don't think so, but I have CC'd the author of that patch to confirm.

> I read that newer Tor clients don't use the dir port. Correct?

Tor 0.2.9 and later never use DirPorts.
Tor 0.2.7? and later avoid using DirPorts.

> Do Tor relays use the dir port?

Yes.

> Can I remove the dir port from my relay without reducing my relays usability to the network?

If your relay has limited resources, you should disable your DirPort.
Clients will still use your relay as a directory mirror via the ORPort.

Your relay will keep being a useful fallback until the next fallback
rebuild later in 2018. (The fallback script needs DirPorts to check if
relays are working.)

T

--
teor

PGP C855 6CED 5D90 A0C5 29F6 4D43 450C BA7F 968F 094B
ricochet:ekmygaiu4rzgsk6n
------------------------------------------------------------------------

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: Message signed with OpenPGP
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20180625/71631e62/attachment-0001.sig>

More information about the tor-relays mailing list