[tor-relays] # of connections of a exit relay dropped down by about 90% exactly after 1 month after installation time
Toralf Förster
toralf.foerster at gmx.de
Fri Nov 9 10:55:07 UTC 2018
On 11/9/18 12:43 AM, teor wrote:
> 2. If you reject enough IP addresses in your exit policy:
>
> If your exit blocks enough /8 networks, then its exit policy summary becomes
> reject all.
>
> If the exit policy summary is too long, then it is truncated to a list of
> accept ports. (That doesn't seem to have happened here.)
>
> Separately, if your exit doesn't exit to at least one /8 on ports 80 and 443,
> it loses the Exit flag:
> https://gitweb.torproject.org/torspec.git/tree/dir-spec.txt#n2531
I run the relays as non-exits over night, kicked off a bunch of rather rarely used ports together with few */8 networks today morning and restarted both - the issue is now gone here AFACT.
Thx for the hints (I'm still watching the DNSSEC traffic here).
--
Toralf
PGP C4EACDDE 0076E94E
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 228 bytes
Desc: OpenPGP digital signature
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20181109/98d67f57/attachment.sig>
More information about the tor-relays
mailing list