[tor-relays] exit policy and IPv6

livak livak at protonmail.com
Tue Sep 18 08:46:29 UTC 2018 

Thanks teor,

> Your relay's IPv6 Exit policy is:
> reject 1-65535
> Which is the port summary for:
> reject *6:*

IPv6 is now enabled on the exit relay and its exit policy updated.

I set the maximum open descriptors to 10,000 with

ulimit -n 10000

Are there any other system limits I should consider ?

Livak

Sent with [ProtonMail](https://protonmail.com) Secure Email.

‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐
On Monday, September 17, 2018 3:51 PM, teor <teor at riseup.net> wrote:

> On 17 Sep 2018, at 23:44, livak <livak at protonmail.com> wrote:
>
>> Thanks nusenu,
>>
>> The relay is configured with the exit reduced policy.
>> The ORPort is 443 and the DirPort is 80.
>>
>> Since exit policy uses "*" as the IP address, IPv6 should be
>> allowed.
>
> Your relay's IPv6 Exit policy is:
> reject 1-65535
> Which is the port summary for:
> reject *6:*
>
> You need to set IPv6Exit 1 to exit via IPv6.
> (The default is 0.)
> https://www.torproject.org/docs/tor-manual.html.en
>
> If you want your relay to accept client connections via IPv6,
> you also need to set:
>
> ORPort [Your IPv6 Address]:Port
>
> For example:
>
> ORPort [2001:610:510:115:192:42:115:102]:9004
>
> You need to add the IPv6 ORPort to your existing IPv4 ORPort,
> which looks like:
>
> Address 192.42.115.102
> ORPort 192.42.115.102:9004
>
>> Does "nyx" does nyx deal with IPv6 ?
>
> nyx is a relay monitor.
> It will tell you if your relay uses IPv6.
> But it doesn't configure your relay for you.
>
> On 18 Sep 2018, at 00:00, Kyle Levy <levyrkyle at gmail.com> wrote:
>
>> I used the script from:
>> https://github.com/mricon/tor-relay-bootstrap-rpi/blob/master/README.md
>> to set it up initially, which, after enabling upnp, seemed to work perfectly. Then, at some point in the middle of the night it went offline. Could it be a problem with my ISP?
>
> Possibly. But it's more likely a problem with your upnp or router connection limits.
>
> Our experience is that upnp is unreliable. You're better to configure a port mapping
> manually on your router.
>
> Tor relays need about 7000 connections to work, more for exits. Many home routers
> work badly when they have over 1000 connections.
>
>> I thought nyx was for more recent versions of TOR. I had been using ARM to monitor it.
>
> nyx works with all supported versions of Tor (0.2.9 and later).
>
> arm is no longer supported.
>
> T
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20180918/a9ad6099/attachment-0001.html>

More information about the tor-relays mailing list