[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-relays] debugging unbound on 'torexit' failing DNS queries (solved)

To: tor-relays@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-relays] debugging unbound on 'torexit' failing DNS queries (solved)
From: Quintin <tor-admin@portaltodark.world>
Date: Wed, 24 Jan 2018 19:07:46 +0000
Delivered-to: archiver@xxxxxxxx
Delivery-date: Wed, 24 Jan 2018 14:08:22 -0500
In-reply-to: <CAHZ_AjvfAwx3CQDF+Z8L719s1c6cx+ABShqG-=fqVCJem7sjjQ@mail.gmail.com>
List-archive: <http://lists.torproject.org/pipermail/tor-relays/>
List-help: <mailto:tor-relays-request@lists.torproject.org?subject=help>
List-id: "support and questions about running Tor relays \(exit, non-exit, bridge\)" <tor-relays.lists.torproject.org>
List-post: <mailto:tor-relays@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=unsubscribe>
References: <6b6c355f-dffb-26eb-5135-814d4a7e3d6e@riseup.net> <CACKQKwOVxc8np+d_CasiRGiRVAcsi2+FP=Yx6BVfOUVaVhSi0g@mail.gmail.com> <8a7ad7ad-cc65-23bf-edce-147306f72c81@riseup.net> <CACKQKwOCfLYpjwQoQ4GgCnoujw4LV4kKeH2gW7Xuj1mitaUxiA@mail.gmail.com> <26092435-5a5e-14df-3b6c-98290b6f280b@riseup.net> <CACKQKwNYi4sFHb=_6qTMDSntSRCm8JGt-kAtHPdgxMeDxbRGqA@mail.gmail.com> <6e3414ab-12ef-20ba-9a79-2579a5285436@riseup.net> <CACKQKwNOeoUgR7DmVmgRgA6hwQu-NP0RQQ2cA2+1sh8NeTaCJg@mail.gmail.com> <6eea237a-07f5-f855-10c5-02f5faaee716@riseup.net> <CACKQKwNu5pTmMpfDOopJRexUF3TszHd779b_mNDQOmC5R6+UFA@mail.gmail.com> <59f08b06-4318-f236-c00f-09dc844a4072@riseup.net> <CAHZ_AjvfAwx3CQDF+Z8L719s1c6cx+ABShqG-=fqVCJem7sjjQ@mail.gmail.com>
Reply-to: tor-relays@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-relays" <tor-relays-bounces@xxxxxxxxxxxxxxxxxxxx>

Seems my VPS got suspended when I increased the connlimit above 10000. Do you think my INPUT filters which use conntrack could have caused this issue?

On Mon, Jan 22, 2018 at 10:55 AM eric gisse <jowr.pi@xxxxxxxxx> wrote:

I can kinda answer that.

I run an exit node that happily does 200-250mbit/s according to
netdata accounting and my monitoring regularly pegs it at nearly 200k
connections. Usually 100-150k.

On Sun, Jan 21, 2018 at 4:06 PM, nusenu <nusenu-lists@xxxxxxxxxx> wrote:
>
>
> Quintin:
>> Ah, thats it. My conntrack entries are full and temporarily increasing it
>> resolves the problem.
>
> I'm glad we found the problem and the solution.
>
> Your exit appears to be offline since 2018-01-20 20:00, expected downtime?
> https://atlas.torproject.org/#details/92E3764D5485DC4AC01178271FB5A8A2D90DA9FF
>
>> What would be a reasonable conntrack limit for a tor exit?
>
> The amount of states depend on your consensus weight (and probably exit policy),
> do you require a stateful packet filter?
>
>
> --
> https://mastodon.social/@nusenu
> twitter: @nusenu_
>
>
> _______________________________________________
> tor-relays mailing list
> tor-relays@xxxxxxxxxxxxxxxxxxxx
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
>
_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

--

0101100101000001010010000101011101000101010010000010000001000010

0100110001000101010100110101001100100000010110010100111101010101

_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Follow-Ups:
- Re: [tor-relays] debugging unbound on 'torexit' failing DNS queries (solved)
  - From: nusenu

References:
- Re: [tor-relays] Assigning BadExit to Exits failing to resolve hostnames starting on 2018-01-15
  - From: nusenu
- [tor-relays] debugging unbound on 'torexit' failing DNS queries
  - From: nusenu
- Re: [tor-relays] debugging unbound on 'torexit' failing DNS queries
  - From: Quintin
- Re: [tor-relays] debugging unbound on 'torexit' failing DNS queries
  - From: nusenu
- Re: [tor-relays] debugging unbound on 'torexit' failing DNS queries
  - From: Quintin
- Re: [tor-relays] debugging unbound on 'torexit' failing DNS queries
  - From: nusenu
- Re: [tor-relays] debugging unbound on 'torexit' failing DNS queries
  - From: Quintin
- Re: [tor-relays] debugging unbound on 'torexit' failing DNS queries (solved)
  - From: nusenu
- Re: [tor-relays] debugging unbound on 'torexit' failing DNS queries (solved)
  - From: eric gisse

Prev by Author: [tor-relays] No graph update for my relay in ATLAS
Next by Author: Re: [tor-relays] debugging unbound on 'torexit' failing DNS queries (solved)
Previous by thread: Re: [tor-relays] debugging unbound on 'torexit' failing DNS queries (solved)
Next by thread: Re: [tor-relays] debugging unbound on 'torexit' failing DNS queries (solved)
Index(es):
- Author
- Thread