Hi, There are two likely possibilities here: > On 9 Nov 2018, at 06:17, Toralf Förster <toralf.foerster@xxxxxx> wrote: > > Signed PGP part > On 11/8/18 9:12 PM, nusenu wrote: >>> 2018-11-06 21:00 UTC >> are you sure this is UTC? >> > ick, it was 21:00 CET (the dropdown may even started at 20:00 CET), but obvious it was an hour later 1. If your exit's DNS fails, it will reject all exit requests in its descriptor. >> I did not look at the underlying descriptor data but onionoo data suggests that >> an exit policy change occurred which could have caused the change in connection counts. > > indeed, I added networks to the reject lists at that time, but only 2 */8 class A nets - but will check ofc. 2. If you reject enough IP addresses in your exit policy: If your exit blocks enough /8 networks, then its exit policy summary becomes reject all. If the exit policy summary is too long, then it is truncated to a list of accept ports. (That doesn't seem to have happened here.) Separately, if your exit doesn't exit to at least one /8 on ports 80 and 443, it loses the Exit flag: https://gitweb.torproject.org/torspec.git/tree/dir-spec.txt#n2531 >> I'm still surprised that you do not have more connections since >> even non-exits have more than 1k concurrent connections unless you are talking >> about specific connections only? > > I can try to check with "ExitRelay 0" - currently I downgraded to 0.3.4.9 to check that version. T
Attachment:
signature.asc
Description: Message signed with OpenPGP
_______________________________________________ tor-relays mailing list tor-relays@xxxxxxxxxxxxxxxxxxxx https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays