Thanks for the clarification. The Tor community page makes two separate points about Hetzner (https://community.torproject.org/relay/community-resources/good-bad-isps/ ): “These hosts already have many Tor nodes being hosted there.” and later notes that: “It is not a problem, however, abuse reports can lead to a server lock.” The second point is what I was referring to. Temporary relay unreachability due to outages is expected behavior, and Tor guidance discourages relay-to-relay blocking. Best, Tor at 1AEO On Saturday, January 3rd, 2026 at 11:23 PM, Ralph Seichter via tor-relays <tor-relays@xxxxxxxxxxxxxxxxxxxx> wrote: > > > * Tor at 1AEO via tor-relays: > > > A few clarifications, grounded in Tor Project guidance: [...] > > > > - Tor’s community resources note that relay operators should “try to > > avoid the following hosters,” listing Hetzner, based on documented > > operational friction reported by relay operators > > https://community.torproject.org/relay/community-resources/good-bad-isps/ > > > That's misleading at best. The reason Hetzner is named as one of a few > ISPs to possibly avoid, and which you chose not to quote, is this: > > For network diversity and stronger anonymity, you should avoid > providers and countries that already attract a lot of Tor capacity. > [...] These hosts already have many Tor nodes being hosted there. > > I have hosted Tor relays on Hetzner for many years, am still doing so > now, and I did not experience "operational friction". On the contrary. > Hetzner are in fact Tor-friendly. Even their legal department told me > that running Tor nodes is fine as long as they don't negatively impact > Hetzner's infrastructure. > > The main problem is that >100 IPv4 addresses in your single /24 network > > have been unreachable several times during 2025. Hetzner's automated > tools interpret connection attempts to so many hosts in a /24 in a short > timeframe (originating from a given Hetzner based Tor node) as a possible > network scan, which is fair enough. That's just erring on the side of > caution, and they are notifying their own customers of a non-standard > traffic pattern. > > I am positive that if you split your nodes across a more varied IPv4 > address space, false alerts could be mitigated. I do appreciate what you > do for the Tor network, but please don't attempt to throw shade on > Hetzner. They are simply trying to run a responsible hosting business. > > -Ralph > _______________________________________________ > tor-relays mailing list -- tor-relays@xxxxxxxxxxxxxxxxxxxx > To unsubscribe send an email to tor-relays-leave@xxxxxxxxxxxxxxxxxxxx
Attachment:
publickey - tor@1aeo.com - 0x9288289B.asc
Description: application/pgp-keys
Attachment:
signature.asc
Description: OpenPGP digital signature
_______________________________________________ tor-relays mailing list -- tor-relays@xxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to tor-relays-leave@xxxxxxxxxxxxxxxxxxxx