(FWD) ORPort Unreachable Warning & NMAP Invisibility

[Roger Dingledine <arma@xxxxxxx>]

[Forwarding because Robin isn't subscribed from this address. okapi Tor
server has not published its descriptor yet, because it doesn't think
that it's reachable. This isn't a spurious warning -- your second point
below indicates some sort of firewalling still in place? -RD]

----- Forwarded message from owner-or-talk@xxxxxxxxxxxxx -----

Date: Sat, 25 Jun 2005 12:32:16 -0700 (PDT)
Subject: ORPort Unreachable Warning & NMAP Invisibility
From: "Robin Felix" <tor@xxxxxxxxx>
To: or-talk@xxxxxxxxxxxxx

After besting a SPARC 10 in an Aurora LINUX wrestling match, I have had a
tor 0.1.0.10 server (okapi) running these last few days with seeming
success based on local sniffer logs showing regular connections to and
from port 9001.  Two questions have come up in connection with this
installation.

First, I continue to get logged warnings every 20 minutes saying:

[warn] Your server ... has not managed to confirm that its ORPort is
reachable.  Please check your firewalls, ports, address, etc.

Ports 9001 and 9030 are wide open to the outside, and I don't block
outgoing traffic.  Any clue as to the cause of this seemingly spurious
warning?

Second, in attempting to troubleshoot this issue, I see that NMAP does not
report either 9001 or 9030 as open ports, although I can create a
connection via TELNET et al.  Is this common, or an artifact of my own
installation?

It's an adventure using a non-standard architecture, with odd side-effects
common.  The trick is to figure out which ones can be safely ignored. 
Once I'm sure this beast is running smoothly, he'll join the rest of the
registered herd.

Thanks,
RF

----- End forwarded message -----