[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-relays] debugging unbound on 'torexit' failing DNS queries (solved)

To: tor-relays@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-relays] debugging unbound on 'torexit' failing DNS queries (solved)
From: eric gisse <jowr.pi@xxxxxxxxx>
Date: Sun, 21 Jan 2018 18:54:06 -0600
Delivered-to: archiver@xxxxxxxx
Delivery-date: Mon, 22 Jan 2018 03:54:33 -0500
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to; bh=F3IPf7IeO5hfNYQ6u5nCl6dTvkSjzWU4Bt2PL18IaQw=; b=vDaMXkYQT9KF7wN+C2y17Xj+2II4cYh9wLx0gUuP49HjIPQsg94YE433KF2k29eiWw Zge1pBdr7v7ksFI94k10iBAyRAsJLbo/XwNoTL6Gpb0rSwFp0RycVB3cMy/bA674fB+y HB3E7trUFriT1+bPWARBmmlNksYjRNjKUvlcAQv6+vOcV1CG5oEsF+A81MoYL9xvD6LT nPLp6S0cMhBWiGQWNgbcz1A3fg4toJYVSKJX6foUl335vfuGUpyqiZTK9d2Owc1+juGZ bjEFAQrJFJzppQvM16rDnWckduU3gywfF0/i986LuDnPJtB1ZMq7Yn5sM8Cqm+njqrjP 0R7Q==
In-reply-to: <59f08b06-4318-f236-c00f-09dc844a4072@riseup.net>
List-archive: <http://lists.torproject.org/pipermail/tor-relays/>
List-help: <mailto:tor-relays-request@lists.torproject.org?subject=help>
List-id: "support and questions about running Tor relays \(exit, non-exit, bridge\)" <tor-relays.lists.torproject.org>
List-post: <mailto:tor-relays@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=unsubscribe>
References: <6b6c355f-dffb-26eb-5135-814d4a7e3d6e@riseup.net> <CACKQKwOVxc8np+d_CasiRGiRVAcsi2+FP=Yx6BVfOUVaVhSi0g@mail.gmail.com> <8a7ad7ad-cc65-23bf-edce-147306f72c81@riseup.net> <CACKQKwOCfLYpjwQoQ4GgCnoujw4LV4kKeH2gW7Xuj1mitaUxiA@mail.gmail.com> <26092435-5a5e-14df-3b6c-98290b6f280b@riseup.net> <CACKQKwNYi4sFHb=_6qTMDSntSRCm8JGt-kAtHPdgxMeDxbRGqA@mail.gmail.com> <6e3414ab-12ef-20ba-9a79-2579a5285436@riseup.net> <CACKQKwNOeoUgR7DmVmgRgA6hwQu-NP0RQQ2cA2+1sh8NeTaCJg@mail.gmail.com> <6eea237a-07f5-f855-10c5-02f5faaee716@riseup.net> <CACKQKwNu5pTmMpfDOopJRexUF3TszHd779b_mNDQOmC5R6+UFA@mail.gmail.com> <59f08b06-4318-f236-c00f-09dc844a4072@riseup.net>
Reply-to: tor-relays@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-relays" <tor-relays-bounces@xxxxxxxxxxxxxxxxxxxx>

I can kinda answer that.

I run an exit node that happily does 200-250mbit/s according to
netdata accounting and my monitoring regularly pegs it at nearly 200k
connections. Usually 100-150k.

On Sun, Jan 21, 2018 at 4:06 PM, nusenu <nusenu-lists@xxxxxxxxxx> wrote:
>
>
> Quintin:
>> Ah, thats it. My conntrack entries are full and temporarily increasing it
>> resolves the problem.
>
> I'm glad we found the problem and the solution.
>
> Your exit appears to be offline since 2018-01-20 20:00, expected downtime?
> https://atlas.torproject.org/#details/92E3764D5485DC4AC01178271FB5A8A2D90DA9FF
>
>> What would be a reasonable conntrack limit for a tor exit?
>
> The amount of states depend on your consensus weight (and probably exit policy),
> do you require a stateful packet filter?
>
>
> --
> https://mastodon.social/@nusenu
> twitter: @nusenu_
>
>
> _______________________________________________
> tor-relays mailing list
> tor-relays@xxxxxxxxxxxxxxxxxxxx
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
>
_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Follow-Ups:
- Re: [tor-relays] debugging unbound on 'torexit' failing DNS queries (solved)
  - From: Quintin

References:
- Re: [tor-relays] Assigning BadExit to Exits failing to resolve hostnames starting on 2018-01-15
  - From: nusenu
- [tor-relays] debugging unbound on 'torexit' failing DNS queries
  - From: nusenu
- Re: [tor-relays] debugging unbound on 'torexit' failing DNS queries
  - From: Quintin
- Re: [tor-relays] debugging unbound on 'torexit' failing DNS queries
  - From: nusenu
- Re: [tor-relays] debugging unbound on 'torexit' failing DNS queries
  - From: Quintin
- Re: [tor-relays] debugging unbound on 'torexit' failing DNS queries
  - From: nusenu
- Re: [tor-relays] debugging unbound on 'torexit' failing DNS queries
  - From: Quintin
- Re: [tor-relays] debugging unbound on 'torexit' failing DNS queries (solved)
  - From: nusenu

Prev by Author: Re: [tor-relays] MyFamily and ContactInfo fields are required for operators running multiple tor instances
Next by Author: Re: [tor-relays] Relay not listed in atlas
Previous by thread: Re: [tor-relays] debugging unbound on 'torexit' failing DNS queries (solved)
Next by thread: Re: [tor-relays] debugging unbound on 'torexit' failing DNS queries (solved)
Index(es):
- Author
- Thread