Hi Tor operators,
Some of us took/will take advantage of the increase in allowed Tor relays per
IPv4 address[1] to reduce costs for running Tor relays. This change will result
in more relays sharing the same source IP address than before, which means
other relays using rate limits on their ORPorts might need to make sure they do
not
unintentionally block relay to relay connectivity.
Many relay operators deploy TCP SYN rate limiting packet filters theses days
due to the ongoing DDoS issues. With the increase in Tor relays per IPv4
address, there might be more (new) connection coming from the same source IP.
If you have strict TCP SYN rate limits per source IP, please ensure that this
change does not result in blacklisting relay to relay traffic. You could for
example whitelist relay IP addresses or have less strict rate limits for them.
Thanks for reading,
https://applied-privacy.net
https://nothingtohide.nl
[1] https://gitlab.torproject.org/tpo/core/tor/-/issues/40744
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays