On Mon, Mar 17, 2014 at 09:39:05PM +0100, Mike Hearn wrote:
I would like to be an exit for port 8333 only. I have configured my relay to do this, but I am not being listed with the relay flag and do not see any traffic exiting my node (at least not using arm). I saw an FAQ that says this is because you have to exit web traffic to get marked as an exit. I do not wish to do this.
Is there any way to exit just one port?
Your exit policy means that you would allow a stream to exit if a client asked you for it. The trouble is that most Tor clients build their circuits preemptively -- before they know what destination stream they'll be asked to connect to. The Exit flag is an approximation for "probably will be able to handle whatever stream request shows up".
So your relay will actually get used in practice for exiting, in the case where the client doesn't have any currently open, adequately fresh circuits that would allow exit to port 8333. In that case it will make a new circuit, choosing from all exits whose exit policies allow that stream. But so long as things are going smoothly, there should be preemptive circuits around and ready, so this case should be rare.
Another reason for the Exit flag is to help clients do load balancing -- e.g., avoid putting traffic for the first and second hop on relays that probably have other clients putting traffic on them for the third hop.
https://gitweb.torproject.org/torflow.git/blob/HEAD:/NetworkScanners/BwAutho... https://gitweb.torproject.org/torflow.git/blob/HEAD:/NetworkScanners/BwAutho...
In that sense, you actually don't want the Exit flag for your relay, because it would make clients less likely to use you for their first and second hop, because they'd figure you're busy handling exit streams for other people.
The challenge there is that to do this load balancing more accurately, we have to have an accurate model for what total network load to expect for a given exit policy, so clients can take it into account. Since it's hard to know what that model should be in practice (see e.g. http://freehaven.net/anonbib/#cset12-modeling for more discussion there), and also it's especially hard to predict how it should change over time, it seems to me that a really simple approximation is more likely to be robust.
Hope that helps to explain the tradeoffs, --Roger