1

I have a debian 7.8 server, running on OpenVZ. On this server I'm running a tor relay and some other network services (like apache and mysql). However the tor service seems to eat up all my available TCP sockets.

According to the Parallels Control panel between 358 to 360 TCP connections are open (at a hard limit of 360 connections). lsof -i and netstat reveal that nearly all of the connections are used by tor and that they are not in a TIME_WAIT state.

I'd like to also use other network services, but most of the time I'm getting error messages. I cannot even install packages via apt-get when tor is running. So I need more free TCP connections.

As I said the server is virtualized by OpenVZ and thus changing any TCP settings via sysctl isn't possible. I guess I have to limit the number of TCP connections of tor process. But how do I do that? The torrc doesn't seem to provide any option for that. Can I use iptables for this task and how? If not, are there other solutions?

EDIT: Just to eliminate misunderstandings: I do not run the OpenVZ server. Actually my debian server is hosted by 1and1. It seems that numtcpsock=360 is limited by the hoster.

Scindix
  • 141
  • 5
  • 1
    For a relay or exit node, this would be very normal. Reconfigure the container to permit more connections. – Michael Hampton Jun 14 '15 at 00:44
  • @MichaelHampton I do not run the OpenVZ server. Actually my debian server is hosted by 1and1. It seems that numtcpsock=360 is limited by the hoster. – Scindix Jun 14 '15 at 00:59
  • 1
    In that case you need another VPS. – Michael Hampton Jun 14 '15 at 01:03
  • @MichaelHampton this isn't an option for me (-> affordability) Isn't there any option in linux to limit the number of TCP connections per process? – Scindix Jun 14 '15 at 01:09
  • 1
    There probably is, but then Tor will perform even worse than it does now, if you restrict it. Better to find a better (never OpenVZ based) provider. Don't let cost stop you; it is certainly possible to find good and inexpensive providers. For instance http://lowendbox.com/ – Michael Hampton Jun 14 '15 at 01:12
  • Currently I'm paying 1€/month for unlimited transfer @100 Mbit. I doubt that there is anything near that. But I will definitely have a look at the offers behind your link. They still sound quite fair. – Scindix Jun 14 '15 at 01:22

0 Answers0