I have recently read somebody stating that bridges’ ORPorts should not be kept open and reachable from the outside, as that might expose the bridge itself and render it useless.
I then tried closing the ORPort on a bridge I manage, and it seems to have been working fine; the only thing is that Metrics signals the node as down, even though the bridge publishes its descriptors and its data gets updated.
Is keeping the port open but using the NoAdvertise
flag a safe way to solve the problem?
try yourself and decide on your own:
nmap -sV IP-OF-YOUR-BRIDGE -p ORPort