Hello,
I recently started running an unrestricted standalone snowflake proxy and I was wondering, what is the lowest possible port range I can give it without having to give it all ports in the DMZ?
When I started mine someone suggested about 2.5 ports per connection. Don’t remember why.
I use 3 since it is easier to multiply. I have -capacity 12 so I opened 36.
I assume you also mean unlimited in connections so I guess all of 32768 to 60999.
I doubt you will get enough connections to fill all those ports.
I do get 12 but hardly get past 7. I don’t have the biggest fastest connection so maybe that is part of the problem.
The way to find the number of connection in real time is something like this:
netstat -t4u4wanp | grep -i 'proxy' | grep -i -E -c '141.212.118.18|193.187.88.42'
I will just spit out a number. I only have IPV4 so if you have IPV6 you may have to modify it
Edited later:
I seem to now remember why the 2.5.
After receiving a client offer from the broker the proxy answers with 2 candidate UDP ports the client can try like this:
a=candidate:1488169829 2 udp 1694498815 nn.nn.nn.nn 60916 typ srflx raddr 0.0.0.0 rport 60916 ufrag NwHVqlhIANVUUPea
a=candidate:1488169829 1 udp 1694498815 nn.nn.nn.nn 60933 typ srflx raddr 0.0.0.0 rport 60933 ufrag NwHVqlhIANVUUPea
I presume the .5 port is just breathing room while unused ports are released by the system and are ready to be used again by the proxy.