I’ve noticed some strange things happening with one of my relays lately.
I’ve been running a non-exit ehind a VDSL connection for a few years (With some interruptions over time.). The connection has a daily changing IP (until the end of January) and about 12 Mbps upload speed (still until the end of January, then ill change provider and speed). I use IPCop as Firewall with NAT, QoS (Tor traffic has lower priority than other traffic), and IDS/IPS (Snort). The relay has a bandwidth limit of 1 MB/s. This setup has been working, with decent traffic on the relay, although there’s usually a delay after the 24-hour forced disconnection at 5:00 am.
I also connect to my office using a Windows 10 laptop and a Watchguard VPN client 3-4 times a week, which has worked fine for years.
Problem: However, a few months ago, I started having issues with my work VPN. Connecting in the morning is okay, but in the afternoon, my VPN client can’t connect to the VPN gateway. The process gets stuck at “Detecting site Connection” until I disconnect and rebuild the DSL connection. After that, everything works until the connection is closed.
Before realizing that reconnecting the VDSL connection helps, I talked to IT, but they said they weren’t receiving anything from my side.
I tried reducing the relay’s bandwidth limit to half (500 KB/s), but it didn’t change anything. Moving the relay (from a VM to a Docker container) and updating (0.4.7 → 0.4.8.9) also didn’t help.
Disabling QoS or IDS/IPS on the firewall didn’t make a difference.
Unfortunately, I don’t have admin rights on the Windows PC, so I can’t install analysis tools or access many log files.I can provide firewall and relay logs if that would be helpful.
Whether it’s worth doing a more in-depth analysis is uncertain. While the situation seems strange, it’s not causing too much stress. I could potentially delay further investigation for two more months until my DSL access changes (new provider, 5x bandwidth, no forced disconnection).