[xxpor]

An ISP is selling me fiber to transmit bits and an IP address to talk to the rest of the world. How many TCP connections I'm establishing is exactly none of their business unless they start receiving abuse reports (or run CGNAT, but that's not the issue here).

Whoever thought a *stateful ONT* was a good idea should be shot out of a canon.

Just wait until the connection timers in the ONT don't match your firewall. Then you'll have real fun.

[bcrl]

An ISP (I run one) sells a residential connection to you as a user under a number of assumptions that you are like other residential users. That means that your usage these days is roughly 4 Mbps measured at the 95th percentile (in aggregate). When you run a Tor node you cause the following problems:

- your 95th percentile usage is now likely going to be substantially more than 4 Mbps

- your usage is likely to be much more constant (less bursty). This breaks statistical multiplexing amongst residential users. For reference, Netflix with HD video streams tends to burst to 25Mbps for a second and is then idle for 4-5 seconds.

- your usage is now exposing the ISP to DoS attacks and other interesting (read as expensive) problems caused by running a Tor node. This includes legal costs when dealing with investigations into malicious use of the network by nefarious people trying to hide illegal activities via Tor. Yes, your ISP has to bear the cost for legal issues that arise when its users engage in illegal activity over their internet connections.

- your Tor usage is likely to result in the IPs that are used by you to get added to various blacklists. This results in support costs for the ISP when your dynamic IP gets assigned to another user and causes problems for an unrelated.

If you really want to do this, colocate a Tor node in a data center. This kind of traffic is perfectly appropriate in commercial circumstances, and the price you pay will reflect the actual cost of the service being delivered. You're not going to cause nearly as much collateral damage with a dedicated internet connection as you will on a residential network.

Yes, Tor has its place, and if you're going to run a Tor node, think long and hard about the impact it will have before doing so. Many smaller ISPs are not at a scale where the company can afford to carry the costs needed to support traffic patterns that are generated by Tor. Small ISPs have to be very careful to balance the line between expanding to serve the needs of our customers and breaking even. Legal budgets only become a thing after an ISP has hundreds of thousands of dollars a month in revenue. Please, don't do something like this to a small ISP that's trying to help bridge the broadband divide. At the very least, run it by them before doing so.

[xxpor]

These are all problems that are yours, not mine, unless you've put it in a contract. I don't give a poop about your multiplexing oversubscription. That's a business choice. The bet didn't work out. Data caps are a common way to fix it, but those in the contract. Notice at no point did CL ever say you can't run a Tor exit node. Of course, a common clause in these types of contracts is that the provider can just drop you at their leisure. That's also an option. But don't implement this hacky nonsense. My actual day job is writing bandwidth/packet rate/connection count limiters, so I'm well aware of how these things work.

Even regardless of the Tor issues, the problem OP is having is related to the quantity of TCP connections, not Tor itself. So the points are irrelevant. He could be connecting to arbitrary HTTP servers and run into the same problem.

[mindslight]

And an all-you-can-eat buffet operates on an assumption that their customers won't be large prosumer eaters who stick to the expensive dishes. Even though some are, and they are in fact attracted to the business, it still works out. When it stops working out, or the losses from those customers become significant enough, then they can change their business model and terms.

I say more traffic going to true edge nodes is a good thing. The more vibrant the P2P ecosystem, the harder it becomes for ISPs to discriminate against communications not going to big tech, and the harder it is to monetize user surveillance. The more customers that view their connection as something for publishing and actively participating, rather than merely consuming, the better off we all are.

If you want to implement a bandwidth cap for your users, go right ahead. Just make sure to post it as prominently as your burstable speed. 10TB/month is 32 Mb/sec.

[mise_en_place]

What a wild take. I was going to start a WISP but realized early on I would get potential customers like this. Let’s be real, you’re being cheap and don’t want to shell out extra cash per month for a business line or colocation.

[jevoten]

Why should he need a business line? He's not using excessive bandwidth. The restriction imposed on him is completely arbitrary.

[ikiris]

It is indeed better that you didn't start a WISP with this additude. There's enough bad ones out there as it is.

[jcrawfordor]

The service that you're describing is usually called dedicated internet access or DIA. It is a distinct service from residential ISPs, and a more costly one for good reasons. Residential and business ISPs operate a shared resource on which they must impose limits to avoid impacts on other customers. This is as true of PON as other last-mile technologies.

Total ballpark, because it depends plenty on your market, proximity to carrier resources, etc, gigabit symmetric DIA tends to be in the neighborhood of $1000-2000 per month. A lot of the variance comes from the fact that it will be delivered by conventional fiber, not PON, in order to avoid resource contention. So trenching is usually involved in the installation, but the price of that is usually amortized into your 3-year contract.