Exit not using one hop circuit to Directory Server
I've set up a lab to learn about Tor. All nodes running within Xen 6.2 on FreeBSD 10 running Tor version 2.4.19.
All clients can build circuits and functionality looks as expected. However, while entry and relay nodes use the encrypted, one-hop circuit to communicate with the Directory Server, the exit node does not. The exit node communicates directly with the dir port on the directory server (http). I'm using tcpdump -nvvv -A on the specific interfaces to see the traffic.
All nodes in the lab are essentially clones. The torrc file is changed on each node to reflect client, entry, relay, and exit roles. The only difference between the nodes that use the one-hop circuilt and the one that doesn't is the "accept" policy on the exit node. I don't see how that relates, but when I remove the "accept" policy and add a policy to "reject :" the one-hop circuit is then used . I've gone over this quite a bit. It may be a bug.