Tor should be more gentle when launching dozens of circuits at once
When starting up Tor as an HS, Tor will create dozens of circs in quick succession (preemptive circs, HSDir circs, intro point circs, CBT circs).
Consider a Tor that starts up with 10 HSes configured(many of those Tors exist); it will easily attempt to make hundreds of circuits within seconds.
It might make sense to have some sort of circuit rate limiting during startup to avoid flooding our guard with so many circuit creations. I notice that Tor will whine about the guard failing circuits during startup very often, and perhaps this initial circuit flood is what's causing it?
We already have MaxClientCircuitsPending but not sure if that's enough. We also used to delay bootup of multiple onion services, but not sure we do this anymore (can't see it in hs_config_service_all()).