add support for multiple OutboundBindAddressExit IP(ranges)
tor has support for dedicated outbound IP addresses for on exit relays via OutboundBindAddressExit. This parameter supports only a single IPv4 and a single IPv6 address.
I propose to add an extension of this feature to support IPv4 and IPv6 ranges/prefixes.
The idea is to assign an IP address to each tor circuit. The exit IP address must never change during the lifetime of the circuit.
Exit IP addresses would be randomly assigned to circuits. Once the exit runs out of IPs it cycles through his pool of IPs again. With IPv6 address space availability this can take a long time with IPv4 it will be limited.
This aims to reduce the negative impact of few "bad" users on many "good" users since they will not share the same IP address on the exit.
This might also have some negative? side effect since it demultiplexes tor clients to multiple source IPs on the exit and an external observer (not running the exit itself) can tell clients apart by looking at source IPs.
Instead of doing it on the circuit level you could do it based on time. Change the exit IP every 5 minutes (but do not change the exit IPs for existing circuits even if they live longer than 5 minutes).