diff --git a/src/or/entrynodes.c b/src/or/entrynodes.c
index ce701a20f..866e59335 100644
--- a/src/or/entrynodes.c
+++ b/src/or/entrynodes.c
@@ -966,7 +966,7 @@ entry_guard_learned_bridge_identity(const tor_addr_port_t *addrport,
  * violate it.
  */
 STATIC int
-num_reachable_filtered_guards(guard_selection_t *gs,
+num_reachable_filtered_guards(const guard_selection_t *gs,
                               const entry_guard_restriction_t *rst)
 {
   int n_reachable_filtered_guards = 0;
@@ -1472,30 +1472,28 @@ guard_create_exit_restriction(const uint8_t *exit_id)
   return rst;
 }
 
-/** If we have fewer than this many possible guards, don't set
- * MD-availability-based restrictions: we might blacklist all of
- * them. */
+/** If we have fewer than this many possible usable guards, don't set
+ * MD-availability-based restrictions: we might blacklist all of them. */
 #define MIN_GUARDS_FOR_MD_RESTRICTION 10
 
 /** Return true if we should set md dirserver restrictions. We might not want
- *  to set those if our network is too restricted, since we don't want to
- *  blacklist all our nodes. */
+ *  to set those if our guard options are too restricted, since we don't want
+ *  to blacklist all of them. */
 static int
 should_set_md_dirserver_restriction(void)
 {
   const guard_selection_t *gs = get_guard_selection_info();
+  int num_usable_guards = num_reachable_filtered_guards(gs, NULL);
 
-  /* Compute the number of filtered guards */
-  int n_filtered_guards = 0;
-  SMARTLIST_FOREACH_BEGIN(gs->sampled_entry_guards, entry_guard_t *, guard) {
-    if (guard->is_filtered_guard) {
-      ++n_filtered_guards;
-    }
-  } SMARTLIST_FOREACH_END(guard);
+  /* Don't set restriction if too few reachable filtered guards. */
+  if (num_usable_guards < MIN_GUARDS_FOR_MD_RESTRICTION) {
+    log_info(LD_GUARD, "Not setting md restriction: only %d"
+             " usable guards.", num_usable_guards);
+    return 0;
+  }
 
-  /* Do we have enough filtered guards that we feel okay about blacklisting
-   * some for MD restriction? */
-  return (n_filtered_guards >= MIN_GUARDS_FOR_MD_RESTRICTION);
+  /* We have enough usable guards: set MD restriction */
+  return 1;
 }
 
 /** Allocate and return an outdated md guard restriction. Return NULL if no
diff --git a/src/or/entrynodes.h b/src/or/entrynodes.h
index 49bb3e55c..d177f6cff 100644
--- a/src/or/entrynodes.h
+++ b/src/or/entrynodes.h
@@ -521,7 +521,7 @@ STATIC void entry_guard_consider_retry(entry_guard_t *guard);
 STATIC void make_guard_confirmed(guard_selection_t *gs, entry_guard_t *guard);
 STATIC void entry_guards_update_confirmed(guard_selection_t *gs);
 STATIC void entry_guards_update_primary(guard_selection_t *gs);
-STATIC int num_reachable_filtered_guards(guard_selection_t *gs,
+STATIC int num_reachable_filtered_guards(const guard_selection_t *gs,
                                          const entry_guard_restriction_t *rst);
 STATIC void sampled_guards_update_from_consensus(guard_selection_t *gs);
 /**