On 18 Aug 2016, at 23:06, Iain R. Learmonth irl@torproject.org wrote:
Hi,
On Thu, Aug 18, 2016 at 11:13:08AM +0000, isis agora lovecruft wrote:
- Patching Check [1] to use server descriptors (rather than networkstatus documents) and to additionally (in the Stem script) pull IPv6 addresses from stem.descriptor.server_descriptor.RelayDescriptor.or_addresses.
With IPv6 this can be more complicated, as relays may be using "Privacy Extensions for Stateless Address Autoconfiguration in IPv6" (RFC4941) which means that these IP addresses may change often.
We should probably give some advice to relay operators to ask them to disable privacy extensions?
Relays which change IPv6 addresses can be a good thing, because it allows clients to avoid Exit IPv6 blocks. But it also makes check.torproject.org unreliable.
Rather than removing a useful block-evasion feature, maybe we could redesign check.torproject.org to check a few different exit addresses?
Tim
Tim Wilson-Brown (teor)
teor2345 at gmail dot com PGP C855 6CED 5D90 A0C5 29F6 4D43 450C BA7F 968F 094B ricochet:ekmygaiu4rzgsk6n xmpp: teor at torproject dot org