Hi,
does the following also apply if a Tor users chooses to use a bridge?
- We do not choose more than one router in a given /16 subnet
[1]
Will tor ensure that the relays are not in the same /16 netblock with the bridge?
thanks, nusenu
[1] https://gitweb.torproject.org/torspec.git/tree/path-spec.txt#n239
On 20 Dec 2017, at 03:10, nusenu nusenu-lists@riseup.net wrote:
does the following also apply if a Tor users chooses to use a bridge?
- We do not choose more than one router in a given /16 subnet[1]
Will tor ensure that the relays are not in the same /16 netblock with the bridge?
Yes, as each node is added to the path, its IPv4 address is checked against the IPv4 /16 netblocks of the existing nodes in the path. This includes relays and bridges.
There is no support for checking IPv6 addresses yet: https://trac.torproject.org/projects/tor/ticket/24393 But when there is, we will check IPv6 /32s, for those nodes that have IPv6 addresses.
… [1] https://gitweb.torproject.org/torspec.git/tree/path-spec.txt#n239
does the following also apply if a Tor users chooses to use a bridge?
- We do not choose more than one router in a given /16 subnet[1]
Will tor ensure that the relays are not in the same /16 netblock with the bridge?
Yes, as each node is added to the path, its IPv4 address is checked against the IPv4 /16 netblocks of the existing nodes in the path. This includes relays and bridges.
There is no support for checking IPv6 addresses yet: https://trac.torproject.org/projects/tor/ticket/24393 But when there is, we will check IPv6 /32s, for those nodes that have IPv6 addresses.
Does it check only against actively used ORPort IPv4 address or all ORPort IPs in the bridge descriptor when connecting to the bridge via IPv6?
example: - bridge has an IPv6 and IPv4 1.1.2.2 - exit has 1.1.2.3 - tor client connects to the bridge using IPv6
Will the client use that exit if it connects to the bridge via IPv6?
thanks, nusenu
On 20 Dec 2017, at 10:00, nusenu nusenu-lists@riseup.net wrote:
does the following also apply if a Tor users chooses to use a bridge?
- We do not choose more than one router in a given /16 subnet
[1]
Will tor ensure that the relays are not in the same /16 netblock with the bridge?
Yes, as each node is added to the path, its IPv4 address is checked against the IPv4 /16 netblocks of the existing nodes in the path. This includes relays and bridges.
There is no support for checking IPv6 addresses yet: https://trac.torproject.org/projects/tor/ticket/24393 But when there is, we will check IPv6 /32s, for those nodes that have IPv6 addresses.
Does it check only against actively used ORPort IPv4 address or all ORPort IPs in the bridge descriptor when connecting to the bridge via IPv6?
example:
- bridge has an IPv6 and IPv4 1.1.2.2
- exit has 1.1.2.3
- tor client connects to the bridge using IPv6
Will the client use that exit if it connects to the bridge via IPv6?
It only checks IPv4 addresses for the moment, regardless of how it connects.
T
-- Tim / teor
PGP C855 6CED 5D90 A0C5 29F6 4D43 450C BA7F 968F 094B ricochet:ekmygaiu4rzgsk6n ------------------------------------------------------------------------
-
nusenu -
teor