On 8 Feb 2017, at 02:53, Andrew Smith me@andrewmichaelsmith.com wrote:
OK, thanks for the clarification and raising the ticket.
To answer the why - for starters I'm trying to run a local tor network for fun and to learn more about tor.
Why am I trying to put a hostname in there? Because the system I'm setting up the network in may not have static IPs. As I understand it I need to maintain a DirAuthority line with a hard coded IP for each and every directory authority I run myself. If I can use a DNS name, this will mean I end up updating the torrc with DirAuthority lines a lot less. With IPs I am forced to change every torrc in my network every time an IP changes.
This is a feature that we're unlikely to implement, because the public Tor network doesn't want to have to trust the DNS system (it's insecure, and blocked or modified for some clients).
We *might* accept a patch for this behind a torrc option.
There are certainly ways around this (I could have a script populate torrc based upon DNS, for example) but it would make my life easier if I didn't have to.
You could use 127.0.0.1 if all the tor instances are on the same machine.
Or if they are all on the same network, you could use a private address range.
If they're not, you could use a VPN or similar solution to route the private addresses.
Any of these options require setting a few torrc options that allow private addresses, the easiest way to do this is to set:
TestingTorNetwork 1
This also changes some other torrc options: read the man page for details.
Tim
On 6 February 2017 at 23:10, teor teor2345@gmail.com wrote:
On 7 Feb 2017, at 03:31, Andrew Smith me@andrewmichaelsmith.com wrote:
Hi
I'm experimenting running my own tor network. To achieve this I'm setting DirAuthority in torrc.
But it seems that I cannot use a hostname for my DirAuthority.
Why are you trying to do this? If you share your goal, we might be able to help you with a workaround or alternate strategy.
For example, if you use a hostname in the "Address" field, your authority will look it up, add the IPv4 to its descriptor, and then other authorities, relays, and clients will use that address. (After the network has bootstrapped using the original address.)
For example:
DirAuthority da1 orport=7000 no-v2 v3ident=xxx da1:7000 xxx
Results in the error:
Unrecognized flag 'da1:7000' on DirAuthority line
If I replace "da1" with an IP address there is no error. Is this expected behaviour?
It is the implemented behaviour, and has been since at least 2006 (tor-0.1.2.2-alpha). The code responsible is:
while (smartlist_len(items)) { char *flag = smartlist_get(items, 0); if (TOR_ISDIGIT(flag[0])) break;
Which means that only IPv4 addresses are guaranteed to work here.
I'm running tor v0.2.8.12. The documentation calls this an "address" (as opposed to other parts which refer to an "IP") which made me think a hostname would work.
The "Address" torrc option takes a hostname, as do some other options (I think the HiddenServicePort target is another.)
Thanks for the bug report, we'll fix the man page: https://trac.torproject.org/projects/tor/ticket/21405
T
--
T
-- Tim Wilson-Brown (teor)
teor2345 at gmail dot com PGP C855 6CED 5D90 A0C5 29F6 4D43 450C BA7F 968F 094B ricochet:ekmygaiu4rzgsk6n xmpp: teor at torproject dot org ------------------------------------------------------------------------