On 31 Jan 2017, at 10:51, nusenu nusenu@openmailbox.org wrote:
teor:
Here are the log entries I'd like to see:
Does tor log any warning if IPv6Exit is set to 1 and the resulting descriptor will not contain any ipv6-policy line?
If that is not the case then this might makes sense to add such a log entry because it would help the operator to understand that his intention (IPv6Exit 1) is not achieved - for whatever reason.
If this is indeed a bug then you might get some reports with such a warning message in the logfile (at least from operators looking at their logs).
https://trac.torproject.org/projects/tor/ticket/21355
Do exits do any outbound IPv6 reachability test before they create their descriptor? (with the ipv6-policy entry)
No, there is no IPv6 reachability testing in Tor for anything, except for authorities checking IPv6 ORPorts.
Ok, so there are no requirements beyond ExitPolicy + IPv6Exit. So a relay without IPv6 connectivity could also get an ipv6-policy line into his descriptor to test this.
Yes, Exits can lie about having connectivity, and they will (eventually) get the BadExit flag when they refuse too many connections by our scanners.
But I don't know whether we check IPv6.
I also had a look at the tor_version column but there was no correlation there. That said there _is_ a correlation with as_name, so maybe this not a bug but operators only enabling IPv6 exiting on specific hosters (which seems strange because I only list IPv6 enabled relays).
Some providers may require certain port configurations, which could cause the issue.
Do you mean physical port configuration? Since they have an IPv6 ORPort their IPv6 (inbound) connectivity should be working I guess.
Not quite, I mean IP addresses listed in the torrc, and addresses on the local machine's interfaces.
T
-- Tim Wilson-Brown (teor)
teor2345 at gmail dot com PGP C855 6CED 5D90 A0C5 29F6 4D43 450C BA7F 968F 094B ricochet:ekmygaiu4rzgsk6n xmpp: teor at torproject dot org ------------------------------------------------------------------------