On 25 Feb (23:20:04), Onior Operator wrote:
Op 25/02/2021 14:19 schreef David Goulet dgoulet@torproject.org:
On 24 Feb (11:08:15), Onion Operator wrote:
Saluton,
My relay started to log this message since 0.4.5.5:
Auto-discovered IPv6 address [...]:443 has not been found reachable. However, IPv4 address is reachable. Publishing server descriptor without IPv6 address. [2 similar message(s) suppressed in last 2400 seconds]
I think it started with the introduction of IPv6 auto-discovery.
The problem, as I understand it, is that my relay has IPv6 privacy extensions enabled and therefore the IPv6 detection logic gets fooled. Indeed the IPv6 I see in the logs is one of the temporary addresses used as client towards other relays.
Relevant config is:
ORPort 443 IPv4Only ORPort [...]:443 IPv6Only
I added the IPv{4,6}Only options only in searching a solution to this problem, before 0.4.5.5 the IPv6 relay worked perfectly without.
In reading the documentation of AddressDisableIPv6 I got the impression that if (any?) ORPort is configured with IPv4Only the IPv6 auto-discovery gets disabled but evidence does not support my understanding. Is it a bug?
Any other way to disable IPv6 auto-discovery?
"AddressDisableIPv6 1" should do it.
Isn't this going to completely disable IPv6?
Correct.
Also, "ORPort 443 IPv4Only" _only_ should also not make your tor auto-discover IPv6 at all. If it does, we have a bug! Sending us debug logs (even in private to my address) would be helpful in that case.
I suspect we are in this case.
Any logs you can send towards me would be grand. Thanks!
The last option is to "pin" an IPv6 by using either "Address" or directly in the ORPort with "ORPort IP:PORT".
The man page does not mention IPv6 in the description of "Address" and about pinning the IPv6 address in the ORPort, I think it's what I'm already doing (the [...] in the second ORPort above is indeed the IPv6 address) or not?
Indeed. I will update the manpage for "Address" to mention IPv6.
You can now use *two* Address statement, one for each IP type (v4 and v6) if you want and tor will figure it out (correctly hopefully).
David