-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Hello. I'm aware that some nameservers block Tor, so running a recursive local resolver on the same IP that traffic exits can be a bad idea. The usual solution is to buy an extra IPv4 and bind the local resolver to it. What about IPv6? Is it safe to simply make a new IPv6 on the same /64 and use that for recursive lookups, or are there nameservers that block the entire /64 that a single Tor exit relay is on? I currently use Unbound with "do-ip6: no" because I do not want to fail lookups and receive a BadExit flag if my entire /64 is blocked. Regards, forest -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEvLrj6cuOL+I/KdxYBh18rEKN1gsFAmlFss8ACgkQBh18rEKN 1gugfA//UuYYhq7ATC1r3J/t5yHXB0bovAPzj519ICXGXaJ0TW86hY3PC5WzdYzk zKvKXArhQKm2Xdu9kh2w6YfETo3xTdUnTyLlBH1T/oeMamARUw1S+Osld4goiTS2 gsRzhN7hvzHw7NqMJLV+xEZQFBVLRg0Fi2E3oOqk5dBRbd5cMzpWZ4HiMqsY3jHH 6h5RY0HLk4HqPxGzAk0KRF056hDf4PmuGZuHSYsBR8PPMS4HwF/p6772KEK/ajBG VZr+v0Moi22dLMno+2SjkPy0rEOkRzOinOmqBLl6ajakn5lff0vR83eANTl3Vz2t bfP4PJ8bbraMVVdUEa5VobdDD8pGTbrryiB71gWO2AwS0GVnq8JIBK8pGSMAXmfc FNqxN/owYDSC+N3SlbOvK4YtIqbt5VKcU7nOuPzfBzm1cLMMq1NogzVN+FAdW9vr l9WD3AnKon6REM4ZpimDOZX8/5k0WKhhPm1TWmPa7ZB9NYyzQlbxEUmIIkQIXasW W0sVTeZ3vUwVQrUPilA8M0o8/cuWZleXs7RKNJP2T2r74olwUOw9E/afZXKxG9Hj daA1yUeD6tnUYk/pITddKHQ2V7Qd0BdHO2DMqQ71Bkcb7vTm/Ni45/jDaScaivz0 7vdCwPkC9k/sLEHHZ1kd33fjsGddILf7azSBRameI+9tgKZdw3E= =Z0tl -----END PGP SIGNATURE-----