[tor-bugs] #23493 [Core Tor/Tor]: IPv6 v3 Single Onion Services fail with a bug warning

Tor Bug Tracker & Wiki blackhole at torproject.org
Wed Sep 13 23:27:22 UTC 2017

#23493: IPv6 v3 Single Onion Services fail with a bug warning
 Reporter:  teor                                 |          Owner:  (none)
     Type:  defect                               |         Status:  new
 Priority:  Medium                               |      Milestone:  Tor:
                                                 |  0.3.2.x-final
Component:  Core Tor/Tor                         |        Version:
 Severity:  Normal                               |     Resolution:
 Keywords:  prop224, tor-hs, single-onion, ipv6  |  Actual Points:
Parent ID:                                       |         Points:  1
 Reviewer:                                       |        Sponsor:
Changes (by teor):

 * status:  needs_information => new


 Replying to [comment:2 dgoulet]:
 > Oh dear... hmmm proposal 224 makes IPv4 *mandatory* in order to extend
 to the relay and seems in this case you have IPv6 only?...

 The single onion service in this test can only make IPv6 connections.
 This works for v2, but not v3.

 > Is this something we want to allow right now or should I say simply
 possible to have NO IPv4 for a relay?

 Here is how we make IPv6 work with single-hop client and service
 connections to intro and rend points. It works for v2 single onion
 services. We talked about it for v3, but it never made it into the prop224

 Here are the steps:
 0. The initiating client/service always puts IPv4 and IPv6 in the link
 specifier (if they are available in directory documents)
 1. If the link specifier has IPv6, the responding client/service uses it
 to make a direct connection
 2. Otherwise, the responding client connects over a 3-hop path via one of
 its IPv6 entry nodes (this is also what single onion services do when the
 particular address is blocked by their ReachableAddresses rules)

 I don't see how #23502 is a dependency. Initiating clients/services should
 always include IPv4 and IPv6, even if they wouldn't use them (step 0). And
 responding clients should use a direct connection if available, or a 3-hop
 connection if not (steps 1 & 2).

Ticket URL: <https://trac.torproject.org/projects/tor/ticket/23493#comment:4>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list