[tor-bugs] #29258 [Circumvention/Snowflake]: What is the IPv6 story with Snowflake

Tor Bug Tracker & Wiki blackhole at torproject.org
Thu Jul 18 21:26:26 UTC 2019 

#29258: What is the IPv6 story with Snowflake
--------------------------------------------+------------------------------
 Reporter:  ahf                             |          Owner:  dcf
     Type:  task                            |         Status:
                                            |  needs_information
 Priority:  Medium                          |      Milestone:
Component:  Circumvention/Snowflake         |        Version:
 Severity:  Normal                          |     Resolution:
 Keywords:  anti-censorship-roadmap-august  |  Actual Points:
Parent ID:                                  |         Points:
 Reviewer:                                  |        Sponsor:
                                            |  Sponsor28-must
--------------------------------------------+------------------------------
Changes (by dcf):

 * status:  assigned => needs_information


Comment:

 Back in 2017, I inquired about IPv6 addresses. The reply is that IPv6 is
 only supported in one of the Greenhost data centers, namely Amsterdam

 > ...instances on our Amsterdam location we can give you an ipv6 prefix.
 Other locations don't have ipv6 available yet.

 The bridge is in the Amsterdam location, so I activated IPv6 for it back
 then. But the broker is in the Hong Kong location. I sent another support
 request this week to ask whether anything had changed, but IPv6 is still
 not available in Hong Kong.

 > Unfortunately there are no ipv6 block available yet for our Hong Kong
 customers.

 My proposed solution is to migrate the broker to the Amsterdam data
 center.
 1. Provision a new VM in Amsterdam.
 2. Set it up just as the current broker and rsync past logs to it.
 3. Change the snowflake-broker.bamsoftware.com DNS record to point to the
 new broker.
    a. Restart our proxy-go instances. Web badge and WebExtension instances
 should restart automatically.
 4. Run the two brokers in parallel for a while.
 5. Shut down the Hong Kong broker.

 If all goes well, this plan means no required downtime. The downside I see
 is that during step 4, there will be two separate sets of logs
 (snowflake.log and metrics.log) being kept. We will need to either merge
 them, or ignore one copy during the transition.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/29258#comment:8>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list