[tor-bugs] #33818 [Core Tor/Tor]: Add options for clients and relays to enable IPv6 extends

Tor Bug Tracker & Wiki blackhole at torproject.org
Sun Apr 5 07:36:14 UTC 2020 

#33818: Add options for clients and relays to enable IPv6 extends
--------------------------------+--------------------------------
     Reporter:  teor            |      Owner:  teor
         Type:  task            |     Status:  assigned
     Priority:  Medium          |  Milestone:  Tor: 0.4.4.x-final
    Component:  Core Tor/Tor    |    Version:
     Severity:  Normal          |   Keywords:  ipv6, prop311
Actual Points:                  |  Parent ID:  #33220
       Points:  1               |   Reviewer:
      Sponsor:  Sponsor55-must  |
--------------------------------+--------------------------------
 To help with testing and future network upgrades, we want to add options
 that:
 * make clients and relays send IPv6 addresses in extend cells, and
 * make relays perform extends over IPv6.

 **General Options**

 ExtendByIPv6ORPort (like ExtendByEd25519ID):

 If this option is set to 1, Tor tries to include a relay’s IPv6 ORPort
 when telling the preceding relay in a circuit to extend to it. If this
 option is set to 0, Tor never includes an IPv6 ORPort when extending
 circuits. (And Tor relays disable IPv6 reachability self-tests.) If the
 option is set to "auto", Tor obeys a parameter in the consensus document.
 If the consensus parameter is not set:
   * relays include IPv6 ORPorts in extend cells, but
   * clients and bridges do not include IPv6 ORPort in extend cells.
 (Default: auto)

 **Relay and Bridge Options**

 ExtendAllowIPv6Addresses (like ExtendAllowPrivateAddresses):

 Relays and bridges only. When this option is set to 1, Tor will connect to
 relays on IPv6 addresses. In particular, Tor relays and bridges will allow
 EXTEND requests to IPv6 addresses.

 This option does not apply to clients, or direct OR connections initiated
 by relays or bridges. Use ClientUseIPv6 and  ClientPreferIPv6ORPort to
 enable direct IPv6 connections.

 If this option is set to 0, Tor will not connect to IPv6 ORPorts when
 extending circuits. If the option is set to "auto", Tor obeys a parameter
 in the consensus document. If the consensus parameter is not set:
   * relays allow IPv6 extends, but
   * bridges do not allow IPv6 extends. (Default: auto)

 **Proposal Notes**

 The design and option names are changed from section 4.4.4 of proposal
 311, for the following reasons:
 * consistent design:
   * simpler code: decide based on public_server_mode(), rather than
 circuit purpose
   * relay reachability and other cells can't be distinguished
   * relays include IPv6 first, because they don't require anonymity
   * clients don't include IPv6 (until there are more IPv6 relays)
   * bridges match clients
 * consistency with existing options

 See:
 https://github.com/torproject/torspec/blob/master/proposals/311-relay-
 ipv6-reachability.txt#L535

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/33818>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list