[tor-commits] [doctor/master] Start of a check for IPv6 ORPort reachability
atagar at torproject.org
atagar at torproject.org
Wed Oct 7 16:59:09 UTC 2015
Author: Damian Johnson <atagar at torproject.org>
Date: Wed Oct 7 09:57:43 2015 -0700
Start of a check for IPv6 ORPort reachability
Jake and other authority operators have asked for a DocTor check that their
IPv6 endpoint (if configured) is reachable. Honestly I'm green to ipv6 so
unsure how to do this. Suspect it's gonna require a config change on
cappadocicum so checking with weasel...
consensus_health_checker.py | 40 ++++++++++++++++++++++++++++++++++++++--
1 file changed, 38 insertions(+), 2 deletions(-)
diff --git a/consensus_health_checker.py b/consensus_health_checker.py
index 82c21c7..d762f74 100755
@@ -9,6 +9,7 @@ Performs a variety of checks against the present votes and consensus.
@@ -275,7 +276,7 @@ def main():
log.debug('Sending notification for issues (%s)' % ', '.join(destination_labels))
- print '\n'.join(map(str, issues))
+ print('\n'.join(map(str, issues)))
body = '\n'.join(map(str, issues))
cc = [d.address for d in destinations.values() if d and not d.bcc]
@@ -700,6 +701,41 @@ def bandwidth_authorities_in_sync(latest_consensus, consensuses, votes):
return Issue(Runlevel.NOTICE, 'BANDWIDTH_AUTHORITIES_OUT_OF_SYNC', authorities = ', '.join(entries), to = measurement_counts.keys())
+def is_ipv6_orport_reachable(latest_consensus, consensuses, votes):
+ Simple check to see if we can reach the authority's IPv6 ORPort when it has
+ issues = 
+ for authority in DIRECTORY_AUTHORITIES.values():
+ desc = latest_consensus.routers.get(authority.fingerprint)
+ if not desc:
+ continue # authority isn't in the consensus
+ for address, port, is_ipv6 in desc.or_addresses:
+ if is_ipv6:
+ # TODO: Ok, now for the bit I'm unfamiliar with. How do we ping
+ # this endpoint? On cappadocicum seems we're missing something...
+ # % ping6 2001:858:2:2:aabb:0:563b:1526
+ # connect: Network is unreachable
+ # Do we need a tunnel? 6to4 configuration?
+ # https://wiki.debian.org/DebianIPv6#IPv6_6to4_Configuration
+ # Green to this space so lets ask...
+ orport_socket = socket.socket(socket.AF_INET6, socket.SOCK_STREAM)
+ orport_socket.connect((address, port))
+ # ???
+ return issues
Provides a mapping of directory authority nicknames to their present consensus.
@@ -773,6 +809,6 @@ if __name__ == '__main__':
- print "Error: %s" % msg
+ print("Error: %s" % msg)
util.send("Script Error", body = msg, to = [util.ERROR_ADDRESS])
More information about the tor-commits