[tor-dev] IPv6 and v3 onion services

David Goulet dgoulet at torproject.org
Thu Dec 14 16:29:53 UTC 2017

On 12 Dec (09:54:43), teor wrote:
> Hi David (and others interested in IPv6),
> We want to add better IPv6 support to Tor relays, clients, and v3 onion services.
> But if we do IPv6 v3 onion services first, the hop before intro and rend points
> will know that the circuit is a v3 onion service circuit, because its EXTEND2
> cells will have an IPv6 address.
> So I suggest that we implement IPv6 support in this order:
> IPv6 single onion services (at any time, only uses direct IPv6 CREATE)
> IPv6 relay extends
> IPv6 relay reachability (provides cover traffic for IPv6 client extends)
> IPv6 client extends for exit circuits
> IPv6 client extends for multi-hop onion service circuits
> I've added this to an "Overview" section in: 
> https://trac.torproject.org/projects/tor/wiki/org/roadmaps/Tor/IPv6Features
> I also like the idea of testing and deploying our IPv6 code on relays first.
> It's less risky than experimenting on clients or onion services.
> And our relay operators give us some excellent bug reports.
> And we can re-use some of the common code from the relay implementation
> in the client and onion service implementations. (For example, we'll write
> code that handles link specifiers.)
> Also, if we get IPv6 relay reachability checks working, that makes it easier
> to automatically configure IPv6 on relays. More IPv6 relays will make the
> anonymity set larger for IPv6 clients.
> What do you think?

When I did some of IPv6 work on hidden service v3 (before we rolled it back
:P), we are missing IPv6 foundations in some places that I think would be good
to nail down before we do anything with HS.

The place I'm thinking of is the EXTEND in IPv6 and relay self-testing in
IPv6. This seems a more critical point to build into the network before we can
start building HS support on top (single onion is different but will have to
do with HS code in some ways).

Then, making sure a client can do IPv6 seems the natural next step. And then
we finish with HS.

So to summarize (in order of what I think we should do first):

1. Relay
2. Client
3. HS/Single Onion

My two cents on this.

Also, 033 freeze is arriving rather fast that is in theory mid-january so we
have to consider the fact that we might not get the whole thing in 033 but we
can certainly try :).


> T

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 455 bytes
Desc: not available
URL: <http://lists.torproject.org/pipermail/tor-dev/attachments/20171214/ca34a5f7/attachment.sig>

More information about the tor-dev mailing list