[tor-relays] Bridge clients don't *really* update dynamic bridge IPs from fingerprints?

George Kadianakis desnacked at riseup.net
Sat Jun 28 11:14:23 UTC 2014

Rick Huebner <rhuebner at radiks.net> writes:

> I run a bridge from a "semi-static" home internet account, where the
> address is dynamically assigned but only changes when either the ISP
> or my hardware router goes down and forces a reconnect, which only
> happens maybe once every several months. I've read in a few places
> that Tor bridges with dynamic IP addresses are just as useful as those
> with static addresses, even if their address changes pretty often,
> because the bridge user's client will use the bridge's fingerprint to
> look up its current address and port from the bridge authority if it
> fails to connect.

Hello Rick,

your intuition is correct. This feature does not work very well.

Here are a few reasons why:

a) As you said, UpdateBridgesFromAuthority is turned off by
   default. AFAIK, this is the case because the feature is not very
   useful atm: most places have already blocked all the Tor
   authorities including the bridge authority.

   The feature needs to be slightly reworked. For example, maybe Tor
   needs to ask any working bridges it has about the descriptor of its
   dead bridges. Then the working bridges would query the bridge
   authority themselves and relay the descriptors to the client.
   However, a Tor proposal is needed to implement the above feature
   and further analysis is required (for example, is it a good idea to
   reveal to a bridge what other bridges you are using). Feel free to
   help us out with this :)

b) Also, Tor clients are amnesiac with regards to bridges
   information. That is, even if they learn the fingerprint or the new
   IP address of a bridge, they don't write it down on a file. So next
   time they start up, they have to do the whole thing
   again. Sebastian wrote a proposal for this a few years ago, but
   it's still unimplemented:
   Feel free to help with this too :) The first step is probably to
   reread the proposal, and see if anything needs to be changed to
   reflect the current state of Tor.

Also, check out this related blog post by Sebastian:

Have a good day and sorry for the sad news :)

More information about the tor-relays mailing list