[tor-relays] (de)bug IPv6 exit policies?

nusenu nusenu at openmailbox.org
Mon Jan 30 23:51:00 UTC 2017


teor:
> Here are the log entries I'd like to see:

Does tor log any warning if IPv6Exit is set to 1 and the resulting
descriptor will not contain any ipv6-policy line?

If that is not the case then this might makes sense to add such a log
entry because it would help the operator to understand that his
intention (IPv6Exit 1) is not achieved - for whatever reason.

If this is indeed a bug then you might get some reports with such a
warning message in the logfile (at least from operators looking at their
logs).

>> Do exits do any outbound IPv6 reachability test before they create their
>> descriptor? (with the ipv6-policy entry)
> No, there is no IPv6 reachability testing in Tor for anything,
> except for authorities checking IPv6 ORPorts.

Ok, so there are no requirements beyond ExitPolicy + IPv6Exit.
So a relay without IPv6 connectivity could also get an ipv6-policy line
into his descriptor to test this.

>> I also had a look at the tor_version column but there was no correlation
>> there.
>> That said there _is_ a correlation with as_name, so maybe this not a bug
>> but operators only enabling IPv6 exiting on specific hosters (which
>> seems strange because I only list IPv6 enabled relays).
> Some providers may require certain port configurations, which could
> cause the issue.

Do you mean physical port configuration?
Since they have an IPv6 ORPort their IPv6 (inbound) connectivity should
be working I guess.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: OpenPGP digital signature
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20170130/f0233390/attachment.sig>


More information about the tor-relays mailing list