[tor-relays] IPv6 to IPv4 tor exit relays would fix many daily tor-problems

teor teor2345 at gmail.com
Wed Jul 5 02:48:59 UTC 2017 

> On 5 Jul 2017, at 10:27, Fof582 <fof582 at protonmail.com> wrote:
> 
>> Most tor clients send a DNS name, and flags that say whether they
>> allow IPv4 and IPv6, and which one they prefer. They rely on the Exit
>> to resolve the IP address and connect to the site.
>> 
>> On the current network, an IPv6-only Exit won"t get the Exit flag, and
>> therefore won"t get much client traffic. And it probably shouldn"t,
>> until almost all internet sites are on IPv6. Otherwise clients will
>> ask it to connect to IPv4-only sites, and it will fail them.
> 
> But thats exactly the case in a "tor exit that can only be reached by ipv6, but reach itself ipv4 and ipv6".
> Can such a exit be run at the moment? IPv6 can be used on such a exit for in+out-traffic, IPv4 can be used to reach out everything - its just behind a NAT.
> IPv4-only sites can be reached from the exit. The only case is that the exit itself can only be reached over IPv6 because of IPv4-NAT.

No, Exits need bidirectional connectivity over IPv4, because clients
need to build circuits to them via IPv4-only middle relays.
(Otherwise the Exit would have to connect our to the middle relay
before the path would work, which breaks the clique requirement.)

A similar requirement applies to all public relays, and will continue
to apply, until some researchers show how to preserve client anonymity
in a non-clique network.

IPv6-only bridges are a special case, because they only connect out.
And they look like clients to the rest of the network.
We just need to fix the Tor code that makes them work:

https://trac.torproject.org/projects/tor/ticket/4847

T
--
Tim Wilson-Brown (teor)

teor2345 at gmail dot com
PGP C855 6CED 5D90 A0C5 29F6 4D43 450C BA7F 968F 094B
ricochet:ekmygaiu4rzgsk6n
xmpp: teor at torproject dot org
------------------------------------------------------------------------

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: Message signed with OpenPGP
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20170705/2c6101fe/attachment.sig>

More information about the tor-relays mailing list