[tor-relays] About relay size

Scott Bennett bennett at sdf.org
Tue Oct 3 13:31:51 UTC 2017 

Scott Bennett <bennett at sdf.org> wrote:

> teor <teor2345 at gmail.com> wrote:
>
> >
> > On 3 Oct 2017, at 03:07, Scott Bennett <bennett at sdf.org> wrote:
> >
> > >>> In the meantime, I think it would be great to have IPv6-only relays, to
> > >>> avoid this kind of NAT-related issues.
> > >> 
> > >> We'd love to make this happen, but the anonymity implications
> > >> of mixed IPv4-only and IPv6-only (non-clique) networks need
> > >> further research. Search the list archives for details.
> > >> 
> > >     Couldn't that be taken care of in the tor client code?  For example, a
> > > client, having chosen a path through which an IPv6-only relay, could extend
> > > the path by one hop to tunnel through a node with both types of interface
> > > published?
> >
> > Yes, clients choose paths, and could choose them using these kinds of
> > restrictions. But current tor relay versions won't extend to other relays
> > over IPv6. Because we don't understand the anonymity implications of
> > restricting the next relay in the path based on the previous relay. Which
> > is why we need further research.
>
>      Here's a procedure:  if the next hop/destination does not use a protocol
> in common with the client/current hop, a dual-protocoled node must be
> interposed; else use the originally selected hop/destination directly.  
> The client-to-first-hop situation is analogous to using a set of entry guards
> today, so that much should be okay.  What do IPv6-only clients currently do?
>      Allowing IPv6 destinations today limits exit-hop selections to dual-
> protocol-capable exit nodes, which is like using an "ExitNodesIPv6" (if there
> were such a thing) line in torrc with a long and growing list of nodes.  How
> long would that list have to be for the warning on the man page under the
> ExitNodes statement definition to become unimportant?  How many were there
> when IPv6 destinations were first allowed?
>      For interposing dual-protocoled nodes along the way, how many do there
> have to be for it to become "not too limiting"?
> >
> > > A related question is can a relay with only an IPv4 address
> > > published currently set an IPv6 OutboundBindAddress?
> >
> > Yes. This is useful for IPv6 exits without a fixed IPv6 ORPort address.
> >
>      That's okay, but what if the node is an entry-and-middle node only?
>
     Hmm.  On second thought, it's *not* okay because it means that such a
node cannot be a middle node because it could only connect to the IPv6
universe.  Or the man page is wrong about OutboundBindAddress.  Or there
is something else amiss.


                                  Scott Bennett, Comm. ASMELG, CFIAG
**********************************************************************
* Internet:   bennett at sdf.org   *xor*   bennett at freeshell.org  *
*--------------------------------------------------------------------*
* "A well regulated and disciplined militia, is at all times a good  *
* objection to the introduction of that bane of all free governments *
* -- a standing army."                                               *
*    -- Gov. John Hancock, New York Journal, 28 January 1790         *
**********************************************************************

More information about the tor-relays mailing list