[tor-relays] IPv6 ORPort autodetection on relays (Was: Re: Running 2 relays with 0.4.0.2_alpha [err] descriptor at 0x8a0acdb0830 begins with unexpected string "".)
teor at riseup.net
Fri Mar 1 01:54:31 UTC 2019
> On 1 Mar 2019, at 10:26, s7r <s7r at sky-ip.org> wrote:
> teor wrote:
>> Cc'ing Linus, because he is also interested in IPv6.
>> On 28 Feb 2019, at 19:01, s7r <s7r at sky-ip.org <mailto:s7r at sky-ip.org>>
>>> However, shouldn't the line:
>>> ORPort 9050
>>> bind to all v4 and v6 available interfaces / IP addresses? If it does
>>> not, we should fix it to do so. As in:
>>> ORPort 9050 - bind to all available v4 and v6
>>> ORPort 0.0.0.0:9050 - bind to all available from the v4 class
>>> ORport [::]:9050 - bind to all available from the v6 class
>>> ORPort <explicit-address>:port - bind to specified address exactly
>> Tor already binds to IPv4 and IPv6 by default.
>> But it only autodetects IPv4 addresses.
>> (Binding to IPv6 doesn't really do much, if you don't have an IPv6
>> address to advertise.)
> I thought IPv6 needs to be stated explicitly or at least generally by
> omitting IPv4 at all even as the general 0.0.0.0.
> So ORPort 0.0.0.0:9001 would bind to all IPv4 and IPv6 available
> addresses on a server?
No, 0.0.0.0 is an IPv4 address, so Tor only binds to IPv4.
[::] is the equivalent IPv6 address, but that doesn't work for ORPorts,
because Tor doesn't autodetect IPv6 addresses.
(I think you can specify Address [IPv6], but I'm not sure if that works
the way it should. We should fix it along with autodetection.)
> The same would ORPort 9001 ?
Yes, a missing address means IPv4 and IPv6, if the OS supports it.
(There are flags that turn off IPv4 or IPv6 binding, too.)
>> I'd love to make Tor autodetect IPv6 addresses.
>> Here's what we need to do to make that happen:
>> 1. make relays extend over IPv6
>> * these relays should declare a new protocol version "IPv6Relay=1"
>> 2. make relays check their IPv6 ORPorts for reachability using an IPv6Relay
>> * make relays connect to their own IPv6 ORPort (needs 1)
>> * detect and track IPv4 and IPv6 ORPort reachability separately
>> 3. make relays autodetect an IPv6 address (needs 2)
>> Here's the parent ticket for this change:
>> Our next step is to write a proposal for this change.
>> (There is already some code in some of the tickets.)
> Sounds like a good plan.
> I'd love that too -- but the thing I am thinking now is how to address
> the temporary addresses that are used in operating systems (in some my
> default, in some not by default)? Those addresses change over time
> randomly, and maybe more often than a relay would find useful.
> Is there a flag or something that can make an application tell the
> difference between a temporary IPv6 address and a static one, for example
If temporary addresses are allocated from temporary address ranges, Tor
should ignore them. (Or we can teach it to ignore them.)
If they are allocated from permanent address ranges, then the operator
needs to tell Tor which address to use.
It's just like IPv4.
More information about the tor-relays