[tor-relays] IPv6 auto-discovery vs. privacy extensions
David Goulet
dgoulet at torproject.org
Thu Feb 25 13:19:37 UTC 2021
On 24 Feb (11:08:15), Onion Operator wrote:
> Saluton,
>
> My relay started to log this message since 0.4.5.5:
>
> Auto-discovered IPv6 address [...]:443 has not been found reachable. However, IPv4 address is reachable. Publishing server descriptor without IPv6 address. [2 similar message(s) suppressed in last 2400 seconds]
>
> I think it started with the introduction of IPv6 auto-discovery.
>
> The problem, as I understand it, is that my relay has IPv6 privacy
> extensions enabled and therefore the IPv6 detection logic gets
> fooled. Indeed the IPv6 I see in the logs is one of the temporary
> addresses used as client towards other relays.
>
> Relevant config is:
>
> ORPort 443 IPv4Only
> ORPort [...]:443 IPv6Only
>
> I added the IPv{4,6}Only options only in searching a solution to this
> problem, before 0.4.5.5 the IPv6 relay worked perfectly without.
>
> In reading the documentation of AddressDisableIPv6 I got the
> impression that if (any?) ORPort is configured with IPv4Only the
> IPv6 auto-discovery gets disabled but evidence does not support my
> understanding. Is it a bug?
>
> Any other way to disable IPv6 auto-discovery?
"AddressDisableIPv6 1" should do it.
Also, "ORPort 443 IPv4Only" _only_ should also not make your tor auto-discover
IPv6 at all. If it does, we have a bug! Sending us debug logs (even in private
to my address) would be helpful in that case.
The last option is to "pin" an IPv6 by using either "Address" or directly in
the ORPort with "ORPort IP:PORT".
Thanks!
David
--
E7wflFgKE/E5SRn+WXE1QvJTtRMvCV3b2OGyVzMvXSY=
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: not available
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20210225/751f3af7/attachment.sig>
More information about the tor-relays
mailing list