Date: Fri, 22 May 2015 19:29:43 +0500
From: Roman Mamedov r...@romanrm.net
On Fri, 22 May 2015 13:31:02 +
Speak Freely when2plus2...@riseup.net wrote:
Uhh, I would like to point out that it would be exceptionally stupid
to have Tor autoconfigure IP addresses, regardless of whether it's
IPv4 or IPv6.
On IPv4 it currently does. There is zero rationale as to why IPv6 must be
different from IPv4 in this aspect.
IP address autodetection is a useful feature for those servers which are
dynamically assigned IP addresses. But it's not appropriate in every
circumstance, which is why the ORPort and DirPort config options allow an IP
address to be specified. It's only in the absence of a configured IP that
autodetection is performed.
Here are the enhancement requests in trac that need to be completed for IPv6
address autodetection:
The enhancement request for Tor autodetecting IPv6 addresses is here:
https://trac.torproject.org/projects/tor/ticket/5940
Since Tor normally autodetects its IPv4 address via its first directory
request, this requires the directory authorities and/or fallback directories to
be on IPv6 answering directory requests:
Directory Authorities on IPv6
https://trac.torproject.org/projects/tor/ticket/6027
Fallback Directories on IPv6
https://trac.torproject.org/projects/tor/ticket/8374
Fallback Directories Initial Release on IPv4/IPv6
https://trac.torproject.org/projects/tor/ticket/15775
Clients/Relays will also need to query directory servers on both IPv4 and IPv6
to autoconfigure both addresses. Currently, directory requests are only made
using the default IP protocol, or IPv4 (I'm not sure which).
Once these client and server changes are in place, we then need to test clients
to ensure they will bootstrap correctly:
* When clients are on IPv4 only, mixed IPv4/IPv6, and IPv6 only; (3)
Combined with:
* On first run and subsequent runs; (2)
Combined with:
* When the directory authorities are available on IPv4 only, IPv4/IPv6, and
IPv6 only;
* When the directory authorities aren't available, and Fallback Directories are
available on IPv4 only, IPv4/IPv6, and IPv6 only; (6)
Combined with:
* Using HTTP (DirPort) and Tunneled (ORPort) directory fetches. (2)
4 4/6 6
a4Y Y f
a4/6 Y Y Y
a6f Y Y
f4Y Y N
f4/6 Y Y Y
f6N Y Y
Y = Yes, Tor should bootstrap
f = Tor should use other authorities or fallback directories with matching IP
version(s)
N = Tor should fail to bootstrap if it doesn't have access to any directories
with matching IP version(s), and it doesn't have a recent consensus. Otherwise,
it should find a directory with a matching IP version. This may involve a
tunneled directory request if DirPorts are not available but ORPorts are, and
Tor has enough information to tunnel over an ORPort (this might not apply in
the first run case).
That's a lot of different combinations that we need to test and ensure they
work as intended. And I am concerned about the complexity of the N case.
We'd appreciate any help on these IPv6 enhancements, particularly coding the
server-side changes, as it's difficult to code and test the client-side changes
without them.
teor
teor2345 at gmail dot com
pgp 0xABFED1AC
https://gist.github.com/teor2345/d033b8ce0a99adbc89c5
teor at blah dot im
OTR D5BE4EC2 255D7585 F3874930 DB130265 7C9EBBC7
signature.asc
Description: Message signed with OpenPGP using GPGMail
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays