[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-bugs] #26646 [Core Tor/Tor]: add support for multiple OutboundBindAddressExit IP(ranges)

To: undisclosed-recipients: ;
Subject: [tor-bugs] #26646 [Core Tor/Tor]: add support for multiple OutboundBindAddressExit IP(ranges)
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Wed, 04 Jul 2018 23:17:09 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Wed, 04 Jul 2018 19:17:21 -0400
List-archive: <http://lists.torproject.org/pipermail/tor-bugs/>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
Reply-to: no-reply@xxxxxxxxxxxxxx, tor-assistants@xxxxxxxxxxxxxx
Sender: "tor-bugs" <tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx>

#26646: add support for multiple OutboundBindAddressExit IP(ranges)
------------------------------+--------------------
     Reporter:  nusenu        |      Owner:  (none)
         Type:  enhancement   |     Status:  new
     Priority:  Medium        |  Milestone:
    Component:  Core Tor/Tor  |    Version:
     Severity:  Normal        |   Keywords:
Actual Points:                |  Parent ID:
       Points:                |   Reviewer:
      Sponsor:                |
------------------------------+--------------------
 tor has support for dedicated outbound IP addresses
 for on exit relays via OutboundBindAddressExit.
 This parameter supports only a single IPv4 and a single IPv6 address.

 I propose to add an extension of this feature to support IPv4 and IPv6
 ranges/prefixes.

 The idea is to assign an IP address to each tor circuit. The exit IP
 address must never change during the lifetime of the circuit.

 Exit IP addresses would be randomly assigned to circuits. Once
 the exit runs out of IPs it cycles through his pool of IPs again.
 With IPv6 address space availability this can take a long time
 with IPv4 it will be limited.

 This aims to reduce the negative impact of few "bad" users on many "good"
 users since they will not share the same IP address on the exit.

 This might also have some negative? side effect since
 it demultiplexes tor clients to multiple source IPs on the exit
 and an external observer (not running the exit itself)
 can tell clients apart by looking at source IPs.

 Instead of doing it on the circuit level you could do it
 based on time. Change the exit IP every 5 minutes (but
 do _not_ change the exit IPs for _existing_ circuits even if they
 live longer than 5 minutes).

 https://lists.torproject.org/pipermail/tor-dev/2018-March/013036.html

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/26646>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Follow-Ups:
- Re: [tor-bugs] #26646 [Core Tor/Tor]: add support for multiple OutboundBindAddressExit IP(ranges)
  - From: Tor Bug Tracker & Wiki

Prev by Author: Re: [tor-bugs] #26477 [Applications/Tor Browser]: Meek is broken in ESR60-based Tor Browser
Next by Author: Re: [tor-bugs] #26890 [Core Tor/Tor]: Redefine coverity version of the BUG macro
Previous by thread: Re: [tor-bugs] #24153 [Metrics/Library]: Make DescriptorCollector resume previously aborted downloads
Next by thread: Re: [tor-bugs] #26646 [Core Tor/Tor]: add support for multiple OutboundBindAddressExit IP(ranges)
Index(es):
- Author
- Thread