[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #29801 [Core Tor/Tor]: Add teor's suggestions for Prop#299 (referring IPv4 or IPv6 based on IP Version Failure Count)



#29801: Add teor's suggestions for Prop#299 (referring IPv4 or IPv6 based on IP
Version Failure Count)
---------------------------+--------------------------------
 Reporter:  neel           |          Owner:  neel
     Type:  enhancement    |         Status:  needs_revision
 Priority:  Medium         |      Milestone:
Component:  Core Tor/Tor   |        Version:
 Severity:  Normal         |     Resolution:
 Keywords:  ipv6, prop299  |  Actual Points:
Parent ID:  #27491         |         Points:
 Reviewer:  nickm          |        Sponsor:
---------------------------+--------------------------------

Comment (by teor):

 Replying to [comment:5 nickm]:
 > Third, I'm assuming that we only do this algorithm when we detect that
 we are dual-stack.  If we only have an ipv6 address or an ipv4 address,
 then we should just assume that's the only one we can use, right?

 And what do we do if we can't detect any of our addresses?
 (Some OSes allow administrators to block the APIs that Tor uses to detect
 local addresses. I know of at least one Tor user who does this.)

 Using local addresses is covered by ticket #27492 - Try IPv4 or IPv6 more
 often based on public or private IP addresses. I think it makes sense to
 include all the children of #17835 in this proposal. (It's the only
 missing child that adds a new feature. All the rest are refactoring or
 bugs.)

 > Fourth, the halving algorithm seems kind of complicated to me.  In some
 other places, we halve things like this based on the passage of time,
 rather than on their totals. Would that make sense here?
 >
 > Fifth, I don't understand section 7.  Why would a client need to make 4
 connections at once to a guard?

 You're right. This section is not very clear.

 Tor limits the number of simultaneous connection attempts *when
 bootstrapping* using the option
 ClientBootstrapConsensusMaxInProgressTries. The default is 3, which is too
 low for networks that drop all IPv4 or all IPv6 packets.

 Tor doesn't limit the number of simultaneous connection attempts once it
 has bootstrapped. Unless the DDoS code added a limit on the client side?

 > Sixth, what should the default be for ClientAutoIPv6ORPort?

 0 until it has been tested and we are sure we want the feature on by
 default.
 Similarly, each flag should be off by default, until we have tested it.
 Then we can decide if it should be on by default.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/29801#comment:7>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs