Re: [tor-dev] How many exits exit from an IP address different than their OR address? (10.7%)

[coderman <coderman@xxxxxxxxx>]

On 1/12/16, Tim Wilson-Brown - teor <teor2345@xxxxxxxxx> wrote:
> ...
> The current tor implementation simply calls connect() if OutBoundBindAddress
> is not set for the destination address family.
> This means that the connection will be made from a source address based on
> the routing table entry for the destination address.
> Tor really doesn't have much control over this, it's an OS-level decision.

per https://trac.torproject.org/projects/tor/ticket/17975 however, it
might make sense to have a specific bind address for Exit traffic, in
addition to a general OutBoundBindAddress for OR-links. (as you allude
to below)



> We could set the default value of OutboundBindAddress(es) to the ORPort
> address(es), but this would override the OS's routing tables.

do NOT set a default for OutboundBindAddress !  it is intended as an
override, since the default behavior is usually desired and should be
kept as is.



> Of course, if the operator specifically configures an outbound address, or
> an outbound address for Exit traffic (#17975), that's a different matter -
> tor should obey explicit configuration directives.

this is the proper situation. only question is who would have a
compelling use for separating outbound OR connections and outbound
Exit traffic, as per #17975?


> I'm not sure that adding "exit" IP addresses to the consensus is that
> helpful, ...

do NOT ask for exit IP in consensus. it is not useful, not accurate,
wastes bandwidth, and fails in its intended purpose.


best regards,
_______________________________________________
tor-dev mailing list
tor-dev@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev