[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-dev] Tor and BGP integration

To: tor-dev@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-dev] Tor and BGP integration
From: Linus Nordberg <linus@xxxxxxxxxxx>
Date: Thu, 09 Jun 2011 20:07:17 +0200
Delivered-to: archiver@xxxxxxxx
Delivery-date: Thu, 09 Jun 2011 14:07:33 -0400
In-reply-to: <BANLkTikB9bWqw6fF+T_n5MDGk8F28+Udvw@xxxxxxxxxxxxxx> (Jacob Appelbaum's message of "Thu, 9 Jun 2011 14:59:55 +0000")
List-archive: <http://lists.torproject.org/pipermail/tor-dev>
List-help: <mailto:tor-dev-request@lists.torproject.org?subject=help>
List-id: "This mailing list is for discussion by the developers of Tor." <tor-dev.lists.torproject.org>
List-post: <mailto:tor-dev@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev>, <mailto:tor-dev-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-dev>, <mailto:tor-dev-request@lists.torproject.org?subject=unsubscribe>
References: <BANLkTikB9bWqw6fF+T_n5MDGk8F28+Udvw@xxxxxxxxxxxxxx>
Reply-to: tor-dev@xxxxxxxxxxxxxxxxxxxx
Sender: tor-dev-bounces@xxxxxxxxxxxxxxxxxxxx
User-agent: Gnus/5.13 (Gnus v5.13)

Jacob Appelbaum <jacob@xxxxxxxxxxxxx> wrote
Thu, 9 Jun 2011 14:59:55 +0000:

| Hello from Iceland,

Hello from a strikestrucken KeflavÃkurflugvÃllur,


| We came up with two main ideas for making this happen.

Thanks for the writeup.


| Another method would be to write a controller that watches for BGP network
| updates and Tor would add relevant exit policy lines for any configured AS.
| This would allow any Tor relay to dynamically learn about network changes if
| it has access to a BGP feed patched into a controller. This could be
| implemented by adding some configuration options to Tor that let Tor know
| which AS numbers matter to which router. It may also allow for the router to
| auto learn it's own likely family network but it lacks any kind of
| bi-directional confirmation, still it seems useful information to have...

This is what I'd prefer.


| It would be fantastic if someone offered a hidden service NORDUNet BGPMon
| feed. This would help enable the first method of generating network aware

Yes.


| exit policies; this would also help with the development of AS awareness in
| Tor itself. In the future, I imagine that it makes a lot of sense for
| circuit building to be BGP aware as mere netblocks will not be very useful
| in an ipv6 world, they're already mostly irrelevant.

The BGPmon we were discussing is the one at colostate.edu[0], not the
other one.


| Anyway, food for thought. Linus and I will probably hack on some of these
| ideas in the near future.

I'm already running something[1] that is collecting a feed and storing
it in an SQL database.  I should tech it i) how to emit torrc Export
lines and ii) the Tor control protocol ("exit-policy/default").


[0] http://bgpmon.netsec.colostate.edu
[1] http://git.nordu.net/?p=bgp-logger.git
_______________________________________________
tor-dev mailing list
tor-dev@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev

Follow-Ups:
- Re: [tor-dev] Tor and BGP integration
  - From: Jeroen Massar

References:
- [tor-dev] Tor and BGP integration
  - From: Jacob Appelbaum

Prev by Author: Re: [tor-dev] Proposal: Optimistic Data for Tor: Client Side
Next by Author: Re: [tor-dev] Improving Private Browsing Mode/Tor Browser
Previous by thread: [tor-dev] Tor and BGP integration
Next by thread: Re: [tor-dev] Tor and BGP integration
Index(es):
- Author
- Thread