[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-relays] IPv6 to IPv4 tor exit relays would fix many daily tor-problems

To: tor-relays@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-relays] IPv6 to IPv4 tor exit relays would fix many daily tor-problems
From: teor <teor2345@xxxxxxxxx>
Date: Wed, 5 Jul 2017 12:48:59 +1000
Delivered-to: archiver@xxxxxxxx
Delivery-date: Tue, 04 Jul 2017 22:49:24 -0400
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:mime-version:subject:date:references:to:in-reply-to:message-id; bh=NTIhWKT74131xETdOxb94j20yC5MBBSXVee1lxi1caY=; b=EOpBgBhGkpMf/9k3YcPHjut8zeB15jUiY1rt0d60DBKarrc+QNUd1sX+oq0002FVAI umWt8v+cKAPtB6m8IFp20fvvyYfMZeHd+wxHtwOvAkaz+ADSYJP2IUKSbnkr+lAW2cnE GZ21e5erlWPYYiW/9PjAU3aaCGrklrfqJtryn9ca4qIgNBJMueMr5XbfDfcbk5iVUY2A VWNTUMBYTxP7Qxft+vUYSy8/7QxjNhmb+O+jQAarugHwImd9r5Ip6ZZSYFjoMTpZOEqw I8Jd/vYGdm9QuiEADMixFG314W3m0lmc9hlvuO5wzrUBn3eLO/djBxPWa4We1EpyajSW nZag==
In-reply-to: <aAHcWmLkG2sZhNNRhvFkrxP9DB30y9ybi4UTFJecOZ7Yici_ibNtb_-wKvE3XIIq9y0912WpNqALUjV9iAgD3WQyFaacWhTbZLRuGAlNsQI=@protonmail.com>
List-archive: <http://lists.torproject.org/pipermail/tor-relays/>
List-help: <mailto:tor-relays-request@lists.torproject.org?subject=help>
List-id: "support and questions about running Tor relays \(exit, non-exit, bridge\)" <tor-relays.lists.torproject.org>
List-post: <mailto:tor-relays@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=unsubscribe>
References: <cDJgryupYfDXM4FLAVyro-KGcESqsQqn5agK27y-4F2_ibuRvoG7uY4ao3cKOqKZO3Z1cxcx_LX0MfYFEHXiuDdxaoW3flIFhiKHN2k-kOI=@protonmail.com> <BBBEA21E-4B69-4D2C-8B90-38A682966E30@gmail.com> <CAD2Ti2-c04tUCD79zXecuohH0Cjwp-2Qo=aaF1zdDYC8YsuH1A@mail.gmail.com> <201706300655.v5U6tpDA017267@sdf.org> <6FCD3C9B-D4FB-4BA5-8D8F-2321B80A8C05@gmail.com> <aAHcWmLkG2sZhNNRhvFkrxP9DB30y9ybi4UTFJecOZ7Yici_ibNtb_-wKvE3XIIq9y0912WpNqALUjV9iAgD3WQyFaacWhTbZLRuGAlNsQI=@protonmail.com>
Reply-to: tor-relays@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-relays" <tor-relays-bounces@xxxxxxxxxxxxxxxxxxxx>

> On 5 Jul 2017, at 10:27, Fof582 <fof582@xxxxxxxxxxxxxx> wrote:
> 
>> Most tor clients send a DNS name, and flags that say whether they
>> allow IPv4 and IPv6, and which one they prefer. They rely on the Exit
>> to resolve the IP address and connect to the site.
>> 
>> On the current network, an IPv6-only Exit won"t get the Exit flag, and
>> therefore won"t get much client traffic. And it probably shouldn"t,
>> until almost all internet sites are on IPv6. Otherwise clients will
>> ask it to connect to IPv4-only sites, and it will fail them.
> 
> But thats exactly the case in a "tor exit that can only be reached by ipv6, but reach itself ipv4 and ipv6".
> Can such a exit be run at the moment? IPv6 can be used on such a exit for in+out-traffic, IPv4 can be used to reach out everything - its just behind a NAT.
> IPv4-only sites can be reached from the exit. The only case is that the exit itself can only be reached over IPv6 because of IPv4-NAT.

No, Exits need bidirectional connectivity over IPv4, because clients
need to build circuits to them via IPv4-only middle relays.
(Otherwise the Exit would have to connect our to the middle relay
before the path would work, which breaks the clique requirement.)

A similar requirement applies to all public relays, and will continue
to apply, until some researchers show how to preserve client anonymity
in a non-clique network.

IPv6-only bridges are a special case, because they only connect out.
And they look like clients to the rest of the network.
We just need to fix the Tor code that makes them work:

https://trac.torproject.org/projects/tor/ticket/4847

T
--
Tim Wilson-Brown (teor)

teor2345 at gmail dot com
PGP C855 6CED 5D90 A0C5 29F6 4D43 450C BA7F 968F 094B
ricochet:ekmygaiu4rzgsk6n
xmpp: teor at torproject dot org
------------------------------------------------------------------------

Attachment: signature.asc
Description: Message signed with OpenPGP

_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

References:
- Re: [tor-relays] IPv6 to IPv4 tor exit relays would fix many daily tor-problems
  - From: Fof582

Prev by Author: Re: [tor-relays] Load balancing (with IPVS) multiple Tor daemons
Next by Author: Re: [tor-relays] badexit 29378422C99074D06331D5700E47451610B0D20D
Previous by thread: Re: [tor-relays] IPv6 to IPv4 tor exit relays would fix many daily tor-problems
Next by thread: Re: [tor-relays] IPv6 to IPv4 tor exit relays would fix many daily tor-problems
Index(es):
- Author
- Thread