[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] New release candidate: Tor

On 22 Jan (22:31:45), Roman Mamedov wrote:
> On Fri, 22 Jan 2021 12:02:50 -0500
> Nick Mathewson <nickm@xxxxxxxxxxxxxx> wrote:
> >   o Major bugfixes (authority, IPv6):
> >     - Do not consider multiple relays in the same IPv6 /64 network to be
> >       sybils. Fixes bug 40243; bugfix on
> Each /64 should be treated as an equivalent to 1 address in the IPv4 world, so
> it seems to me that the original code was correct.
> Any home user gets at least one /64 from their ISP [1]. It is not the minimum
> routable block on the internet (as per bugreport[2]), the minimum is actually
> a /48. But it is the minimum block that is usable on a LAN with SLAAC
> auto-configuration, and as such is the minimum block any ISP will provide to a
> home broadband subscriber.
> Some server hosts do put multiple distinct users within the same /64 -- but
> they are wrong in doing that, there should be no pampering to that practice.
> I suggest to carefully reconsider if giving a free pass to run any number of
> relays from a single /64, which are in most cases controlled entirely by a
> single user, and then relying on path selection to limit the damage, is not
> weakening the security model too much just to accommodate for a few bad
> webhosts.

Can you expand here on why you think an operator using a /64 is worst than an
operator using an IPv4 /24 to run their relays?

We have large Exit operators on the network that have racks of servers but
only have a /48 available to them and thus they run a "fleet" of Exits on that
very close by address range.

Using the /128 we had before resulted in rejecting more than 400 relays from
the network where all of them were actually legit known trusted operators and
thus we expanded it to the /64 so a single operator is able to run more than
one relay.

It is important here to differentiate path selection versus sybil detections.
Path selection will _not_ select an IPv6 in the same /32 (which is quite
large) and /16 for IPv4.

As for sybil, we are looking for more than 2 relays per address which is the
limit that has been for a long time now. That is true on IPv4 and IPv6 as
well, the checked masked are /32 and /128 respectively.



Attachment: signature.asc
Description: PGP signature

tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to