[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: tor over ipv6

To: or-talk@xxxxxxxxxxxxx
Subject: Re: tor over ipv6
From: Arjan <n6bc23cpcduw@xxxxxxxxxxxxxxxxxxxxxx>
Date: Tue, 20 Jan 2009 21:09:22 +0100
Delivered-to: archiver@xxxxxxxx
Delivered-to: or-talk-outgoing@xxxxxxxx
Delivered-to: or-talk@xxxxxxxx
Delivery-date: Tue, 20 Jan 2009 15:09:32 -0500
In-reply-to: <4974CC7D.2070902@xxxxxxxxx>
References: <4974CC7D.2070902@xxxxxxxxx>
Reply-to: or-talk@xxxxxxxxxxxxx
Sender: owner-or-talk@xxxxxxxxxxxxx
User-agent: Thunderbird 2.0.0.19 (X11/20090105)

Udo van den Heuvel wrote:
> Just a thought:
> 
> With the previous tor experiences in mind w.r.t. services blocking me, I
> thought about IPv6.
> 
> I could run a somewhat open relay on an IPv6 number via a IPv6 in IPV4
> tunnel if I (ever) get that to work. My isp (xs4all) offers such a
> tunnel for free and a (small?) IPv6 subnet to go.

The subnet (/48) isn't exactly small. It's 2^80 addresses ;-)
Try setting one up. Their Service Centre page can even create example
configuration files for you.
Note to other readers: The XS4ALL tunnels are for customers only.

I wouldn't recommend running an exit from XS4ALL IP space. The last time
I tried, it only took a few hours before they disconnected me.

> a) does tor work well with IPv6?

As Nick said, unfortunately it does not work at all. The three-year
development roadmap didn't mention IPv6 plans either (the roadmap
document only briefly pointed to the proposals).

> b) how is the added value for the tor network? (IPv6 vs IPv4?)

IPv4 addresses are running out:
http://www.potaroo.net/tools/ipv4/index.html

This means that IPv6 usage will go up. It has gotten much better in the
past year. Check the yearly graph for the Amsterdam Internet Exchange
(bottom graph):
http://www.ams-ix.net/technical/stats/sflow/?type=ipv6

IPv6 has the added advantage that there's no NAT. More people will be
able to run Tor relays.

> c) how well would the IPv6 setup work w.r.t. my IPv4 number(s) being
> blocked by whatver server/service/etc.

When using 6to4 or Teredo, your IPv6 addresses are derived from your
IPv4 address. This means that when one is known, the other is known (and
can be blocked) too.
When using native IPv6 or a tunnel from a tunnel broker, the IPv6 and
IPv4 addresses aren't related.

> d) any actual operational experiences here?

IPv6: Yes
Tor: Yes
And I'm willing to try IPv6 + Tor

> Anyone?

For anyone who wants to try IPv6:
- You can get a free tunnel from a tunnel broker:
  Hurricane Electric: Easy to sign up and they have IPv6
  certification tests to let you demonstrate your IPv6 skills:
	http://tunnelbroker.net/
  SixXS: Signing up takes a little more effort. Privacy is a
  bit of a concern, but very recently it got better because they
  now allow you to hide your user details in the whois database:
	http://www.sixxs.net/
- Or use 6to4
	http://en.wikipedia.org/wiki/6to4
- Or use Teredo
	http://en.wikipedia.org/wiki/Teredo_tunneling

SixXS (aiccu) and Teredo are easy to setup. It should work with
practically any IPv4 NAT setup.
Hurricane Electric, 6to4 and XS4ALL use protocol 41 IPv6 in IPv4 tunnels
and may be more difficult/impossible to setup, depending on your
modem/router/firewall.

Follow-Ups:
- Re: tor over ipv6
  - From: Juliusz Chroboczek

References:
- tor over ipv6
  - From: Udo van den Heuvel

Prev by Author: Re: looking for an FTP -> SOCKS proxy
Next by Author: xB Browser now includes SSL MD5 blocking
Previous by thread: Re: tor over ipv6
Next by thread: Re: tor over ipv6
Index(es):
- Author
- Thread