[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: tor over ipv6
Udo van den Heuvel wrote:
> Just a thought:
> With the previous tor experiences in mind w.r.t. services blocking me, I
> thought about IPv6.
> I could run a somewhat open relay on an IPv6 number via a IPv6 in IPV4
> tunnel if I (ever) get that to work. My isp (xs4all) offers such a
> tunnel for free and a (small?) IPv6 subnet to go.
The subnet (/48) isn't exactly small. It's 2^80 addresses ;-)
Try setting one up. Their Service Centre page can even create example
configuration files for you.
Note to other readers: The XS4ALL tunnels are for customers only.
I wouldn't recommend running an exit from XS4ALL IP space. The last time
I tried, it only took a few hours before they disconnected me.
> a) does tor work well with IPv6?
As Nick said, unfortunately it does not work at all. The three-year
development roadmap didn't mention IPv6 plans either (the roadmap
document only briefly pointed to the proposals).
> b) how is the added value for the tor network? (IPv6 vs IPv4?)
IPv4 addresses are running out:
This means that IPv6 usage will go up. It has gotten much better in the
past year. Check the yearly graph for the Amsterdam Internet Exchange
IPv6 has the added advantage that there's no NAT. More people will be
able to run Tor relays.
> c) how well would the IPv6 setup work w.r.t. my IPv4 number(s) being
> blocked by whatver server/service/etc.
When using 6to4 or Teredo, your IPv6 addresses are derived from your
IPv4 address. This means that when one is known, the other is known (and
can be blocked) too.
When using native IPv6 or a tunnel from a tunnel broker, the IPv6 and
IPv4 addresses aren't related.
> d) any actual operational experiences here?
And I'm willing to try IPv6 + Tor
For anyone who wants to try IPv6:
- You can get a free tunnel from a tunnel broker:
Hurricane Electric: Easy to sign up and they have IPv6
certification tests to let you demonstrate your IPv6 skills:
SixXS: Signing up takes a little more effort. Privacy is a
bit of a concern, but very recently it got better because they
now allow you to hide your user details in the whois database:
- Or use 6to4
- Or use Teredo
SixXS (aiccu) and Teredo are easy to setup. It should work with
practically any IPv4 NAT setup.
Hurricane Electric, 6to4 and XS4ALL use protocol 41 IPv6 in IPv4 tunnels
and may be more difficult/impossible to setup, depending on your