[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] using UDPGW and tun2socks over Tor

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-talk] using UDPGW and tun2socks over Tor
From: grarpamp <grarpamp@xxxxxxxxx>
Date: Mon, 27 Oct 2014 13:00:38 -0400
Cc: ambrop7@xxxxxxxxx
Delivered-to: archiver@xxxxxxxx
Delivery-date: Mon, 27 Oct 2014 13:00:51 -0400
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=x0BNp+p5NzD46CU0Qm86vg3fHQES2IL+Ij+PCJAQ94o=; b=gtKISMhJYKNayK+DxhO3LujakgArj9XroBXfVnFoc/4fUSAwtyu0SN6xn0hsvG9C1F u0/Mf48BoRW9A8VWtgjIjqnxyaRWO9R2eaDwP63dZlVLm5d1GXyZxAWZvLmUsht4ub59 YpD4hsAAM+8AntLqkyMqPBovP1P/bnRj7wvnJzqRcJ5iTaLGc6GNph07nViPqFY7gFtV H+cOUHYr6RQawDgOtGVqRTh4Xyn6DgcMQkx0RLTlnyBOcE8KzxRB7mWKHV166/SxyUiq bHy459gvR1gnTVrjT3qQky19Sn1TlpCSSS4IPAhmAaeKvdasDUN0rbL7xzwNDXAEYEzb MwoQ==
In-reply-to: <1414128957.1286791.182745789.27EF00B3@xxxxxxxxxxxxxxxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "all discussion about theory, design, and development of Onion Routing" <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <1414128957.1286791.182745789.27EF00B3@xxxxxxxxxxxxxxxxxxxxxxxxxxx>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-talk" <tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx>

On Fri, Oct 24, 2014 at 1:35 AM, Nathan Freitas <nathan@xxxxxxxxxxx> wrote:
> Is there any reason we shouldn't consider supporting UDP over Tor with
> Orbot, by tunneling the packets using the combination of badvpn's
> tun2socks and udpgw ("udp gateway") feature?

There's no reason raw IP itself (any/none of its numbered protocols)
shouldn't / couldn't be transported over Tor using OpnVPN (at least
until Tor itself is extended as such).

> This has come up as we are
> implementing the Android VPNService, and discovered how easy to
> implement and well performing the badvpn UDP tunneling capability is.

> This means we can support SIP calling over Tor, video conference and
> streaming, among other applications...

> https://code.google.com/p/badvpn/
> https://code.google.com/p/badvpn/wiki/tun2socks
> https://github.com/ambrop72/badvpn

... Not necessarily, unless you're statically mapping all the people
(IP's) you want to communicate with beforehand, (which you can't with
random unknown participants ie: Bittorrent, or people on dynamic or
mobile), you're currently constrained by address collisions:
- Trying to pack the entire IPv4 address space you might want to
'call' into your tiny 10.0.0.0/24 adapter space. Same for put entire IPv6
space into your private IPv6/48 adapter space.
- Similarly what you're going to do when Tor moves to wider than
80bit onion addressing which currently fits nicely into a private IPv6/48.
(Need a secure IPv6<->onion address mapping layer pushed into a
DHT/blockchain or just resorting to trusting some volunteer run in-net
lookup service.)

edit: Just noticed badvpn's mention of pushing a *VM* on a 10 address
through socks with this, at least for TCP, which is simpler. As opposed
to pushing any app on the raw iron through a *VPN* which could be
constrained as above. Left this anyway for thought in related things.

> It does mean that someone would have to operate the
> gateway/infrastructure portion of udpgw at a capacity necessary to
> handle all udp streaming traffic sent for all Orbot users, but I would
> consider that to be feasible. Perhaps udpgw instances can be run along
> side all Tor exit nodes?

Read below thread flowing on both tor-talk and tor-relays, flows over
May and June, with better specification/answers in later posts.
https://lists.torproject.org/pipermail/tor-relays/2014-May/004516.html
Subject: Ops request: Deploy OpenVPN terminators
-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Follow-Ups:
- Re: [tor-talk] using UDPGW and tun2socks over Tor
  - From: grarpamp

References:
- [tor-talk] using UDPGW and tun2socks over Tor
  - From: Nathan Freitas

Prev by Author: [tor-talk] Fwd: [mpop-users] Tor support in msmtp and mpop
Next by Author: Re: [tor-talk] using UDPGW and tun2socks over Tor
Previous by thread: [tor-talk] using UDPGW and tun2socks over Tor
Next by thread: Re: [tor-talk] using UDPGW and tun2socks over Tor
Index(es):
- Author
- Thread