[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-bugs] #6027 [Tor]: Directory authorities on IPv6
#6027: Directory authorities on IPv6
--------------------------------------------+-------------------------------
Reporter: ln5 | Owner:
Type: project | Status: needs_review
Priority: normal | Milestone: Tor: 0.2.5.x-final
Component: Tor | Version:
Keywords: ipv6 tor-auth SponsorF20130315 | Parent:
Points: | Actualpoints:
--------------------------------------------+-------------------------------
Comment(by karsten):
I'm trying to test your bug6027 branch, with no luck so far. Here's what
I did:
- Set up an EC2 instance with outbound IPv6 connectivity and a firewall
rule to drop all new outgoing IPv4 connections. `curl -6
https://www.torproject.org/` works fine, and `curl
https://www.torproject.org/` doesn't do anything.
- Added three directory authority IPv6 addresses to src/or/config.c:
{{{
diff --git a/src/or/config.c b/src/or/config.c
index 6ae96ad..448472c 100644
--- a/src/or/config.c
+++ b/src/or/config.c
@@ -782,6 +782,7 @@ add_default_trusted_dir_authorities(dirinfo_type_t
type)
"v3ident=D586D18309DED4CD6D57C18FDB97EFA96D330566 "
"128.31.0.39:9131 9695 DFC3 5FFE B861 329B 9F1A B04C 4639 7020
CE31",
"tor26 v1 orport=443 v3ident=14C131DFC5C6F93646BE72FA1401C02A8DF2E8B4
"
+ "ipv6=[2001:858:2:2:aabb:0:563b:1526]:443 "
"86.59.21.38:80 847B 1F85 0344 D787 6491 A548 92F9 0493 4E4E B85D",
"dizum orport=443 v3ident=E8A9C45EDE6D711294FADF8E7951F4DE6CA56B58 "
"194.109.206.212:80 7EA6 EAD6 FD83 083C 538F 4403 8BBF A077 587D
D755",
@@ -797,9 +798,11 @@ add_default_trusted_dir_authorities(dirinfo_type_t
type)
"v3ident=585769C78764D58426B8B52B6651A5A71137189A "
"193.23.244.244:80 7BE6 83E6 5D48 1413 21C5 ED92 F075 C553 64AC
7123",
"urras orport=80 no-v2
v3ident=80550987E1D626E3EBA5E5E75A458DE0626D088C "
+ "ipv6=[2607:ff58::d053:df22]:80 "
"208.83.223.34:443 0AD3 FA88 4D18 F89E EA2D 89C0 1937 9E0E 7FD9
4417",
"maatuska orport=80 no-v2 "
"v3ident=49015F787433103580E3B66A1707A00E60F2D15B "
+ "ipv6=[2001:67c:289c::9]:80 "
"171.25.193.9:443 BD6A 8292 55CB 08E6 6FBE 7D37 4836 3586 E46B
3810",
"Faravahar orport=443 no-v2 "
"v3ident=EFCBE720AB3A82B99F9E953CD5BF50F7EEFC7B97 "
}}}
- Added fallback dirs from #8374 to torrc. Also added `ClientUseIPv6`
and `ClientPreferIPv6ORPort` options that looked relevant here:
{{{
DataDirectory /home/ubuntu/client/data/
Log info file /home/ubuntu/client/data/info.log
Log info stdout
ClientUseIPv6 1
ClientPreferIPv6ORPort 1
FallbackDir 77.247.181.162:80 orport=443
id=253DFF1838A2B7782BE7735F74E50090D46CA1BC weight=72700
ipv6=[2a00:1768:1001:21:1:0:32a3:201a]:443
FallbackDir 171.25.193.20:80 orport=443
id=DD8BD7307017407FCC36F8D04A688F74A0774C02 weight=50600
ipv6=[2001:67c:289c::20]:443
FallbackDir 128.6.224.107:9030 orport=9001
id=D67B28212377617448A2AC192E11372AD951FD13 weight=18000
ipv6=[2620:0:d60:401::2]:9001
FallbackDir 82.94.251.204:80 orport=443
id=9B02AA745B22B3FAB37C84B5E695623DD107A74D weight=15100
ipv6=[2001:888:2133:0:82:94:251:204]:443
FallbackDir 188.40.51.232:80 orport=443
id=CAF7986ECF1FBF903E68155531F8930C9ECC3A0D weight=13900
ipv6=[2a01:4f8:100:24e1:ffff::1]:443
FallbackDir 193.11.164.242:9030 orport=9001
id=980D326017CEF4CBBF4089FBABE767DC83D059AF weight=13800
ipv6=[2001:6b0:7:125::242]:9001
FallbackDir 171.25.193.21:80 orport=443
id=A10C4F666D27364036B562823E5830BC448E046A weight=13300
ipv6=[2001:67c:289c::21]:443
FallbackDir 149.20.52.51:9030 orport=5251
id=09C0E63BD41FE86A31CB3FB27C4D54F7D49A1F7C weight=12500
ipv6=[2001:4f8:3:2e::51]:5251
FallbackDir 91.121.245.171:80 orport=443
id=85670C66276B84F956FC9F2407DAFF9774104522 weight=2550
ipv6=[2001:41d0:2:90a8::3]:443
FallbackDir 78.47.134.6:3480 orport=3451
id=26220AEA188B8D0E47BB541E1A616EB3AD70295F weight=2360
ipv6=[2a01:4f8:d13:1602::2012]:3451
}}}
However, when starting the tor client it always attempts to download the
consensus from a fallback directory (this part works), but using its IPv4
address:
{{{
May 14 19:17:38.000 [notice] Bootstrapped 5%: Connecting to directory
server.
May 14 19:17:38.000 [info] connection_ap_make_link(): ... application
connection created and linked.
May 14 19:17:38.000 [info] directory_send_command(): Downloading consensus
from 171.25.193.20:443 using /tor/status-vote/current/consensus-
microdesc/14C131+27B6B5+49015F+585769+805509+D586D1+E8A9C4+ED03BB+EFCBE7.z
May 14 19:17:38.000 [info] or_state_save(): Saved state to
"/home/ubuntu/client/data//state"
May 14 19:17:38.000 [info] connection_edge_process_inbuf(): data from edge
while in 'waiting for circuit' state. Leaving it on buffer.
May 14 19:17:38.000 [info] connection_edge_process_inbuf(): data from edge
while in 'waiting for circuit' state. Leaving it on buffer.
May 14 19:19:38.000 [info] connection_ap_expire_beginning(): Tried for 120
seconds to get a connection to [scrubbed]:443. Giving up. (waiting for
circuit)
}}}
How would I tell my tor client that I don't have any outgoing IPv4
connectivity and that it should instead use only IPv6 addresses?
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/6027#comment:16>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs