[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-relays] no ipv6 traffic from/to relays ?



> On 8 Feb 2017, at 00:07, tor@xxxxxxxxxx wrote:
> 
> On 06.02.17 09:25, nusenu wrote:
>> The first release with the fix for [1] was in 0.3.0.3-alpha [2].
>> So if you run an IPv6 exit, upgrading to 0.3.0.3-alpha potentially
>> increases the tor network's IPv6 exit capacity.
>> teor and nickm plan a backport for tor 0.2.9.x
>> [1] https://trac.torproject.org/projects/tor/ticket/21357
>> [2]
>> https://lists.torproject.org/pipermail/tor-talk/2017-February/042900.html
>> These 47 exits account for more than 8.6% exit probability and currently
>> do not allow IPv6 exiting (either due to this bug or due to missing
>> IPv6Exit 1' or exit policy)
>> ...
> 
> IPv6 only exits are still not possible with this patch?

No, and the reason depends what you mean by "IPv6 only exits".

If you mean "relays on IPv6 without an IPv4 listening port", then no,
due to the current IPv4 clique requirement for the Tor network (this
needs further research, there might be ways to preserve client
anonymity without every relay being able to connect to every other
relay).

If you mean "relays on IPv4 and IPv6 that only exit to IPv6" these can
be configured:

ExitPolicy reject *4:*
ExitPolicy accept *6:*

But relays do not get the Exit flag unless they exit to at least one
IPv4 /8 on at least two of ports 80, 443, and 6667. An exit without
the Exit flag won't be used by (most) clients.

And Exit port summaries in microdescriptors require a relay to Exit to
almost all addresses (they can't reject more than an IPv4 /7 or IPv6
/16). An Exit with an empty IPv4 port summary won't be used by (most)
clients. (There is a separate summary for IPv6.)

This is inconsistent, I've opened a ticket:
https://trac.torproject.org/projects/tor/ticket/21413

T

--
Tim Wilson-Brown (teor)

teor2345 at gmail dot com
PGP C855 6CED 5D90 A0C5 29F6 4D43 450C BA7F 968F 094B
ricochet:ekmygaiu4rzgsk6n
xmpp: teor at torproject dot org
------------------------------------------------------------------------



Attachment: signature.asc
Description: Message signed with OpenPGP

_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays