Opened 3 weeks ago

#33244 assigned enhancement

Prop 312: 3.2.5. Use IPv6 Addresses from Directory Servers

Reported by: teor Owned by: teor
Priority: Medium Milestone: Tor: 0.4.4.x-final
Component: Core Tor/Tor Version:
Severity: Normal Keywords: prop312, ipv6
Cc: Actual Points:
Parent ID: #33241 Points: 2
Reviewer: Sponsor: Sponsor55-must

Description

If relays are unable to discover their IPv6 address in any other way, they should get their IPv6 address from the X-Your-Address-Is HTTP header in tor directory documents. To support this change, we propose that relays start fetching directory documents over IPv4 and IPv6.

We propose that bridges continue to only fetch directory documents over IPv4, because they try to imitate clients. Therefore, they can't use X-Your-Address-Is HTTP headers to find their IPv6 addresses.

Tor already ignores private IPv4 addresses in directory headers. We propose
to also ignore private IPv6 addresses in directory headers. If all IPv4 and
IPv6 addresses in directory headers are private, address resolution should
return a temporary error.

Whenever address resolution fails, tor should warn the operator to set the
Address torrc option for IPv4 and IPv6. (If IPv4 is available, and only
IPv6 is missing, the log should be at notice level.) These logs may need to
be rate-limited.

Whenever tor receives a directory header containing a new public IPv4 or
IPv6 address, tor should try to use that address for reachability checks. If the
reachability checks succeed, tor should use that address in its descriptor.

See proposal 312, section 3.2.5, IPv6 address usage part:
https://gitweb.torproject.org/torspec.git/tree/proposals/312-relay-auto-ipv6-addr.txt#n457

Child Tickets

Change History (0)

Note: See TracTickets for help on using tickets.