Version 13 (modified by ln5, 7 years ago) (diff)


"Turns out, 4 billion addresses wasn't enough." -- nickm

The work with adding IPv6 support to Tor follows these phases, roughly the same as outlined in xxx-ipv6-roadmap.txt. This page is meant to function as a status page for each of the phases and of the project as a whole.

There's also information about how to help out with testing.

At the bottom of the page can be found a section with pointers to related resources.

The phases and their status

Clients to private bridges (

Private bridges are bridge relays that don't register with the bridge authority (PublishServerDescriptor 0). Support for running a private bridge with an IPv6 OR port and clients connecting to it was added to tor in (2011-12-08).

This work was tracked in #3563.

Clients to ordinary bridges (git master 2012-07-19)

Ordinary bridges publish their descriptor to the bridge authority. Support for bridge authorities to handle announced IPv6 OR ports and to hand them out were merged to master on 2012-07-19. Planned to be released in tor no later than 2012-09-07.

This work is tracked in #4563.

This code has not been tested thoroughly.

Clients to relays (WIP)

Relays that not are bridges publish their descriptor to the directory authoritites. Directory authorities vote on relays and publish a consensus document. Support for relays with an IPv6 OR port and for directory authorities to handle their descriptors, voting on them and publishing a consensus containing IPv6 OR ports is being worked on by ln5.

This work is tracked in #4564.

Exit relays to IPv6 destinations

Exit relays connect to hosts on internet. The work with connecting to IPv6 addresses on internet has not been started.

Relays to relays

Relays talk to other relays. The work with relays talking to other relays over IPv6 has not been started.

Directory authorities on IPv6

Clients and relays talk to directory authorities. The work with making directory authorities reachable over IPv6 has not been started.

Help testing

If you have the opportunity, please help out testing this.

Please [projects/tor/newticket|file a bug report] in Trac if you find something that doesn't work or seem to be doing the wrong thing.

Testing clients running with bridges

In order to test a client to connect to a bridge over IPv6, run tor or later. Configure it to use the IPv6 bridge using the Bridge configuration option, like this:

Bridge [2001:DB8::1]:9050

Testing private bridges

In order to test a private bridge running an OR port on IPv6, run tor or later. Configure it to bind to and announce an IPv6 OR port by using the ORPort configuration option, like this:

ORPort [2001:DB8::1]:9050

Note that you'll have to have an IPv4 OR port configured as well, or your bridge will bootstrap but leave its clients hanging at 50% (see #4847).

Note also that even with that bug fixed, a bridge will need IPv4 connectivity for talking to other relays. That won't change any time soon.

As long as the bridge authority doesn't handle IPv6 OR ports, your bridge will not be announced anywhere. You'll have to tell your users about your bridge addresses yourself. This is changing mid September when the bridge authority will start handling IPv6 OR ports. You can add the 'NoListen' option to the IPv4 'ORPort' config option in order to announce only your IPv6 OR port.

Testing public bridges

In order to test public bridges, run tor from git (branch master) from 2012-07-19 or later. Set up your own private Tor network (possibly by using Chutney) and configure a bridge authority with

AuthoritativeDirectory 1
BridgeAuthoritativeDir 1
AuthDirHasIPv6Connectivity 1
AuthDirPublishIPv6 1
AssumeReachable 0

A client in that networks should be able to find a bridge with an IPv6 OR port through the bridge authority.

Testing public relays

The code for public relays is very fresh (read buggy). There's a convenience branch for testers, branch task4564, in Linus' public repo (linus/tor.git). It contains all the changes to the subtasks of project 4564 ready for testing. It can be viewed as a tor-next for IPv6. It should be used for testing public relays.

You'll have to run your own private network (possibly by using Chutney).

Set up at least three directory authorities in order to be able to test that voting works as expected:

AuthoritativeDirectory 1
V3AuthoritativeDirectory 1
AuthDirHasIPv6Connectivity 1
AuthDirPublishIPv6 1

Testing clients connecting to public relays

Run branch task4564 in Linus' public repo, as described in Testing public relays above.

In order for clients to actually use the IPv6 OR port of a relay it needs to be configured with

ClientUseIPv6 1

The likelyhood of the client picking the IPv6 OR port over the IPv4 increases if configured with

ClientPreferIPv6ORPort 1

Since microdescriptors are not supported yet (dir auths don't emit them, clients don't read them), make sure clients are configured with

UseMicrodescriptors 0

Related resources