diff options
Diffstat (limited to 'proposals/312-relay-auto-ipv6-addr.txt')
-rw-r--r-- | proposals/312-relay-auto-ipv6-addr.txt | 40 |
1 files changed, 26 insertions, 14 deletions
diff --git a/proposals/312-relay-auto-ipv6-addr.txt b/proposals/312-relay-auto-ipv6-addr.txt index 08fbcde..ba2ffcc 100644 --- a/proposals/312-relay-auto-ipv6-addr.txt +++ b/proposals/312-relay-auto-ipv6-addr.txt @@ -414,7 +414,8 @@ Ticket: #33073 and IPv6 addresses for: * the Address torrc option (see section 3.2.1), and * the local hostname. - However, OS APIs typically only return a single hostname. + However, OS APIs typically only return a single hostname. (Rather than a + separate hostname for IPv4 and IPv6.) For security reasons, directory authorities only use addresses that are explicitly configured in their torrc. Since hostname lookups may use DNS, @@ -465,7 +466,9 @@ Ticket: #33073 * explicitly configured with an IPv6 address, or * a publicly routable, reachable IPv6 address is discovered in an earlier step, - tor should start issuing IPv6 directory failure logs at warning level. + tor should start issuing IPv6 directory failure logs at warning level. Tor + may also record these directory failures as remote relay failures. (Rather + than ignoring them, as described in the previous paragraph.) (Alternately, tor could stop doing IPv6 directory requests entirely. But we prefer designs where all relays behave in a similar way, regardless of their @@ -487,6 +490,11 @@ Ticket: #33073 IPv6 address, tor should use that address for reachability checks. If the reachability checks succeed, tor should use that address in its descriptor. + Doing relay directory fetches over IPv6 will create extra IPv6 connections + and IPv6 bandwidth on the tor network. (See + [Proposal 313: Relay IPv6 Statistics].) In addition, some client circuits + may use the IPv6 connections created by relay directory fetches. + 3.2.6. Disabling IPv6 Address Resolution Relays (and bridges) that have a reachable IPv6 address, but that address @@ -550,6 +558,12 @@ Ticket: #33073 IP address (in a single API call). Tor should support both styles of networking API. + In particular, if binding to all IPv6 addresses fails, relays should still + try to discover their public IPv6 address, and check the reachability of + that address. Some OSes may not support the IPV6_V6ONLY flag, but they may + instead bind to all addresses at runtime. (The tor install may also have + compile-time / runtime flag mismatches.) + If both reachability checks succeed, relays should publish their IPv4 and IPv6 ORPorts in their descriptor. @@ -1472,24 +1486,22 @@ Ticket: #33073 6. Ongoing Monitoring - To monitor the impact of these changes, relays should collect basic IPv4 - and IPv6 connection and bandwidth statistics (see [Proposal 313: Relay IPv6 - Statistics]). - - We may also collect separate statistics on connections from: - * clients (and bridges, because they act like clients), and - * other relays (and authorities, because they act like relays). + To monitor the impact of these changes: + * relays should collect basic IPv6 connection statistics, and + * relays and bridges should collect basic IPv6 bandwidth statistics. + (See [Proposal 313: Relay IPv6 Statistics]). Some of these statistics may be included in tor's heartbeat logs, making them accessible to relay operators. We do not propose to collect additional statistics on: - * bridges, - * address resolution, * circuit counts, or * failure rates. - Collecting statistics like these could impact user privacy, or relay - security. + Collecting statistics like these could impact user privacy. + + We also plan to write a script to calculate the number of IPv6 relays in + the consensus. This script will help us monitor the network during the + deployment of these new IPv6 features. 7. Changes to Other Proposals @@ -1511,7 +1523,7 @@ References: https://gitweb.torproject.org/torspec.git/tree/proposals/311-relay-ipv6-reachability.txt [Proposal 313: Relay IPv6 Statistics]: - https://gitweb.torproject.org/torspec.git/tree/proposals/313-relay-ipv6-stats.txt (TODO) + https://gitweb.torproject.org/torspec.git/tree/proposals/313-relay-ipv6-stats.txt [RFC 4941: Privacy Extensions for IPv6]: https://tools.ietf.org/html/rfc4941 |