aboutsummaryrefslogtreecommitdiff
path: root/proposals/312-relay-auto-ipv6-addr.txt
diff options
context:
space:
mode:
Diffstat (limited to 'proposals/312-relay-auto-ipv6-addr.txt')
-rw-r--r--proposals/312-relay-auto-ipv6-addr.txt40
1 files changed, 26 insertions, 14 deletions
diff --git a/proposals/312-relay-auto-ipv6-addr.txt b/proposals/312-relay-auto-ipv6-addr.txt
index 08fbcde..ba2ffcc 100644
--- a/proposals/312-relay-auto-ipv6-addr.txt
+++ b/proposals/312-relay-auto-ipv6-addr.txt
@@ -414,7 +414,8 @@ Ticket: #33073
and IPv6 addresses for:
* the Address torrc option (see section 3.2.1), and
* the local hostname.
- However, OS APIs typically only return a single hostname.
+ However, OS APIs typically only return a single hostname. (Rather than a
+ separate hostname for IPv4 and IPv6.)
For security reasons, directory authorities only use addresses that are
explicitly configured in their torrc. Since hostname lookups may use DNS,
@@ -465,7 +466,9 @@ Ticket: #33073
* explicitly configured with an IPv6 address, or
* a publicly routable, reachable IPv6 address is discovered in an
earlier step,
- tor should start issuing IPv6 directory failure logs at warning level.
+ tor should start issuing IPv6 directory failure logs at warning level. Tor
+ may also record these directory failures as remote relay failures. (Rather
+ than ignoring them, as described in the previous paragraph.)
(Alternately, tor could stop doing IPv6 directory requests entirely. But we
prefer designs where all relays behave in a similar way, regardless of their
@@ -487,6 +490,11 @@ Ticket: #33073
IPv6 address, tor should use that address for reachability checks. If the
reachability checks succeed, tor should use that address in its descriptor.
+ Doing relay directory fetches over IPv6 will create extra IPv6 connections
+ and IPv6 bandwidth on the tor network. (See
+ [Proposal 313: Relay IPv6 Statistics].) In addition, some client circuits
+ may use the IPv6 connections created by relay directory fetches.
+
3.2.6. Disabling IPv6 Address Resolution
Relays (and bridges) that have a reachable IPv6 address, but that address
@@ -550,6 +558,12 @@ Ticket: #33073
IP address (in a single API call). Tor should support both styles of
networking API.
+ In particular, if binding to all IPv6 addresses fails, relays should still
+ try to discover their public IPv6 address, and check the reachability of
+ that address. Some OSes may not support the IPV6_V6ONLY flag, but they may
+ instead bind to all addresses at runtime. (The tor install may also have
+ compile-time / runtime flag mismatches.)
+
If both reachability checks succeed, relays should publish their IPv4 and
IPv6 ORPorts in their descriptor.
@@ -1472,24 +1486,22 @@ Ticket: #33073
6. Ongoing Monitoring
- To monitor the impact of these changes, relays should collect basic IPv4
- and IPv6 connection and bandwidth statistics (see [Proposal 313: Relay IPv6
- Statistics]).
-
- We may also collect separate statistics on connections from:
- * clients (and bridges, because they act like clients), and
- * other relays (and authorities, because they act like relays).
+ To monitor the impact of these changes:
+ * relays should collect basic IPv6 connection statistics, and
+ * relays and bridges should collect basic IPv6 bandwidth statistics.
+ (See [Proposal 313: Relay IPv6 Statistics]).
Some of these statistics may be included in tor's heartbeat logs, making
them accessible to relay operators.
We do not propose to collect additional statistics on:
- * bridges,
- * address resolution,
* circuit counts, or
* failure rates.
- Collecting statistics like these could impact user privacy, or relay
- security.
+ Collecting statistics like these could impact user privacy.
+
+ We also plan to write a script to calculate the number of IPv6 relays in
+ the consensus. This script will help us monitor the network during the
+ deployment of these new IPv6 features.
7. Changes to Other Proposals
@@ -1511,7 +1523,7 @@ References:
https://gitweb.torproject.org/torspec.git/tree/proposals/311-relay-ipv6-reachability.txt
[Proposal 313: Relay IPv6 Statistics]:
- https://gitweb.torproject.org/torspec.git/tree/proposals/313-relay-ipv6-stats.txt (TODO)
+ https://gitweb.torproject.org/torspec.git/tree/proposals/313-relay-ipv6-stats.txt
[RFC 4941: Privacy Extensions for IPv6]:
https://tools.ietf.org/html/rfc4941
7apu2bq3rhoylwmucxizk54afw5jyda7pho4j5zdcqpwkufke7zdzwad.onion