From 00d67ace14282f14812a86e6d1123a4f2ce690c3 Mon Sep 17 00:00:00 2001 From: teor Date: Fri, 8 May 2020 09:40:36 +1000 Subject: Prop 311: Make self-tests slightly stricter Ignore create cells from clients when checking for relay reachability. Part of 33222. --- proposals/311-relay-ipv6-reachability.txt | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) (limited to 'proposals/311-relay-ipv6-reachability.txt') diff --git a/proposals/311-relay-ipv6-reachability.txt b/proposals/311-relay-ipv6-reachability.txt index 7584e77..ea97d8b 100644 --- a/proposals/311-relay-ipv6-reachability.txt +++ b/proposals/311-relay-ipv6-reachability.txt @@ -333,12 +333,13 @@ Ticket: #24404 Here is a reliable way to do reachability self-tests for each ORPort: - 1. Check for create cells on inbound ORPort connections + 1. Check for create cells on inbound ORPort connections from other relays Check for a cell on any IPv4 and any IPv6 ORPort. (We can't know which listener(s) correspond to the advertised ORPorts, particularly when using port forwarding.) Make sure the cell was received on an inbound OR - connection. + connection, and make sure the connection is authenticated to another relay. + (Rather than to a client: clients don't authenticate.) 2. Check for created cells from testing circuits on outbound OR connections @@ -347,8 +348,8 @@ Ticket: #24404 By combining these tests, we confirm that we can: * reach our own ORPorts with testing circuits, - * send and receive cells via inbound OR connections to our own ORPorts, - and + * send and receive cells via inbound OR connections to our own ORPorts + from other relays, and * send and receive cells via outbound OR connections to other relays' ORPorts. -- cgit v1.2.3-54-g00ecf