> On 18 Jan 2016, at 11:07, Roman Mamedov <[email protected]> wrote: > > On Mon, 18 Jan 2016 10:16:40 +1100 > Tim Wilson-Brown - teor <[email protected]> wrote: > >> I think if a client is just using it for bootstrap, any extra latency >> shouldn't be an issue. >> But IPv6 clients may also pick it as a guard, so that should be taken into >> account. >> >> Should we be running relays over IPv6 tunnels? > > Hurricane Electric has tunnel servers all over the world, so it's easy to pick > one which will only add negligible latency: > https://tunnelbroker.net/status.php > > Performance is not a concern either, these are not overloaded and should > be quite fast. > > On the other hand HE.net may or may not want to have a word with you if you > run a relay through them with hundreds of megabits of IPv6 traffic; but that's > not something we can expect in the nearest future. [and such powerful relays > are most likely in proper DCs with easily obtainable native IPv6 anyways]
We're still working to get Tor clients bootstrapping over IPv6, so there isn't going to be much IPv6 relay traffic at the moment. > There's a possible privacy issue that all the HE.net tunnel traffic can > technically be captured by HE.net; > > however all of these provide IPv6 addresses under the same AS (6939) and the > same prefix of 2001:470::/32, so perhaps the same-AS avoidance code will > ensure that a HE.net IPv6 is only used once in a circuit? Does it correctly > handle cases when a router's IPv4 and IPv6 addresses are from different ASes? Tor doesn't use ASs for same-network avoidance, it only uses network masks. In the current Tor codebase, onion_populate_cpath()/addrs_in_same_network_family() avoids adding relays in the same IPv4 /16 to the same circuit. IPv6 addresses are not considered, because this check uses the relay's primary ORPort IPv4 address. Tim Tim Wilson-Brown (teor) teor2345 at gmail dot com PGP 968F094B teor at blah dot im OTR CAD08081 9755866D 89E2A06F E3558B7F B5A9D14F
signature.asc
Description: Message signed with OpenPGP using GPGMail
_______________________________________________ tor-relays mailing list [email protected] https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
