> On 13 Oct 2016, at 06:07, diffusae <diffu...@yahoo.se> wrote:
> Hi!
> On 12.10.2016 07:18, Manny wrote:
>> Oh and since I'm bugging you anyways - would it be useful to add ORPort
>> [IPv6] as well? (same port as for 4 i guess?)
> Yes, I've done this already. There are only a few number of IPv6
> Clients, but I guess it would be useful. Most of the time, there are the
> same. I don't know why?
> https://lists.torproject.org/pipermail/tor-relays/2015-May/007027.html

That mailing list post was about an IPv6 ExitPolicy bug that we fixed
in 0.2.7. This is how it works now on Tor Exits:

For IPv4 and IPv6:
ExitPolicy reject *:80

For IPv6 only:
ExitPolicy reject6 *:80

> You cannot advertise the same DirPort on IPv4 and IPv6, but the ports
> could be the same.

No current tor version uses an IPv6 DirPort to connect to the network.

Relays always use IPv4 to connect to the tor network, and they use
IPv4 DirPorts to bootstrap.

Clients gained the ability to use IPv6 ORPorts for bootstrap in 0.2.8,
and we made client bootstrapping ORPort-only in the same release.

So, in 0.2.7 and earlier, IPv6-only clients can use:
* bridge IPv6 ORPorts by configuring a bridge with an IPv6 address.

And in 0.2.8 and later, IPv6-only clients can use:
* bridge IPv6 ORPorts by configuring a bridge with an IPv6 address, or
* authority, fallback directory, and relay IPv6 ORPorts by configuring:
  ClientUseIPv4 0
  UseMicrodescriptors 0

(IPv6-only clients can't bootstrap using microdescriptors yet, see:

This is experimental - being one of the rare IPv6-only clients on the
network may harm your anonymity. (This is why you see the same few
clients all the time.) But if your priority is local network
censorship-evasion, then IPv6 might just work for you.


Tim Wilson-Brown (teor)

teor2345 at gmail dot com
PGP C855 6CED 5D90 A0C5 29F6 4D43 450C BA7F 968F 094B
xmpp: teor at torproject dot org

Attachment: signature.asc
Description: Message signed with OpenPGP using GPGMail

tor-relays mailing list

Reply via email to