Hi again,
Apologies, a quick follow-up:
There is another RFC (older), that is in use by Debian apparently: RFC3041. https://tools.ietf.org/rfc/rfc3041.txt
From: https://manpages.debian.org/buster/iproute2/ip-address.8.en.html see `mngtmpaddr`
RFC4941 is newer and with some improvements, however it does not mention its purpose is to update / deprecate RFC3041. Actually it mentions the differences / improvements.
Anyway, the point still fully stands, I just thought both RFCs should be mentioned. Bottom line still is temporary (expiring) but otherwise public and reachable IPv6 addresses in relay descriptor.
s7r wrote:
Hi teor,
Thanks for this epic work, some lecture for me to deeply go over this weekend.
By briefly reviewing I've noticed something important is missing that should be a part of this proposal.
I am not sure under which section it should go under. I guess `3.2.2. Use the Advertised ORPort IPv4 and IPv6 Addresses`, or maybe it's important enough that we should make its own section.
In IPv6, besides publicly routable and non-publicly routable addresses (fe80:// etc.) which are documented in the proposal, we have temporary IPv6 addresses coming from Privacy extensions or RFC4941 IPv6 addresses.
https://tools.ietf.org/rfc/rfc4941.txt
These addresses are publicly routable, they can appear as reachable from the directory authorities or from directory data fetches, but they have limited lifetime and change over time. I am not sure if one such address becomes deprecated if already in use (say by Tor), as the RFC states MAY _if not in use by applications or upper layers_:
"As an optional optimization, an implementation MAY remove a deprecated temporary address that is not in use by applications or upper layers as detailed in Section 6."
But since this is implementation dependent, we cannot be sure about the behavior across different platforms that relays might run on.
It is up to the operating system if such addresses are used or not. In Debian they are disabled by default net.ipv6.conf.eth0.use_tempaddr=0 (unless some desktop packages that use network manager with different settings change it). In Windows (at least Windows 10) apparently they are enabled by default.
The question is, do we want such addresses in relay descriptors? I think such addresses will behave similar to dynamic IPv4 addresses, or even worse since these ones really change when they want, not just when we disconnect and reconnect the network interface. So maybe Tor should detect such behavior and log an error or something?
Actually I'll setup a vm this weekend and give it a native, static /64 IPv6 prefix, enable privacy extension to use temporary addresses and spin up a Tor process on it. Then disconnect the internet a couple of times and see how it behaves, how often it changes.
What do you think?