Hey,
I've set up a new relay, available with ipv4 and ipv6.
And I'm not sure if I can serve DIRPort on the ipv6 too ?
In the torrc file, I've config :
ORPort 9001 ORPort [xxxx:xxxx:xxx:x:xxxx:xxxx:xxxx:xxx]:9001
DIRPort 9030
Is it allowed to add something like this, to advertise on ipv6 too ?? : DIRPort [xxxx:xxxx:xxx:x:xxxx:xxxx:xxxx:xxx]:9030
Thank you all !
Petrusko petrusko@riseup.net hat am 27.03.2021 11:05 geschrieben:
Is it allowed to add something like this, to advertise on ipv6 too ?? : DIRPort [xxxx:xxxx:xxx:x:xxxx:xxxx:xxxx:xxx]:9030
You can only advertise one DirPort, according to "man tor":
all but one DirPort must have the NoAdvertise flag set
Kind regards, Alexander
Thx all for your answers.
I'm not sure, because I see Tor listening too on DIRPort I've set up, with a "netstat -lpn", so may be it's still used ;)
Le 27/03/2021 à 18:26, Toralf Förster a écrit :
And I'm not sure if I can serve DIRPort on the ipv6 too ?
If I understood it correctly a DirPort are no longer needed for latest Tor software version. So you should be fine with opened IPv4|6 ORports only.
On 27.03.2021 11:05, Petrusko wrote:
I've set up a new relay, available with ipv4 and ipv6.
And I'm not sure if I can serve DIRPort on the ipv6 too ?
In the torrc file, I've config :
ORPort 9001
^^^^^^^^^^^^^
ORPort [xxxx:xxxx:xxx:x:xxxx:xxxx:xxxx:xxx]:9001
Tor is dualstack now
either: ORPort xxx.xxx.xxx.xxx:9001 ORPort [xxxx:xxxx:xxx:x:xxxx:xxxx:xxxx:xxx]:9001
or: ORPort 9001
Ouch, this config looks like not so cool... I see on Metrics the ipv6 choosen by Tor process, is now on : "Unreachable OR Addresses"
I'll write the other solution you given previously... with ORPort xxx.xxx.xxx.xxx:9001 ORPort [xxxx:xxxx:xxx:x:xxxx:xxxx:xxxx:xxx]:9001
30/03/2021 à 20:07, Petrusko :
Ok !
So this only line will serve on both ipv4 and ipv6 together, ok thx ! Cool
30/03/2021 à 15:51, lists@for-privacy.net :
ORPort 9001
On 30.03.2021 21:38, Petrusko wrote:
Ouch, this config looks like not so cool... I see on Metrics the ipv6 choosen by Tor process, is now on : "Unreachable OR Addresses"
From: https://www.mail-archive.com/tor-relays@lists.torproject.org/msg17760.html
8< In short, with this new feature, specifying an ORPort without an address will automatically bind tor to [::]:<port> and attempt to find the IPv6 address by looking at (in this order):
1. "Address" from torrc 2. "ORPort address:port" from torrc 3. Interface address. First public IPv6 is used. 4. Local hostname, DNS AAAA query.
8
I'll write the other solution you given previously... with ORPort xxx.xxx.xxx.xxx:9001 ORPort [xxxx:xxxx:xxx:x:xxxx:xxxx:xxxx:xxx]:9001
Yes, I always try to be as special as possible. Software voodoo can often give unexpected errors or security vulnerabilities. Especially when I have several IP's on one interface, I always write IP and IPv6 in Address, ORPort, OutboundBindAddress, ... And IPv6 always in brackets, even if you don't necessarily have to do that with some software.
30/03/2021 à 20:07, Petrusko :
Ok !
So this only line will serve on both ipv4 and ipv6 together, ok thx ! Cool
Yes, but then:
Address xxx.xxx.xxx.xxx Address [xxxx:xxxx:xxx:x:xxxx:xxxx:xxxx:xxx] ORPort 9001
or Address host.domain.tld -> (DNS A & AAAA record must be set correctly) ORPort 9001
tor-relays@lists.torproject.org
-
Alexander Dietrich -
lists@for-privacy.net -
Petrusko -
Toralf Förster