[tor-dev] Tor AF independence patch - first big step to Tor IPv6
Jeroen Massar
jeroen at unfix.org
Wed Jun 8 12:19:06 UTC 2011
Hi,
As this is World IPv6 day, let me present the first big step to Tor
IPv6: the Address Family independence Patch ;)
https://unfix.org/projects/ipv6/tor/tor-af-independent.diff
it is diff against a recent git checkout and should apply more or less
cleanly.
Why AF independence[1,2] and not "IPv6 patch", well, for a program to be
able to support IPv6 it should first not care about IP in the first
place. With Tor that is a tricky thing as it actually needs to know
about IP for quite a few places.
As such this patch primary function is to make most functions use
toraddr_t, that way both IPv6 and IPv4 are supported.
Note that a lot of functionality for supporting IPv6 (or any other IP
protocol in the longer term) is already present in current versions of
Tor (even unittests are present already!).
Note also that this is not a 'true' AF indepencence patch as in that
case we would have to swap toraddr_t with a sockaddr_storage structure,
which, when recompiled, would be true AF independent. In the case though
that ever a new IP-alike protocol arises and then we still use BSD style
sockets, this patch should make it easy to use that new address family
too, but don't hold your breath ;)
The problem with that though is that at this stage that means that
everywhere IPv6 can be stuck just like IPv4 while these should be
separate. And to make it a bit worse, one should actually have them also
properly in the packets being sent between nodes and there is no
separation between exit policies etc.
There is thus a lot to discuss on this subject, and one of the first
things that really need to be done is ORMultiPort (proposal 118) to be
able to separate IPv4 and IPv6 ports.
A question there also becomes, do we want to show a Tor node as separate
IPv4 and IPv6 routers, or are they to be seen as one, if it is one, we
require the above ORMultiport, so that we can have multiple IP addresses
and ports on a single node.
As such, I suggest we have a big discussion on the flaws of my patch and
how to resolve some of the remaining problems and then start moving work
to the ORMultPort patch so that we can start enabling IPv6 everywhere,
as then we are getting quite close.
And maybe, it could be useful to have a special branch on torproject's
git server for this, as it is quite a bit of patch ;)
Greets,
Jeroen
(fuzzel on #tor-dev)
[1] = http://www.kame.net/newsletter/19980604/
[2] = http://gsyc.escet.urjc.es/~eva/IPv6-web/ipv6.html
More information about the tor-dev
mailing list