[tor-talk] IPv6 /48 for OnionCat

grarpamp grarpamp at gmail.com
Mon Aug 29 08:28:18 UTC 2016


On 8/29/16, Mirimir <mirimir at riseup.net> wrote:
> On 08/28/2016 11:09 PM, Bernhard R. Fischer wrote:
>> On 2016-08-28 23:35, grarpamp wrote:
>>> I meant having single onioncat handling multiple /48's would give another
>>> abstract management option, in addition today multiple onioncats with
>>> one /48 each.
>>
>> For me, it sounds very complicated what you are trying to do. So even
>> one /48 prefix contains more addresses than the whole IPv4 address space.
>> So why would you try to use several different /48 prefixes?

If a user wants to participate in my /48 and mir's /48,
one daemon, config file, etc could be easier. As might filter
rulesets matching on interface.

> I mainly just wanted a different /48, as another kind of isolation. And
> perhaps that's unnecessary.

Assuming no other protection, and learning the onion via some method,
such as other public services or DHT snooping, port 8060 is but one TCP
connect away. A locally generated private /48 adds avg 2^47 guesses to that.

Both of above may be hypothetical but you never know what
users will come up with or like to do. Though multiple /48 is
much more work than just an option to set a single /48.

>> And OC is not a multi-cast network, thus you cannot simply "arp" for
>> other OCs.

In that context, it's "not a broadcast network".

Arp for IP on ethernet is analogous simply syn check 8060
on tor+onioncat, both deal with the "up" and the address.


More information about the tor-talk mailing list