Weird connection attempt to multicast IPv6 ff00:::443 on "New identity"
First of all, my apologies, it's not trivial for me to reproduce with a pristine Tor Browser (I would need to learn how to log SOCKS activity in Tor Browser or tor daemon, without the facilities we have in Tails), so I did not yet. I'm hoping a Tor Browser developer can very cheaply confirm whether this happens in a pristine Tor Browser (if not, feel free to reject and I'll see what we can do about it in Tails :)
This was reported by a Tails user and I reproduced it on my Debian sid + Tor Browser configured to use the system tor daemon + OnionCircuits.
When I do "New identity", I see request for Tor circuits to ff00:::443. The logs from Tails onion-grater (our Tor control port filter daemon) say:
650 STREAM 18 NEW 0 ff00:::443 SOURCE_ADDR=10.200.1.2:35108 PURPOSE=USER SOCKS_USERNAME="3118f03f-a085-41ca-abda-8f54eddf88f8.mozilla:0" SOCKS_PASSWORD="9d4853a3dc5ad1f8df87a8451828d99db03999010eff468f67e4ff0cfc3484fb" CLIENT_PROTOCOL=SOCKS5 NYM_EPOCH=0 SESSION_GROUP=-7 ISO_FIELDS=SOCKS_USERNAME,SOCKS_PASSWORD,CLIENTADDR,SESSION_GROUP,NYM_EPOCH
650 STREAM 18 SENTCONNECT 8 ff00:::443 SOCKS_USERNAME="3118f03f-a085-41ca-abda-8f54eddf88f8.mozilla:0" SOCKS_PASSWORD="9d4853a3dc5ad1f8df87a8451828d99db03999010eff468f67e4ff0cfc3484fb" CLIENT_PROTOCOL=SOCKS5 NYM_EPOCH=0 SESSION_GROUP=-7 ISO_FIELDS=SOCKS_USERNAME,SOCKS_PASSWORD,CLIENTADDR,SESSION_GROUP,NYM_EPOCH
650 STREAM 19 NEW 0 ff00:::443 SOURCE_ADDR=10.200.1.2:35124 PURPOSE=USER SOCKS_USERNAME="3118f03f-a085-41ca-abda-8f54eddf88f8.mozilla:0" SOCKS_PASSWORD="9d4853a3dc5ad1f8df87a8451828d99db03999010eff468f67e4ff0cfc3484fb" CLIENT_PROTOCOL=SOCKS5 NYM_EPOCH=0 SESSION_GROUP=-7 ISO_FIELDS=SOCKS_USERNAME,SOCKS_PASSWORD,CLIENTADDR,SESSION_GROUP,NYM_EPOCH
650 STREAM 19 SENTCONNECT 8 ff00:::443 SOCKS_USERNAME="3118f03f-a085-41ca-abda-8f54eddf88f8.mozilla:0" SOCKS_PASSWORD="9d4853a3dc5ad1f8df87a8451828d99db03999010eff468f67e4ff0cfc3484fb" CLIENT_PROTOCOL=SOCKS5 NYM_EPOCH=0 SESSION_GROUP=-7 ISO_FIELDS=SOCKS_USERNAME,SOCKS_PASSWORD,CLIENTADDR,SESSION_GROUP,NYM_EPOCH
650 STREAM 18 REMAP 8 [ff00::]:443 SOCKS_USERNAME="3118f03f-a085-41ca-abda-8f54eddf88f8.mozilla:0" SOCKS_PASSWORD="9d4853a3dc5ad1f8df87a8451828d99db03999010eff468f67e4ff0cfc3484fb" CLIENT_PROTOCOL=SOCKS5 NYM_EPOCH=0 SESSION_GROUP=-7 ISO_FIELDS=SOCKS_USERNAME,SOCKS_PASSWORD,CLIENTADDR,SESSION_GROUP,NYM_EPOCH
650 STREAM 18 DETACHED 8 [ff00::]:443 REASON=END REMOTE_REASON=EXITPOLICY SOCKS_USERNAME="3118f03f-a085-41ca-abda-8f54eddf88f8.mozilla:0" SOCKS_PASSWORD="9d4853a3dc5ad1f8df87a8451828d99db03999010eff468f67e4ff0cfc3484fb" CLIENT_PROTOCOL=SOCKS5 NYM_EPOCH=0 SESSION_GROUP=-7 ISO_FIELDS=SOCKS_USERNAME,SOCKS_PASSWORD,CLIENTADDR,SESSION_GROUP,NYM_EPOCH
650 STREAM 18 SENTCONNECT 8 [ff00::]:443 SOCKS_USERNAME="3118f03f-a085-41ca-abda-8f54eddf88f8.mozilla:0" SOCKS_PASSWORD="9d4853a3dc5ad1f8df87a8451828d99db03999010eff468f67e4ff0cfc3484fb" CLIENT_PROTOCOL=SOCKS5 NYM_EPOCH=0 SESSION_GROUP=-7 ISO_FIELDS=SOCKS_USERNAME,SOCKS_PASSWORD,CLIENTADDR,SESSION_GROUP,NYM_EPOCHI understand the network rejects these attempts (EXITPOLICY), which is great. I understand ff00::/8 that's because is supposed to be local. But I suppose that ideally Tor Browser should not even ask tor to connect there.
I lack IPv6 expertise to tell how bad this is.
Interestingly I see no such connection attempt when first starting Tor Browser.