Fallback Scripts issueshttps://gitlab.torproject.org/tpo/core/fallback-scripts/-/issues2021-11-15T16:46:19Zhttps://gitlab.torproject.org/tpo/core/fallback-scripts/-/issues/18605Consider including fallback directory mirrors with multiple IP addresses2021-11-15T16:46:19ZteorConsider including fallback directory mirrors with multiple IP addressesarma describes the advantages of hard-coding bootstrap IP addresses that aren't in the consensus:
https://lists.torproject.org/pipermail/tor-dev/2016-March/010588.html
I think we could do this with fallback directory mirrors, to increa...arma describes the advantages of hard-coding bootstrap IP addresses that aren't in the consensus:
https://lists.torproject.org/pipermail/tor-dev/2016-March/010588.html
I think we could do this with fallback directory mirrors, to increase the chances of Tor bootstrapping successfully in these environments.
With two authority attempts in 0.2.7, it's roughly 47% (2/9 + 2/8).
We already have the same or greater probability of bootstrap success with fallbacks and authorities and an increased number of attempts. But it would be nice to use this trick for about 10% of fallbacks.
This will require changes to the fallback selection script and the whitelist format.https://gitlab.torproject.org/tpo/core/fallback-scripts/-/issues/19129Allow Fallback Directories with no DirPort2021-11-15T16:46:19ZteorAllow Fallback Directories with no DirPortIn legacy/trac#12538, we made almost every relay support begindir-style directory fetches. In legacy/trac#18483, we made clients never use DirPorts. Both of these features are scheduled for 0.2.8.
Eventually, we can allow fallback direc...In legacy/trac#12538, we made almost every relay support begindir-style directory fetches. In legacy/trac#18483, we made clients never use DirPorts. Both of these features are scheduled for 0.2.8.
Eventually, we can allow fallback directories with no DirPort.
(Perhaps this works already with a zero DirPort?)
If we implement legacy/trac#7798, we might want this feature, but only for directory guards in the state file.
If we want to include fallback directories with no DirPort in the default fallback list, we will need to make some some changes to the fallback directory checks in scripts/maint/updateFallbackDirs.py. In particular, stem can't do begindir, so it will be harder to verify these fallback directories have connectivity and support begindir. So maybe we should require a DirPort for fallback directories for the moment.https://gitlab.torproject.org/tpo/core/fallback-scripts/-/issues/19480Avoid errors during fallback selection when there are no fallbacks2020-06-27T14:11:48ZteorAvoid errors during fallback selection when there are no fallbacksThis issue is fixed as part of legacy/trac#19071, I just needed a bug number.This issue is fixed as part of legacy/trac#19071, I just needed a bug number.Tor: 0.2.8.x-finalteorteorhttps://gitlab.torproject.org/tpo/core/fallback-scripts/-/issues/20010modifications of relay(s) on fallback whitelist2020-06-27T14:11:48ZTracmodifications of relay(s) on fallback whitelist```
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Hello teor,
I currently have two relays in the fallback whitelist (niij01 230A8B2A8BA861210D9B4BA97745AEC217A94207 and niij02 0B85617241252517E8ECF2CFC7F4C1A32DCD153F). I have some u...```
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Hello teor,
I currently have two relays in the fallback whitelist (niij01 230A8B2A8BA861210D9B4BA97745AEC217A94207 and niij02 0B85617241252517E8ECF2CFC7F4C1A32DCD153F). I have some updates/questions:
1. I have added IPv6 addresses for these two relays, is there anything I need to do to update them on the fallback list?
2. I have another fast, stable relay in the family of these 2 relays, that can be added (niij03 A9406A006D6E7B5DA30F2C6D4E42A338B5E340B2) to the fallback.
3. Do the IP addresses for these relays need to remain the same indefinitely? I was thinking of changing hosts (fingerprint would remain the same), but if changing the IP addresses causes issues, I will keep them on their current host.
Thanks, niij
-----BEGIN PGP SIGNATURE-----
wsFcBAEBCAAQBQJXwzUpCRAdSJS4jbcqPQAAsTAQAKs7K1exZHkf8Jyj/sLDBjo+
ZuBTulOQi+PxCstUNZgbOE3xN+LyerrBDBqFLy0znrwj1VK5TgKJi6+EawaJQFWh
qS/Mly8VujsighUdx94vrfxU2AKnvBIQ4oU72+tzXsp7Hsdscr3sG5DOMWTdWNKi
DvK/ccaeCsCkuAsU7UAJ55DtOhtHiJ9fHGMtJYipTXKB/gLUeo8rz5BUyJTGOCOJ
fTWqp1rw+Xbgvo+jPLl8YTsgijA+BMxurCgYng+90VH4P6weZGQFWIn7CQ55ANmO
kRfcw/sSRKXJTYAw6jCNe8eUC8eq1EhfGpbSZoa7KaV7l8UtpEsx7/splUnDtWj6
6KQF9tk+k3YR/2D1oeYfDcyDSJAMXIRH/NLRg7H06vuuoZEQm/Q5lSoZ8whGZbAN
HnKxb66ZNc/RMQ0DgLl1Gs42OMQCLcBsP0I6PFx429TgxnGfnceWpJgEqN0Q9kGy
rJ2J4jBy9kW70Sh813focmVlK3TkkejUcLYoWFz57siqipGY3nsBgtLETHpULEtl
SAhQCs6XjJ9LlRLmXplSj8ftmdTiwvyLKOukbxkrqdEiyDAxS0C9zdSCCfujrqR/
WEyEzbc9hom/Xms2FwCcZ5dFCDbf3CiD722bPbavhGH/6TgAyDzAlqOa2PA1heEr
BDFkOQzVrIyIbnzuoL7S
=0wQz
-----END PGP SIGNATURE-----
```
**Trac**:
**Username**: niijTor: 0.2.9.x-finalteorteorhttps://gitlab.torproject.org/tpo/core/fallback-scripts/-/issues/20170Backport latest fallback list to 0.2.8 and 0.2.92020-06-27T14:11:48ZteorBackport latest fallback list to 0.2.8 and 0.2.9I'm generating a new list of fallback directory mirrors for release 0.2.9 in legacy/trac#18828.
We have a few options for dealing with the 0.2.8 list:
* comment-out any broken fallbacks,
* backport the 0.2.9 list,
* do nothing.
I would...I'm generating a new list of fallback directory mirrors for release 0.2.9 in legacy/trac#18828.
We have a few options for dealing with the 0.2.8 list:
* comment-out any broken fallbacks,
* backport the 0.2.9 list,
* do nothing.
I would prefer to have the same src/or/fallback_dirs.inc in every (relevant) Tor release, assuming we do another 0.2.8 series release.
This is consistent with how we handle directory authorities and geoip.
Otherwise it becomes hard to check multiple fallback lists at once.
But I could be convinced to go with either of the other options.Tor: 0.2.8.x-finalteorteorhttps://gitlab.torproject.org/tpo/core/fallback-scripts/-/issues/20173Tell 0.2.9 fallback directory operators that their relays are on the list2020-06-27T14:11:48ZteorTell 0.2.9 fallback directory operators that their relays are on the listThank them, and remind them to keep their relay details the same.
I am hoping the community team can help me out with this, if I provide a list.Thank them, and remind them to keep their relay details the same.
I am hoping the community team can help me out with this, if I provide a list.teorteorhttps://gitlab.torproject.org/tpo/core/fallback-scripts/-/issues/20174Automate checking existing fallbacks2020-06-27T14:11:48ZteorAutomate checking existing fallbacksI use a manual process to check existing fallbacks. It would be great if the updateFallbackDirs.py script would automatically read src/or/fallback_dirs.inc, and check each fallback for errors.
For details, see:
https://trac.torproject.o...I use a manual process to check existing fallbacks. It would be great if the updateFallbackDirs.py script would automatically read src/or/fallback_dirs.inc, and check each fallback for errors.
For details, see:
https://trac.torproject.org/projects/tor/wiki/doc/UpdatingFallbackDirectoryMirrors
I think it can go in 0.3.0Tor: 0.3.0.x-finalhaxxpophaxxpophttps://gitlab.torproject.org/tpo/core/fallback-scripts/-/issues/20175Allow the fallback script to ignore temporary IPv6 addresses2020-06-27T14:11:48ZteorAllow the fallback script to ignore temporary IPv6 addressesWhen updateFallbackDirs.py checks relay addresses, it makes sure that the IPv4 and IPv6 addresses and ports match the relay's whitelist entry.
If a relay's IPv6 address is temporary, it should not be included in the whitelist.
But this...When updateFallbackDirs.py checks relay addresses, it makes sure that the IPv4 and IPv6 addresses and ports match the relay's whitelist entry.
If a relay's IPv6 address is temporary, it should not be included in the whitelist.
But this means the relay will never be selected, because its descriptor has an IPv6 address, and that address doesn't match the (missing) address in the whitelist.
We should add a way to say ipv6=ignored or something.Tor: unspecifiedhaxxpophaxxpophttps://gitlab.torproject.org/tpo/core/fallback-scripts/-/issues/20177When checking existing fallbacks, report those fallbacks at warning log level2020-06-27T14:11:47ZteorWhen checking existing fallbacks, report those fallbacks at warning log levelWhen the fallback script excludes some relays, it only logs at info level. This is usually what we want, but when checking existing fallbacks, it would be great to see any message about those fallbacks at WARNING log level.
This would m...When the fallback script excludes some relays, it only logs at info level. This is usually what we want, but when checking existing fallbacks, it would be great to see any message about those fallbacks at WARNING log level.
This would make it easier to work out why fallbacks are broken.Tor: unspecifiedhaxxpophaxxpophttps://gitlab.torproject.org/tpo/core/fallback-scripts/-/issues/20178The fallback update script should log stem connection errors at warning level2020-06-27T14:11:47ZteorThe fallback update script should log stem connection errors at warning levelCurrently, they're logged at info-level, in order to filter out the "connecting to" messages. It would be great to keep those at info level, and log the "error connecting" messages at WARNING level.Currently, they're logged at info-level, in order to filter out the "connecting to" messages. It would be great to keep those at info level, and log the "error connecting" messages at WARNING level.Tor: unspecifiedhaxxpophaxxpophttps://gitlab.torproject.org/tpo/core/fallback-scripts/-/issues/20190Remove broken fallbacks from the 0.2.8 list2020-06-27T14:11:47ZteorRemove broken fallbacks from the 0.2.8 listPlease merge my branch broken-028-fallbacks to both 0.2.8 and master.
It comments-out fallbacks that have broken since I last checked in just before 0.2.8.6.Please merge my branch broken-028-fallbacks to both 0.2.8 and master.
It comments-out fallbacks that have broken since I last checked in just before 0.2.8.6.Tor: 0.2.8.x-finalteorteorhttps://gitlab.torproject.org/tpo/core/fallback-scripts/-/issues/20192When outputting potential new fallbacks, blacklist the whitelist2020-06-27T14:11:47ZteorWhen outputting potential new fallbacks, blacklist the whitelistWhen we look for potential new fallback directory mirrors, we want to ignore existing whitelisted fallbacks, as well as the blacklist.When we look for potential new fallback directory mirrors, we want to ignore existing whitelisted fallbacks, as well as the blacklist.Tor: unspecifiedhaxxpophaxxpophttps://gitlab.torproject.org/tpo/core/fallback-scripts/-/issues/20539Make sure fallback directories aren't running buggy versions / can deliver a ...2020-06-27T14:11:47ZteorMake sure fallback directories aren't running buggy versions / can deliver a recent consensusAfter legacy/trac#20499, we should reject fallback directories that deliver a consensus outdated by more than N hours, where N is one of [1, 2, 3].After legacy/trac#20499, we should reject fallback directories that deliver a consensus outdated by more than N hours, where N is one of [1, 2, 3].https://gitlab.torproject.org/tpo/core/fallback-scripts/-/issues/20876Avoid contacting fallback operators who are unlikely to be accepted2020-06-27T14:11:47ZteorAvoid contacting fallback operators who are unlikely to be acceptedAfter we automatically calculate the fallback threshold in legacy/trac#20192, it would be great to update that threshold based on whether the operator would be selected if they opted-in.After we automatically calculate the fallback threshold in legacy/trac#20192, it would be great to update that threshold based on whether the operator would be selected if they opted-in.Tor: unspecifiedhttps://gitlab.torproject.org/tpo/core/fallback-scripts/-/issues/20877Fix a bug in updateFallbackDirs.py's comment handling2020-06-27T14:11:47ZteorFix a bug in updateFallbackDirs.py's comment handlingTurns out we weren't returning the comment string. Oops!
Bugfix on 99983432 in tor-0.2.8.3-alpha.Turns out we weren't returning the comment string. Oops!
Bugfix on 99983432 in tor-0.2.8.3-alpha.teorteorhttps://gitlab.torproject.org/tpo/core/fallback-scripts/-/issues/20878Add bandwidth to fallback comments2020-06-27T14:11:47ZteorAdd bandwidth to fallback commentsImplemented as part of legacy/trac#18828Implemented as part of legacy/trac#18828teorteorhttps://gitlab.torproject.org/tpo/core/fallback-scripts/-/issues/20880Make minimum fallback stability 6 months2020-06-27T14:11:46ZteorMake minimum fallback stability 6 monthsNow that we've fixed legacy/trac#18050, we can revert the fallback minimum address stability to a longer period. I suggest 6 months - the period between releases.
This will be implemented as part of legacy/trac#18828.Now that we've fixed legacy/trac#18050, we can revert the fallback minimum address stability to a longer period. I suggest 6 months - the period between releases.
This will be implemented as part of legacy/trac#18828.teorteorhttps://gitlab.torproject.org/tpo/core/fallback-scripts/-/issues/20881Select 200 fallbacks for each release2020-06-27T14:11:46ZteorSelect 200 fallbacks for each releaseThis allows us to remove fallbacks as needed for 6-12 months, without the list getting too small.
Implemented in legacy/trac#18828.This allows us to remove fallbacks as needed for 6-12 months, without the list getting too small.
Implemented in legacy/trac#18828.teorteorhttps://gitlab.torproject.org/tpo/core/fallback-scripts/-/issues/20882Make output sort order of fallbacks configurable2020-06-27T14:11:46ZteorMake output sort order of fallbacks configurableImplemented in legacy/trac#18828.Implemented in legacy/trac#18828.teorteorhttps://gitlab.torproject.org/tpo/core/fallback-scripts/-/issues/20883Ignore relays without contact info when emailing potential fallback operators2021-11-15T16:46:18ZteorIgnore relays without contact info when emailing potential fallback operatorsSometimes, we want to do a mail-out to (potential) fallback operators.
We might want to skip operators without contact details.
Or we might want to leave them in there, so we know the how many operators we can't contact.Sometimes, we want to do a mail-out to (potential) fallback operators.
We might want to skip operators without contact details.
Or we might want to leave them in there, so we know the how many operators we can't contact.