Skip to content

Stop advertising an IPv6 exit policy when DNS is broken for IPv6

When dns_seems_to_be_broken_for_ipv6(), exits should stop advertising an IPv6 exit policy.

Here's a rough design:

  • when dns_seems_to_be_broken_for_ipv6() is first set to 1, mark the relay descriptor dirty
  • when rebuilding the descriptor, check dns_seems_to_be_broken_for_ipv6() before including an IPv6 exit policy
  • reset dns_seems_to_be_broken_for_ipv6() periodically, maybe every 1-3 days?
To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information