New address disovery (IPv4 and IPv6) make it impossible to run a local lan or localhost bridge or relay
There are use cases where one wants to run a bridge or relay on their lan or localhost. This was possible until we changed address autodiscovery behavior using
AssumeReachable 1 and
PublishServerDescriptor 0 torrc options.
Now with the latest alpha this is impossible.
- Scenario 1: Set
ORPort 127.0.0.1:9001in torrc: Bridge / relay will start, work for some time, but complain every 60 seconds in the log file:
Nov 23 17:04:35.000 [warn] Don't know my address while generating descriptor
Nov 23 17:05:35.000 [warn] Don't know my address while generating descriptor
After 24-48 hours it eventually stop building descriptors and become unusuable.
Apparently this config
Address 127.0.0.1 doesn't trigger #40205 (closed) but I don't see why.
At debug level I only see:
[info] address_can_be_used(): Address '127.0.0.1' is a private IP address. Tor relays that use the default DirAuthorities must have public IP addresses.
- Scenario 2: Don't set
Addressand only set
ORPort 127.0.0.1:9001in torrc: Bridge / relay will start, but detect the public IP address and warn:
[warn] The IPv4 ORPort address 127.0.0.1 does not match the descriptor address <public_IPv4_addr>. If you have a static public IPv4 address, use 'Address ' and 'OutboundBindAddress '. If you are behind a NAT, use two ORPort lines: 'ORPort NoListen' and 'ORPort NoAdvertise'.
If you have a public IPv6 address, it will also trigger #40205 (closed) that tries self reachability ignoring
AssumeReachable 1 which will make it stop working (stop building descriptors at all) after some time.
- Scenario 3: Set
ORPort 127.0.0.1:9001 NoAdvertiseand
ORPort <public_IPv4_addr> NoAdvertisein torrc: Bridge / relay will start, but after some time stop building descriptors entirely. It also triggers #40205 (closed) and I can't confirm or infirm if the later one makes it stop building descriptors after some time because I couldn't remove IPv6 from this box without breaking something. Depending on future testing when we fix this, I'll deploy separate vms.
Besides fixing #40205 (closed) which is the major bug here, we should allow:
- a way to disable IPv4 autodiscovery, IPv6 autodiscovery or both
- a way to run on private nets or local IP addresses v4 and link local or internal use v6 addresses maybe by setting an option like
LocalServerthat tells Tor it's OK to have localhost / lan IP on
Addressand maybe automatically turn on
AssumeReachable 1if this is set.