nusenu
2018-03-24 16:17:00 UTC
Hi,
I got an interesting bugreport for ansible-relayor [1],
that leads me to the following question:
Is OutboundBindAddress used during ORPort IP auto detection?
Imagine the following setup:
Relay with two public IPs:
1.1.1.1
2.2.2.2
Two tor instances (one per IP):
1.1.1.1:9000
2.2.2.2:9000
torrc for 2.2.2.2:9000 contains:
[...]
OutboundBindAddress 2.2.2.2
ORPort 2.2.2.2:9000
SyslogIdentityTag 2.2.2.2_9000
[...]
when starting 2.2.2.2_9000 instance the log contains:
Tor-2.2.2.2_9000[586]: Your server (1.1.1.1:9000) has not managed to confirm that its ORPort is reachable. Relays do not publish descriptors until their ORPort and DirPort are reachable. Please check your firewalls, ports, address, /etc/hosts file, etc.
Note: Reachability tests appear to try to contact the first IP for the second instance.
No NAT is involved.
The solution was to add "Address 2.2.2.2", but that was not necessary previously(?)
My assumption here:
During auto detection the OutboundBindAddress configuration directive is not relevant.
Is that the case? Or why does tor auto-detect IP 1.1.1.1 for instance on 2.2.2.2 even though OutboundBindAddress is used?
thanks,
nusenu
this is on tor: 0.3.2.10
[1] https://github.com/nusenu/ansible-relayor/issues/153
I got an interesting bugreport for ansible-relayor [1],
that leads me to the following question:
Is OutboundBindAddress used during ORPort IP auto detection?
Imagine the following setup:
Relay with two public IPs:
1.1.1.1
2.2.2.2
Two tor instances (one per IP):
1.1.1.1:9000
2.2.2.2:9000
torrc for 2.2.2.2:9000 contains:
[...]
OutboundBindAddress 2.2.2.2
ORPort 2.2.2.2:9000
SyslogIdentityTag 2.2.2.2_9000
[...]
when starting 2.2.2.2_9000 instance the log contains:
Tor-2.2.2.2_9000[586]: Your server (1.1.1.1:9000) has not managed to confirm that its ORPort is reachable. Relays do not publish descriptors until their ORPort and DirPort are reachable. Please check your firewalls, ports, address, /etc/hosts file, etc.
Note: Reachability tests appear to try to contact the first IP for the second instance.
No NAT is involved.
The solution was to add "Address 2.2.2.2", but that was not necessary previously(?)
My assumption here:
During auto detection the OutboundBindAddress configuration directive is not relevant.
Is that the case? Or why does tor auto-detect IP 1.1.1.1 for instance on 2.2.2.2 even though OutboundBindAddress is used?
thanks,
nusenu
this is on tor: 0.3.2.10
[1] https://github.com/nusenu/ansible-relayor/issues/153
--
https://mastodon.social/@nusenu
twitter: @nusenu_
https://mastodon.social/@nusenu
twitter: @nusenu_