[tor-relays] Unable to bind to IPv6

I had an issue with my VPS that I didn't notice for a while where I had lost my IPv6 addressing. After contacting support they have restored the IPv6 address, but I'm now unable to bind to the address. I've a feeling it's more either my configuration or the VPS configuration at fault, not tor, but I thought I'd throw it out for ideas, as I'm not that confident (yet) with IPv6 stuff.

Here's the interface:

2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
link/ether a6:6a:08:73:42:27 brd ff:ff:ff:ff:ff:ff
altname enp0s18
inet xxx.yyy.87.222/26 brd xxx.yyy.87.255 scope global eth0
valid_lft forever preferred_lft forever
inet6 aaaa:bbbb:1a:10::1/64 scope global dadfailed tentative
valid_lft forever preferred_lft forever
inet6 fe80::a46a:8ff:fe73:4227/64 scope link
valid_lft forever preferred_lft forever

root@fw1475:~# ip -6 route
aaaa:bbbb:1a:10::/64 dev eth0 proto kernel metric 256 pref medium
fe80::/64 dev eth0 proto kernel metric 256 pref medium
default via aaaa:bbbb:1a:10:a46a:8ff:fe73:4227 dev eth0 proto static metric 1024 pref medium

And the netplan configuration:

root@fw1475:~# netplan status
Online state: online
DNS Addresses: 127.0.0.53 (stub)
DNS Search: .

â—Ź 1: lo ethernet UNKNOWN/UP (unmanaged)
MAC Address: 00:00:00:00:00:00
Addresses: 127.0.0.1/8
::1/128

â—Ź 2: eth0 ethernet UP (networkd: eth0)
MAC Address: a6:6a:08:73:42:27 (Red Hat, Inc.)
Addresses: xxx.yyy.87.222/26
aaaa:bbbb:1a:10::1/64
fe80::a46a:8ff:fe73:4227/64 (link)
DNS Addresses: 1.1.1.1
1.0.0.1
Routes: default via xxx.yyy.87.193 (static)
xxx.yyy.87.192/26 from xxx.yyy.87.222 (link)
aaaa:bbbb:1a:10::/64 metric 256
fe80::/64 metric 256
default via aaaa:bbbb:1a:10:a46a:8ff:fe73:4227 metric 1024 (static)

And this is what I get from the IPv6 OR port, determined by commenting/uncommenting the relevant line in my previously working configuration:

2024-12-14T20:36:38.782783+00:00 fw1475 tor[2317]: Dec 14 20:36:38.782 [warn] Failed to parse/validate config: Failed to bind one of the listener ports.
2024-12-14T20:36:38.782821+00:00 fw1475 tor[2317]: Dec 14 20:36:38.782 [err] Reading config failed--see warnings above.

Any ideas/help would be gratefully accepted.

Cheers,
Eddie

···

_______________________________________________
tor-relays mailing list -- tor-relays@lists.torproject.org
To unsubscribe send an email to tor-relays-leave@lists.torproject.org

Hi,

it seems that your address is not reachable for me:

From fe80::6e62:6dff:fe85:b8f9 icmp_seq=1 Destination unreachable: Address unreachable
From fe80::6e62:6dff:fe85:b8f9 icmp_seq=2 Destination unreachable: Address unreachable
From fe80::6e62:6dff:fe85:b8f9 icmp_seq=3 Destination unreachable: Address unreachable
From fe80::6e62:6dff:fe85:b8f9 icmp_seq=4 Destination unreachable: Address unreachable

Did you check that you can actually have IPv6 connectivity FROM your server?

All the best,
-GH

···

On Monday, December 16th, 2024 at 12:37 AM, Eddie via tor-relays <tor-relays@lists.torproject.org> wrote:

I had an issue with my VPS that I didn't notice for a while where I had
lost my IPv6 addressing. After contacting support they have restored
the IPv6 address, but I'm now unable to bind to the address. I've a
feeling it's more either my configuration or the VPS configuration at
fault, not tor, but I thought I'd throw it out for ideas, as I'm not
that confident (yet) with IPv6 stuff.

Here's the interface:

2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state

UP group default qlen 1000
link/ether a6:6a:08:73:42:27 brd ff:ff:ff:ff:ff:ff
altname enp0s18
inet xxx.yyy.87.222/26 brd xxx.yyy.87.255 scope global eth0
valid_lft forever preferred_lft forever
inet6 aaaa:bbbb:1a:10::1/64 scope global dadfailed tentative
valid_lft forever preferred_lft forever
inet6 fe80::a46a:8ff:fe73:4227/64 scope link
valid_lft forever preferred_lft forever

root@fw1475:~# ip -6 route
aaaa:bbbb:1a:10::/64 dev eth0 proto kernel metric 256 pref medium
fe80::/64 dev eth0 proto kernel metric 256 pref medium
default via aaaa:bbbb:1a:10:a46a:8ff:fe73:4227 dev eth0 proto static
metric 1024 pref medium

And the netplan configuration:

root@fw1475:~# netplan status
Online state: online
DNS Addresses: 127.0.0.53 (stub)
DNS Search: .

â—Ź 1: lo ethernet UNKNOWN/UP (unmanaged)
MAC Address: 00:00:00:00:00:00
Addresses: 127.0.0.1/8
::1/128

â—Ź 2: eth0 ethernet UP (networkd: eth0)
MAC Address: a6:6a:08:73:42:27 (Red Hat, Inc.)
Addresses: xxx.yyy.87.222/26
aaaa:bbbb:1a:10::1/64
fe80::a46a:8ff:fe73:4227/64 (link)
DNS Addresses: 1.1.1.1
1.0.0.1
Routes: default via xxx.yyy.87.193 (static)
xxx.yyy.87.192/26 from xxx.yyy.87.222 (link)
aaaa:bbbb:1a:10::/64 metric 256
fe80::/64 metric 256
default via aaaa:bbbb:1a:10:a46a:8ff:fe73:4227
metric 1024 (static)

And this is what I get from the IPv6 OR port, determined by
commenting/uncommenting the relevant line in my previously working
configuration:

2024-12-14T20:36:38.782783+00:00 fw1475 tor[2317]: Dec 14 20:36:38.782
[warn] Failed to parse/validate config: Failed to bind one of the
listener ports.
2024-12-14T20:36:38.782821+00:00 fw1475 tor[2317]: Dec 14 20:36:38.782
[err] Reading config failed--see warnings above.

Any ideas/help would be gratefully accepted.

Cheers,
Eddie

_______________________________________________
tor-relays mailing list -- tor-relays@lists.torproject.org
To unsubscribe send an email to tor-relays-leave@lists.torproject.org

Hi,

it seems that your address is not reachable for me:

You were pinging his link local fe80 address, which isn't routable. He is having troubles listening on the real IPv6 address, which he obfuscated.

···

On 2024-12-16 06:39, George Hartley via tor-relays wrote:

On 2024-12-15 19:37, Eddie via tor-relays wrote:

And this is what I get from the IPv6 OR port, determined by commenting/uncommenting the relevant line in my previously working configuration:

2024-12-14T20:36:38.782783+00:00 fw1475 tor[2317]: Dec 14 20:36:38.782 [warn] Failed to parse/validate config: Failed to bind one of the listener ports.
2024-12-14T20:36:38.782821+00:00 fw1475 tor[2317]: Dec 14 20:36:38.782 [err] Reading config failed--see warnings above.

Can you give your actual config? It's hard to diagnose without that.
_______________________________________________
tor-relays mailing list -- tor-relays@lists.torproject.org
To unsubscribe send an email to tor-relays-leave@lists.torproject.org

1 Like

Ah that is my bad, my ISP offers me IPv6 but I got it disabled entirely on my AVM model / router and through GRUB’s kernel command line parameters.

IPv4 is what I am used to, but at least I can say I learned something new today, thanks for the heads up.

If your public IPv6 address is indeed reachable (you can use a site like ping.eu to check), make sure your torrc ORPort format is correct and that you don’t have any typo’s in the address (due to the format, they are much harder to spot, at least to my eyes).

Here’s how to to it “properly”, according to the manual:

ORPort [address:]PORT|auto [flags]
Advertise this port to listen for connections from Tor clients and servers. This option is required to be a Tor server. Set it to "auto" to have Tor pick a port for you. Set it to 0 to not run an ORPort at all. This option can occur more than once. (Default: 0)

And according to the sample torrc configuration file from GitLab:


> ## See https://community.torproject.org/relay for details.
> 
> ## Required: what port to advertise for incoming Tor connections.
> #ORPort 9001
> ## If you want to listen on a port other than the one advertised in
> ## ORPort (e.g. to advertise 443 but bind to 9090), you can do it as
> ## follows.  You'll need to do ipchains or other port forwarding
> ## yourself to make this work.
> #ORPort 443 NoListen
> #ORPort 127.0.0.1:9090 NoAdvertise
> ## If you want to listen on IPv6 your numeric address must be explicitly
> ## between square brackets as follows. You must also listen on IPv4.
> #ORPort [2001:DB8::1]:9050

Good luck with everything.

-GH

···

On Tuesday, December 17th, 2024 at 2:42 AM, Red Oaive via tor-relays tor-relays@lists.torproject.org wrote:

On 2024-12-16 06:39, George Hartley via tor-relays wrote:

Hi,

it seems that your address is not reachable for me:

You were pinging his link local fe80 address, which isn’t routable. He
is having troubles listening on the real IPv6 address, which he
obfuscated.

On 2024-12-15 19:37, Eddie via tor-relays wrote:

And this is what I get from the IPv6 OR port, determined by
commenting/uncommenting the relevant line in my previously working
configuration:

2024-12-14T20:36:38.782783+00:00 fw1475 tor[2317]: Dec 14 20:36:38.782
[warn] Failed to parse/validate config: Failed to bind one of the
listener ports.
2024-12-14T20:36:38.782821+00:00 fw1475 tor[2317]: Dec 14 20:36:38.782
[err] Reading config failed–see warnings above.

Can you give your actual config? It’s hard to diagnose without that.


tor-relays mailing list – tor-relays@lists.torproject.org
To unsubscribe send an email to tor-relays-leave@lists.torproject.org