Quoting C. Pe. via tor-relays (2025-07-30 22:17:02) > Dear experts, > > I have a special question, for which I could not find 100% clear > documentation after a research. > > Situation: > - VPS with more than one IPv4 and IPv6 address > - IPv4 within the VPS is private class-A only (i.e. 10.x address), so port > binding happens to the private Class-A > > - External IPv4 is linked outside the VPS to the private Class-A - of course, > VPS is externally reachable by the external IPv4 > > - I would like to use a secondary IPv4, i.e. NOT the one, which is shown, > when you run the command 'curl -4 icanhazip.com' from within the VPS) > - I would like to use a secondary IPv6, i.e. NOT the one, which is shown, > when you run the command 'curl -6 icanhazip.com' from within the VPS) > > Let's assume, for my example only, I have the following secondary IP > addresses : > - external IPv4 7.8.9.10 > - internal IPv4 10.0.0.7 > - IPv6 [2345:bad:face::] > > Let's further assume, my ORPort was 1234 and the obfs4 port was 4321 > > In order to have TOR distribute the correct bridge line "obfs4 7.8.9.10:4321 > <...>", > is the following torrc config correct? > > BridgeRelay 1 > > ORPort 7.8.9.10:1234 NoListen > ORPort 10.0.0.7:1234 NoAdvertise > ORPort [2345:bad:face::]:1234
I think you can reduce this by just: ORPort 1234 As I believe Adress and OutboundBindAddress will do the rest for you. But others here might have a better torrc-fu than me. > > Address 7.8.9.10 > Address [2345:bad:face::] > OutboundBindAddress 10.0.0.7 > OutboundBindAddress [2345:bad:face::] > > ServerTransportPlugin obfs4 exec /usr/bin/obfs4proxy > ServerTransportListenAddr obfs4 10.0.0.7:4321 > > ExtORPort auto > ContactInfo [email protected] > Nickname MyCoolBridge > > With this config, I indeed am able to connect to the bridge using the "obfs4 > 7.8.9.10:4321 <...>" bridge line, > but is this line also communicated like that by the bridge distributor, or do > I need to adapt the above config to ensure proper distribution? I think this configuration is correct. The published address will be the one set in the Address. You can always check if the bridgeline distributed by rdsys is correct by visiting: https://bridges.torproject.org/status?id=<your hashed or not fingerprint> This should display one bullet point per IP/transport, so in your case two, one for IPv6 and another for IPv4. Take into account that it might take up to 4h for this page to be updated when you do changes. -- meskio | https://meskio.net/ -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- My contact info: https://meskio.net/crypto.txt -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Nos vamos a Croatan. _______________________________________________ tor-relays mailing list -- [email protected] To unsubscribe send an email to [email protected]
