22:59:02 <ahf> #startmeeting s55 meeting 22:59:02 <MeetBot> Meeting started Wed Apr 29 22:59:02 2020 UTC. The chair is ahf. Information about MeetBot at http://wiki.debian.org/MeetBot. 22:59:02 <MeetBot> Useful Commands: #action #agreed #help #info #idea #link #topic. 22:59:30 <nickm> hi! 22:59:41 <teor> hi 22:59:52 <nickm> evening/moring! 23:00:01 <nickm> *morning 23:00:14 <ahf> where do we want to start? a status on where you are teor? 23:01:12 <gaba> hi 23:01:37 <teor> Yeah, I can also go through the status email I sent a few days ago. But let's not talk about outreachy or sponsor negotiations in a public channel. 23:02:00 <teor> So I had a few major tasks over the last week: 23:02:15 <teor> * Tell ahf, nickm, and dgoulet which tickets they can start on 23:02:17 <ahf> agreed @ outreachy/sponsor things 23:02:25 <teor> * Make a list of essential tickets 23:02:39 <teor> * Update the torspec proposals 23:03:10 <teor> (Sorry, just checking notes) 23:03:43 <teor> * Work out what I can do in my remaining time 23:03:54 <ahf> yep 23:03:57 <teor> * Analyse some specific technical issues 23:04:01 <teor> (I'm done) 23:04:41 <teor> So I sent an email out to your all covering those things. 23:04:51 <nickm> yup, got it. It looked reasonable. 23:05:13 <ahf> yep. we went over bits of it with david too yesterday 23:05:14 <teor> I think the proposal updates will be ongoing. But most changes are in the proposals now. 23:05:47 <teor> I have finished the relay side of IPv6 extends (#33817 and parents) 23:06:13 <ahf> sweet 23:06:15 <nickm> sounds good. I started looking at your changes to 33817 based on my review earlier today, and so far they look fine. I think that one will probably be good to merge 23:06:17 <teor> And next I want to start sending IPv6 extends from clients (#33222), so we can do integration testing on that code. 23:07:01 <teor> Just trying to find my next tasks... 23:07:12 <nickm> ok. before we actually merge the client part do we need to add the protover support? 23:08:16 <teor> nickm: I think it's safe to send IPv6 extend requests to relays that don't support them. But I'll find out in the next day or two. 23:08:21 <nickm> ok 23:08:28 <nickm> this is from relays, for self-test purposes, yeah? 23:08:32 <teor> They should just ignore the IPv6, and use IPv4. 23:08:47 <teor> Yes, only relays will send IPv6 for now. 23:08:51 <nickm> ack 23:09:43 <teor> And I think only for self-test circuits. We could send IPv6 for all relay circuits, but we can do that later if we want to. 23:10:05 <nickm> so in summary from what dgoulet and I talked about yesterday: we're going to try to ramp up with dgoulet on O1.2 starting with code movement and refactoring for the existing address detection logic 23:10:30 <nickm> and I'm going to try to ramp up on O1.1 with code review on your stuff and with addr/real_addr fixing and other test/refactoring you've requested 23:10:45 <teor> Great! I haven't touched the 1.1 address detection code, so there won't be any merge conflicts. 23:10:49 <nickm> (I'm hesitating to do more right now on O1.1 because I think it could get in your way) 23:11:04 <nickm> "1.1" address detection code? 23:11:17 <teor> Oops, sorry, 1.2 23:11:29 <nickm> ah ok 23:11:30 <teor> Lots of details in my head right now :-) 23:11:45 <nickm> no worries; just wanted to make sure you didn't know about an extra address detection thing I wasn't aware of :) 23:11:49 <teor> I think we'll be fine both working on O1.1. It will be easier if we keep a short review-merge cycle. 23:12:25 <ahf> teor: you don't see any conflicts with people in parallel working on both O2.1 and O1.1 right? 23:12:31 <nickm> 1.2 23:12:33 <nickm> not 2.1 23:12:48 <teor> They're completely different parts of the code, so I don't think there will be many impacts. 23:12:52 <ahf> err, yes 23:12:53 <nickm> for #33817, I need to take a closer look at #cd7e2fc; the other changes look like they should address my comments 23:13:07 <ahf> teor: great 23:13:30 <teor> There might be a bit of crossover with the real_addr refactor, and when we replace the current IPv6 address functions with the new ones. 23:13:35 <teor> But those should be simple mass replacements. 23:14:17 <teor> Do you have any questions for me right now about O1.1 or O1.2 ? 23:14:45 <ahf> not so far, nope 23:14:50 <teor> We can always set up an IRC meeting to go over code or technical questions. I'm usually on email and signal every day. (Sometimes I lose my IRC backlog.) 23:14:55 <nickm> for O1.1 -- is it really this simple? It seems like this is going to be comparatively straightforward from this point. 23:15:46 <teor> So there's a bit of tricky coding at the end of #33222, to make these checks happen: 23:15:56 <teor> 1. Check for create cells on inbound ORPort connections 23:16:05 <teor> 2. Check for created cells from testing circuits on outbound OR connections 23:16:36 <teor> And some work to do extra diagnostics, and preserve the legacy checks as a diagnostic 23:16:52 <nickm> do you think that 1/2 are a reasonable fit for our pubsub logic? 23:17:20 <teor> I think so, as long as it's performant 23:17:46 <nickm> it should be. we wouldn't want to use it for every byte or every relay cell, but for every create or created it's cool 23:18:51 <teor> Ok, that seems fine then. 23:19:11 <nickm> other question -- do you happen to know _why_ we overwrite conn.addr? Or did you ask me that? 23:19:19 <nickm> (and if you did ask me, did I know at the time?) 23:19:44 <teor> There is a nice comment from arma explaining that. It's for logging. 23:20:44 <teor> https://github.com/torproject/tor/blob/7517e1b5d31aada1f594c2594737a231d9d8e116/src/core/or/channeltls.c#L738 23:20:57 <teor> Oops sorry not that one. 23:21:48 <nickm> found it 23:21:55 <nickm> ok, so arma thinks it's just for logging 23:22:05 <nickm> if that's the case this isn't too bad to fix 23:22:14 <nickm> the hard part is auditing to see that nothing relies on getting a match 23:22:18 <teor> It's not though, it's also for reverse proxied addresses 23:22:18 <ahf> hm, interesting 23:22:20 <teor> https://github.com/torproject/tor/blob/7517e1b5d31aada1f594c2594737a231d9d8e116/src/core/or/channeltls.c#L1339 23:22:47 <teor> So yes, tricky 23:23:14 <nickm> yowch 23:23:38 <nickm> ok, well that will probably eat my coding time for a couple of days at least. :) 23:23:59 <teor> Yeah, sorry about that. But it's a source of endless confusion every time I try to use it. 23:24:17 <nickm> no worries; I dislike it too 23:24:50 <nickm> oh, one last question. for prop#312, did you have an abstraction in mind for "unifying" the various ways to detect an address? 23:25:06 <nickm> if not I'll try to come up with one with dgoulet after he's done some refactoring 23:25:53 <nickm> other than that I'm out of topics for now 23:25:55 <teor> I think a priority list is a good abstraction 23:26:58 <teor> Where each item contains a source and an address. And the sources are sorted in priority order. 23:27:46 <teor> It's also possible that we just want one address per family and source. In that case, a map from source would be better. And we could have one map for IPv4 and IPv6. 23:27:49 <nickm> hm. and where the code that sets each item gets launched as needed? or sets the item "in the background" as it finds it? 23:27:59 <nickm> i think that makes sense too 23:28:21 <teor> There is a table in the proposal that lists how each source is currently discovered 23:28:32 <nickm> yes 23:28:53 <nickm> the effect of that table was to convince me that there is not much consistency right now 23:29:05 <teor> We need to be able to record discovered addresses that are triggered by other events. pubsub would be good here. 23:29:40 <nickm> hm. sounds plausible. 23:29:47 <teor> I think most other addresses can be an async query, or a regularly scheduled task. 23:30:02 <nickm> that seems about right 23:30:39 <teor> If we want to expire addresses, we should also have a last discovered timestamp. But I don't think that's necessary in the first implementation. 23:30:50 <nickm> agreed 23:31:09 <nickm> just treating this stuff uniformly would make it easier to add a timestamp if/when we think it's necessary 23:31:32 <teor> Yes, I think a well-defined pubsub interface would really help you here. 23:31:48 <nickm> i'll give it a try 23:32:02 <teor> It would also make it easy to switch in NETINFO for directory headers. If we decide to want to do that. 23:32:07 <nickm> dgoulet: I'm marking this for you so you can have a look at it :) 23:32:36 <ahf> he is not in here, but i'll prod him with the log tomorrow 23:32:40 <nickm> yup 23:32:44 <nickm> ok, that's it for me for today. Anything else for now? 23:32:53 <nickm> I'll continue to be online at my usual times 23:32:58 <ahf> should we continue with these statuses each wednesday at 23 utc? 23:33:07 <nickm> seems like a good idea for now 23:33:11 <nickm> if it is okay with teor 23:33:15 <ahf> i agree if it's cool with teor 23:33:17 <teor> Um yeah hang on their are other topics :-) 23:33:21 <ahf> yep 23:33:24 <teor> I can do this time regularly 23:33:27 <gaba> one question from me. I'm wondering why you are suggesting to remove #33264 23:33:33 <gaba> and the other tickets in item .3 23:33:56 <teor> gaba: Can we not talk about sponsor negotiations in a public channel :-) 23:34:07 <gaba> i'm not talking about sponsor negotiations 23:34:09 <teor> Or do you think it's ok? 23:34:26 <gaba> i'm talking about if those tickets are not necessary in this project or not 23:35:27 <gaba> You could reply in the mail if you do not feel comfortable talking about it here 23:35:36 <teor> As part of the proposal, we promised the sponsor we would deliver this objective: 23:35:37 <teor> O1.5 - Measure the number of connections, and consumed bandwidth, using IPv4 and IPv6 23:35:56 <gaba> yes 23:36:44 <teor> So unless we re-negotiate the scope with the sponsor, we have to keep #33264. 23:37:04 <teor> But I don't know if it will be particularly useful. 23:37:09 <gaba> yes. It seems to me that we can keep doing what we said we were going to do. 23:37:53 <teor> I don't know how we're tracking for time on this project. 23:38:15 <gaba> we can ask for an extension if we need to 23:38:15 <teor> I was asked what tasks I though were essential, so I suggested some less useful tasks that we could cut. 23:38:38 <gaba> ok 23:38:39 <teor> Let me clarify: I don't know how we're tracking for effort against budget on this project. 23:39:02 <gaba> ok. I thought maybe there was other reason that I did not know about on why to cut them 23:39:05 <gaba> thanks 23:39:33 <teor> Those tasks are not particularly useful, and I suggest that we'd be better to deliver more useful things. 23:40:11 <gaba> but nothing changed from when we created the proposal that make you say that, right? 23:41:09 <gaba> we are going to have a new roadmap session in a couple of weeks and can adjust things if needed. So far I'm writing all this suggestions down. 23:42:09 <nickm> i think it makes sense to divide tasks into more and less essential 23:42:39 <teor> I'm not sure if we're working with the same context here. 23:42:44 <teor> Since we wrote the proposal, I analysed the design tradeoffs in detail. I wrote detailed proposals describing these designs. 23:43:04 <teor> Then I recently did an analysis of the most useful tasks for the project objectives. 23:43:21 <teor> gaba, can you explain what kind of changes you're thinking of? 23:43:27 <gaba> this is why i'm asking you if there was anything else to consider (other than budget and time tracking and capacity) 23:43:30 <ahf> i think it is smart to prioritize it with the new situation we are in 23:43:52 <nickm> gaba: they are saying: utility. 23:44:07 <nickm> that's the something else to consider: how useful the item is. 23:44:36 <teor> gaba: I revised the effort estimates on those tickets, and I don't think they're worth the amount of effort they might take. 23:44:45 <teor> (Not as much as other tickets.) 23:46:08 <teor> I would like to continue this conversation privately. 23:46:37 <gaba> ok 23:46:38 <nickm> (i need to go in 15 minutes; are there more non-private topics to talk about?) 23:47:36 <teor> Yes. I really wanted to talk about testing. And I want to go through the list of other tickets I suggested that we cut. 23:47:44 <teor> But we don 23:47:53 <teor> But we don't have to cover those topics right now. 23:48:06 <ahf> i think the last part is useful, i think testing can maybe wait? 23:48:19 <ahf> the last part might be useful to david also tomorrow 23:48:31 <teor> Yeah sure. I can try to get back in that headspace. 23:48:41 * ahf nods 23:49:30 <teor> So let's talk about #33224, because that's the earliest optional task 23:49:47 <nickm> (for the tickets to possibly cut --whichever ones we don't get to tonight -- would it make sense to have that conversation on the email thread? It seems like teor's reasoning there is pretty detailed) 23:50:13 <ahf> nickm: yeah 23:50:20 <ahf> teor: yep 23:50:21 <nickm> the amount of work for adding a network parameter is slight at most 23:50:33 <teor> Yeah, I think that's a good idea. There are lots of tickets though. So we'll have to keep the thread tight. 23:51:05 <nickm> ok. let's maybe start a new thread based on the text under "Details of possible scope changes". 23:51:13 <teor> Or we could have the conversation on the tickets. And keep the email thread for the 3 tickets that I didn't want to discuss in public. 23:51:44 <ahf> ok 23:52:28 <teor> So for #33224, I recommend that we spend the time we need to implement it. 23:52:39 <nickm> right, it doesn't look hard 23:52:47 <teor> If we don't, and the IPv6 reachability self-tests have a bug, then 30% of relays will go down. 23:52:58 <ahf> yeah, it is a good idea to have an option folks can disable 23:53:03 <nickm> consensus parameters are easy to add 23:53:04 <ahf> and worst case we can let tor-relays@ know 23:53:23 <teor> So here's another question: we're going to change the IPv4 reachability code as well. 23:53:32 <nickm> (though tbh this would also argue for _not_ doing the "disable the whole relay if one port is down" logic) 23:53:54 * gaba needs to go. ttyl o/ 23:53:55 <teor> We've had clear feedback from directory authority operators and relay operators that that's what they want. 23:54:12 <teor> They want a very clear signal that their relay is misconfigured. 23:54:47 <ahf> gaba: o/ 23:55:04 <teor> This question keeps coming up every 6 months or so. Maybe we can document this design somewhere? 23:55:16 <nickm> teor: whom should I talk with to undertand that? 23:55:55 <nickm> I worry that they only want it because they experience the pain of the current behavior, not the pain of the desired behavior 23:55:57 <teor> Sebastian was the person who I last spoke to 23:56:10 <nickm> ok, I'll ask him. 23:56:22 <teor> But it's been pretty clear on the tor-relays list as well. 23:56:38 <nickm> ok 23:56:42 <teor> We last had this conversation when we modified the directory authority IPv6 reachability code. 23:56:52 <teor> It might be in the mailing list archives? 23:57:03 <nickm> i'll look. has anybody complained about the new authority behavior? 23:57:09 <nickm> if not that's a reasonably strong argument 23:57:37 <teor> No, it works really well. Relay operators get good feedback when their IPv6 ORPorts are unreachable. 23:57:46 <nickm> ok 23:57:56 <teor> The biggest complaint is the lack of relay IPv6 self-tests. 23:57:58 <nickm> (I need to go in 60 seconds. thanks for explaining this to me over and over) 23:58:23 <nickm> ahf: who should write the first round of thoughts on the email thread? 23:58:25 <ahf> teor: when both the discovery of the host's own address and the self-test is there, do we have a ticket for information the operator that they might be able to enable v6? 23:58:50 <teor> nickm: how about I put a recommendation on each of the public tickets, and then give a recommendation for each of the private tickets? 23:59:04 <teor> ahf: I'm not sure what you mean? 23:59:08 <nickm> ok 23:59:08 <ahf> nickm: i'll prod david tomorrow to look at the backlog tomorrow, and then the 3 of us can talk when we are all online tomorrow? or what do you mean here? 23:59:11 <arma2> (what's the comment by arma? now i want to look at it to see if i still agree with it. :) 23:59:37 <ahf> teor: one of the things that pops up as relay operator meetings is that relay operators aren't aware that ipv6 isn't automagically enabled on their relay 23:59:39 <nickm> (sorry, I need to get offline now. I'll check backlog later on, but this is a hard stop for me. Thanks everybody!) 23:59:46 <ahf> nickm: later o/ 23:59:48 <teor> Thanks nickm! 00:00:01 <teor> arma2: sorry, I don't have a link 00:00:05 <ahf> arma2: it was about why we change the addr field on connections to the canonical addr i think 00:00:38 <teor> If you can link it in #33898 that would be useful 00:01:13 <teor> ahf: we'll talk about the IPv6 changes in the release notes, and also on tor-relays as part of the testing tickets 00:01:31 <teor> #33230 #33253 00:01:45 <ahf> great 00:01:54 <teor> Do you think we should do anything else? 00:02:02 <teor> There should also be man page updates :-) 00:02:20 <ahf> no, i think that is fine. i was wondering if it would make sense to notify the user in the tor log if we detect a valid non-local v6 address, but no v6 configuration for the relay 00:02:32 <ahf> s/user/relay operator/ 00:03:30 <teor> So in #33246 we'll automatically open an IPv6 ORPort, and publish it if the reachability self-tests work 00:03:56 <teor> It should work just like IPv4, as far as the operator is concerned? 00:03:59 <ahf> perfect, i think that is fine 00:03:59 <ahf> yeah 00:04:01 <ahf> it is 00:04:01 <arma2> ah, here we are, the one with 00:04:04 <arma2> /* XXXX <arma> i believe the reason we did this, originally, is because 00:04:12 <teor> Yes, that one 00:05:25 <teor> https://github.com/torproject/tor/blob/7f9eaec538b7d01e0d1b130dc4cf2ec634252d46/src/core/or/connection_or.c#L920 00:06:30 <ahf> oh, old comment there 00:07:22 <teor> ahf: I think we're good for now? 00:07:36 <teor> I'll send that email, and then we can catch up as people have questions? 00:07:37 <ahf> huh, we copy it, free it, then copy it again? 00:07:49 <teor> Yeah, old code, too 00:07:55 <ahf> ook 00:08:02 <ahf> teor: i think we are good. i'll prod david tomorrow 00:08:09 <ahf> thank you, teor 00:08:17 <ahf> arma2: and nice to see you join here 8) 00:08:22 <ahf> #endmeeting