I2P_Developers/i2p.www
3
0
Fork 5
Code Issues 27 Pull Requests Actions 1 Packages Projects Releases Wiki Activity
Files
c454a1dab854fd76b964d7c96e5f24c2a90a7cc7
i2p.www/www.i2p2/pages/faq.html
kytv c454a1dab8 explain how to configure browser earlier
2012-05-25 01:20:11 +00:00

647 lines
36 KiB
HTML
Raw Blame History

{% extends "_layout.html" %}
{% block title %}FAQ{% endblock %}
{% block content %}
<h1>I2P - FREQUENTLY ASKED QUESTIONS</h1>
<h3 id="index"> Index </h3>
<ol>
<li style="list-style: none; display: inline">
<h4>General</h4>
</li>
<li><a href="#systems">What systems will I2P run on?</a></li>
<li><a href="#eepsite">Whats an "eepsite" and how do I configure my browser so I can use them?</a></li>
<li><a href="#peers">My router has very few active peers, is this OK?</a></li>
<li><a href="#active">What do the Active x/y numbers mean in the router console?</a></li>
<li><a href="#vary">My active peers / known peers / participating tunnels / connections / bandwidth vary dramatically over time! Is anything wrong?</a></li>
<li><a href="#proxy_safe">Is using an outproxy safe?</a></li>
<li><a href="#down">Most of the eepsites within I2P are down?</a></li>
<li><a href="#ports">What ports does I2P use?</a></li>
<li><a href="#port32000">Why is I2P listening for connections on port 32000?</a></li>
<li><a href="#bug">I think I found a bug, where can I report it?</a></li>
<li><a href="#jrandom">What happened to *.i2p.net? What happened to jrandom? Is I2P dead?</a></li>
<li><a href="#question">I have a question!</a></li>
<li style="list-style: none; display: inline">
<h4>Setup</h4>
</li>
<li><a href="#reseed">My router has been up for several minutes and has zero or very few connections</a></li>
<li><a href="#slow">Why is I2P so slow?</a></li>
<li><a href="#subscriptions">I'm missing lots of hosts in my addressbook. What are some good subscription links?</a></li>
<li><a href="#myeepsite">How do I set up my own eepsite?</a></li>
<li><a href="#snark">Bittorrent / I2PSnark / Azureus I2P Plugin Questions?</a></li>
<li><a href="#irc">How do I connect to IRC within I2P?</a></li>
<li><a href="#outproxy">I can't access regular Internet sites through I2P.</a></li>
<li><a href="#https">I can't access https:// or ftp:// sites through I2P.</a></li>
<li><a href="#socks">Is it possible to use I2P as a SOCKS proxy?</a></li>
<li><a href="#browserproxy">How do I configure my browser?</a></li>
<li><a href="#remote_webconsole">How can I access the web console from my other machines or password protect it?</a></li>
<li><a href="#remote_i2cp">How can I use applications from my other machines?</a></li>
<li><a href="#manual_reseed">How do I reseed manually?</a></li>
<li><a href="#cpu">My router is using too much CPU?!?</a></li>
<li style="list-style: none; display: inline">
<h4>Misconception</h4>
</li>
<li><a href="#proxy_other">How do I access IRC, BitTorrent, or other services on the regular Internet?</a></li>
<li><a href="#exit">Is my router an "exit node"(outproxy) to the regular Internet? I don't want it to be.</a></li>
<li><a href="#content">I am opposed to certain types of content. How do I keep from distributing, storing, or accessing them?</a></li>
<li style="list-style: none; display: inline">
<h4>Errors and Their Solutions</h4>
</li>
<li><a href="#compat6x">I'm using FreeBSD and when I start I2P I receive an error about <code>libm.so.4</code>!</a></li>
<li><a href="#protocolfamily">In <code>wrapper.log</code> I see an error stating <code>Protocol family unavailable</code> when I2P is loading</a></li>
</ol>
<h3 id="systems">What systems will I2P run on?
<span class="permalink">(<a href="#systems">link</a>)</span></h3>
<p>While I2P has been reported to run PCs as meagre as a low-end Pentium II with 64 MB of RAM, you'll have a much better experience on a Pentium III (or better) with 128MB of RAM (or more). A <a href="http://trac.i2p2.de/wiki/java">chart comparing the performance</a> of the various JREs can be found at <a href="http://trac.i2p2.de/wiki/java">http://trac.i2p2.de/wiki/java</a>, but in short: it's at all possible, use Sun/Oracle Java or OpenJDK.</p>
<p>I2P has been tested on Windows, Linux, FreeBSD (see the note <a href="#compat6x">below</a>), OSX, and OpenSolaris. There is work underway to bring I2P to the Android platform.</p>
<h3 id="bug">I think I found a bug, where can I report it?
<span class="permalink">(<a href="#bug">link</a>)</span></h3>
Here are some places, pick one or more.
<ul>
<li><a href="http://trac.i2p2.de/report/1">trac.i2p2.de</a> ticket (preferred method)</li>
<li><a href="http://pastethis.i2p/">pastethis.i2p</a> and follow up on IRC in #i2p</li>
<li>Discuss with the developers on IRC in #i2p-dev</li></ul>
<p>
Please include relevant information from the router logs and wrapper logs.
</p>
<h3 id="subscriptions">I'm missing lots of hosts in my addressbook. What are some good subscription links?
<span class="permalink">(<a href="#subscriptions">link</a>)</span></h3>
<p>
The default subscription is to http://www.i2p2.i2p/hosts.txt which is updated rarely.
If you don't have another subscription, you may often have to use "jump" links which
is annoying.</p>
<p>Here are some other public addressbook subscription links. You may wish to add one or two
to your <a href="http://localhost:7657/susidns/subscriptions.jsp">susidns subscription list</a>.
You don't need to add all of them, as they sync with each other periodically.
The links using a cgi-bin application employ various strategies to minimize
the number of duplicate addresses delivered, so they should be more efficient.
Note that subscribing to a hosts.txt service is an act of "trust", as a malicious
subscription could give you incorrect addresses. So think about whether you
want to trust any of these.
The operators of these services may have various policies for listing hosts.
Presence on this list does not imply endorsement.</p>
<div class="links">
<ul>
<li><a href="http://i2host.i2p/cgi-bin/i2hostetag">http://i2host.i2p/cgi-bin/i2hostetag</a></li>
<li><a href="http://stats.i2p/cgi-bin/newhosts.txt">http://stats.i2p/cgi-bin/newhosts.txt</a></li>
</div>
<h3 id="jrandom">What happened to *.i2p.net? What happened to jrandom? Is I2P dead?
<span class="permalink">(<a href="#jrandom">link</a>)</span></h3>
<p>Jrandom was the lead developer of I2P and
<a href="http://syndie.i2p2.de/">Syndie</a> for several years.
We do not know if or when jrandom will return.
The *.i2p.net domains were left in a non-functioning state after a power
outage at the hosting company.</p>
<p>See <a href="jrandom-awol.html">this page</a> for jrandom's parting message and additional information
on the migration of *.i2p.net to <a href="index.html">this website</a>.</p>
<p>I2P remains in active development.</p>
<h3 id="cpu">My router is using too much CPU?!?
<span class="permalink">(<a href="#cpu">link</a>)</span></h3>
<p>
There are many possible causes of high CPU usage. Here is a checklist:
</p><ul>
<li>
Try to use either OpenJDK or Sun/Oracle Java if it's available for your system. You can check
which version of java you have installed by typing <code>java -version</code> at a
command/shell prompt. Performance tends to suffer with other implementations of java.
</li>
<li>
Are you running a BitTorrent client over I2P? Try reducing the number of torrents, the bandwidth limits,
or try turning it off completely to see if that helps.
</li>
<li>
Are your bandwidth limits set too high? It is possible that too much traffic is going through your
I2P router and it is overloaded. Try reducing the setting for <em>share bandwidth percentage</em> on the <a href="http://localhost:7657/config">configuration</a> page.
</li>
<li>
Make sure that you're running the latest version of I2P to get the benefits of increased performance and bug fixes.
</li>
<li>
Has enough memory been set aside for use by I2P? Look at the memory graph on <a href="http://localhost:7657/graphs">the graphs page</a> to see
if the memory usage is "pegged"&mdash;the JVM is spending most of its time in
garbage collection. Increase the setting <code>wrapper.java.maxmemory</code> in <code>wrapper.config</code>.
</li>
<li>
Is the CPU usage simply higher than you would like, or is it pegged at 100% for a long time?
If it's pegged, this could be a bug. Look in the logs for clues.
</li>
<li>
You may be using the Java-based BigInteger library instead of the native version,
especially if you are running on a new or unusual OS or hardware (OpenSolaris, mipsel, etc.).
See the <a href="jbigi.html">jbigi page</a> for instructions on
diagnosing, building, and testing methods.
</li>
<li>
If your native jbigi library is working fine, the biggest user of
CPU may be routing traffic for participating tunnels. This uses CPU
because at each hop a layer of encryption must be decoded.
You can limit participating traffic in two ways - by reducing the
share bandwidth on
<a href="http://localhost:7657/confignet.jsp">confignet.jsp</a>,
or by setting <tt>router.maxParticipatingTunnels=nnn</tt> on
<a href="http://localhost:7657/configadvanced.jsp">configadvanced.jsp</a>.
</li></ul>
<h3 id="content">I am opposed to certain types of content. How do I keep from distributing, storing, or accessing them?
<span class="permalink">(<a href="#content">link</a>)</span></h3>
<p>
Hmm. I2P is an anonymous network, so that's a tricky one.
I2P is designed to withstand censorship, providing a means for everyone to communicate freely.
The best way to keep your PC free of (encrypted) traffic that you dislike is to not use I2P.
Freedom of speech has some costs.
But let's address your question in three parts:</p>
<ul>
<li><b>Distribution</b> - All traffic on I2P is encrypted in multiple layers. You don't know
a message's contents, source, or destination.
All traffic you route is internal to the I2P network, you are not an <a href="#exit">exit node</a> (outproxy).
Your only alternative is to refuse to route
<i>any</i> traffic, by setting your share bandwidth or maximum participating tunnels to 0 (see above).
It would be nice if you didn't do this, you should help the network by routing traffic for others.
Over 95% of users route traffic for others.
</li><li><b>Storage</b> - I2P does not do distributed storage of content. You must be thinking of
<a href="http://freenetproject.org/">Freenet</a>.
Nobody's content is being stored on your computer by running I2P.
</li>
<li><b>Access</b> - If there are some eepsites you don't like, don't go there.
Or, use a blocking proxy like Privoxy or some type of "net nanny".
</li></ul>
<h3 id="vary">My active peers / known peers / participating tunnels / connections / bandwidth vary dramatically over time! Is anything wrong?
<span class="permalink">(<a href="#vary">link</a>)</span></h3>
<p>
No. This is normal.
All routers adjust dynamically to changing network conditions and demands.
</p>
<h3 id="reseed">My router has been up for several minutes and has zero or very few connections
<span class="permalink">(<a href="#reseed">link</a>)</span></h3>
<p>
You may need to reseed your I2P router. With recent versions of I2P you can go to <a href="http://localhost:7657/configreseed">http://localhost:7657/configreseed</a> and click the <em>Save Changes and Reseed Now</em> button. If this method doesn't work&mdash;or you're using a very old version&mdash;you may need to <a href="#manual_reseed">reseed manually</a>.</p>
<p>
The reseed URL changed a few years ago. If this is your first install and you have installed
an old (0.6.1.30 or earlier) release, or
you have not run I2P in a long time, you must change the URL and then
click "Reseed" on the console to find other routers.
After your router is running,
on <a href="http://localhost:7657/configadvanced.jsp">configadvanced.jsp</a>,
add the line <tt>i2p.reseedURL=http://netdb.i2p2.de/</tt>
OR <tt>i2p.reseedURL=http://i2pdb.tin0.de/netDb/</tt> (either should work),
then click "Apply", then click the "reseed" link on the left.
</p><p>
This works if you are running 0.6.1.27 or later.
If you are running release 0.6.1.31 or later, you probably don't need to do this.
If you are running release 0.6.1.26 or earlier, either follow the
<a href="#manual_reseed">manual reseed instructions</a> below
or install the <a href="download">latest release</a>.
Possible alternate method - add
<tt>wrapper.java.additional.5=-Di2p.reseedURL=http://netdb.i2p2.de/</tt>
to wrapper.config, shutdown the router completely, then start again, then click "reseed".
Let us know if this works.
</p>
<p>...but you *really* should <a href="download">upgrade</a> to the latest version.</p>
<h3 id="peers">My router has very few active peers, is this OK?
<span class="permalink">(<a href="#peers">link</a>)</span></h3>
<p>
If your router has 10 or more active peers, everything is fine. Changes in releases 0.6.1.31 and 0.6.1.32 improved the
efficiency of the router and effectively reduced the number of active peers.
The router <i>should</i> maintain connections to a few peers at all times.
The best way to stay "better-connected" to the network is to <a href="http://localhost:7657/config">share more bandwidth</a>.
</p>
<h3 id="exit">Is my router an "exit node" to the regular Internet? I don't want it to be.
<span class="permalink">(<a href="#exit">link</a>)</span></h3>
<p>
No. Unlike <a href="http://www.torproject.org/">Tor</a>,
"exit nodes" or "outproxies" are not an inherent part of the network.
Only volunteers who set up and run separate applications will relay traffic to the regular Internet.
There are very, very few of these.
</p>
<h3 id="outproxy">I can't access regular Internet sites through I2P.
<span class="permalink">(<a href="#outproxy">link</a>)</span></h3>
<p>
See above. There are very few HTTP "outproxies", they are not an inherent part of the network,
and they may not be up.
In addition, the old outproxies squid.i2p, true.i2p, and krabs.i2p have vanished.
The only outproxy at the moment is false.i2p.
To use it, edit your <a href="http://localhost:7657/i2ptunnel/edit.jsp?tunnel=0">i2ptunnel settings for eepProxy</a>
and set your outproxy list to 'false.i2p' (only).
Then stop and restart the eepProxy.
If it doesn't work, the outproxy is not up. It is not I2P's fault.
If your primary reason to use an anonymous network is to anonymously access sites
on the regular Internet, you should probably try <a href="http://www.torproject.org/">Tor</a>.
</p>
<h3 id="https">I can't access https:// or ftp:// sites through I2P.
<span class="permalink">(<a href="#https">link</a>)</span></h3>
<p>
Within I2P, there is no need for HTTPS, as all traffic is encrypted end-to-end.
FTP is not supported for technical reasons.
</p><p>
There are no FTP "outproxies" to the Internet&mdash;it may not even be possible to set up one.
Any other kind of outproxy may work if it's set up with a standard tunnel.
If you would like to set up some type of outproxy, carefully research the potential risks.
The I2P community may or may not be able to help with the technical aspects, feel free to ask.</p>
<p>As explained several times above, any existing outproxy isn't a core part of the network.
They are services run by individuals and they may or may not
be operational at any given time.
</p>
<p><b>Update</b>: Thanks to the work of h2ik, there is an https outproxy available for use via I2P. Starting with I2P 0.8.4 <a href="http://localhost:7657/i2ptunnel/edit?tunnel=6">the tunnel</a> is configured out of the box.<br />
In case the https outproxy is not available in your version of I2P, you can add it easily by doing the following:</p>
<ol><li>Open <a href="http://localhost:7657/i2ptunnel/index.jsp">i2p tunnel manager</a>. Scroll down to the bottom.
</li><li>Choose <b>CONNECT</b> from <b>New Client Tunnel</b> dropdown list, click <b>Create</b>
</li><li>In the new page, <b>name</b> and <b>describe</b> your new https tunnel as you like.
The <b>Access Point</b> is your local port for the new https proxy recommended port's <b>4445</b>.
<b>Outproxy</b> should be the outproxy's .i2p address which supports https.
See this forum post of <a href="http://forum.i2p/viewtopic.php?p=31356#31356">h2ik</a>'s for the address.
Make sure <b>Shared Client</b>, <b>Delay Connect</b>, <b>AutoStart</b> are checked.
Other options should be left at the defaults. Click Save. In tunnel manger, click the <b>Start</b> button next to your new tunnel.
</li><li>In firefox, click through <b>Tools</b>><b>Options</b>><b>Advanced</b>><b>Network</b>><b>Setting</b>.
Untick <b>Use this proxy for all protocol</b>, set <b>SSL proxy:</b> to localhost:4445.
</li><li>Done.
</li></ol>
<h3 id="proxy_safe">Is using an outproxy safe?
<span class="permalink">(<a href="#proxy_safe">link</a>)</span></h3>
<p>
This is a question that only you can answer because the correct answer depends on your behaviours, your
<a href="how_threatmodel.html">threat model</a>, and how much you trust the outproxy operator.
</p><p>
Like Tor, I2P does not magically encrypt the Internet.
You are vulnerable to snooping by the outproxy operators.
The <a href="https://wiki.torproject.org/noreply/TheOnionRouter/TorFAQ#ExitEavesdroppers">Tor FAQ</a>
does a good job of explaining this.
</p><p>
In addition, you may be vulnerable to collusion between the outproxy operator
and operators of other I2P services, if you use the same tunnels ("shared clients").
There is additional discussion about this on <a href="http://zzz.i2p/topics/217">zzz.i2p</a>.
</p>
<h3 id="proxy_other">How do I access IRC, BitTorrent, or other services on the regular Internet?
<span class="permalink">(<a href="#proxy_other">link</a>)</span></h3>
<p>
Unless an outproxy has been set up for the service you want to connect to, this cannot be done.
There are only three types of outproxies running right now: HTTP, HTTPS, and email. Note that there is not a SOCKS outproxy.
If this type of service is required, try <a href="http://www.torproject.org/">Tor</a>.
</p>
<h3 id="down">Most of the eepsites within I2P are down?
<span class="permalink">(<a href="#down">link</a>)</span></h3>
<p>
If you consider every eepsite that has ever been created, yes, most of them are down.
People and eepsites come and go.
A good way to get started in I2P is check out a list of eepsites that are currently up.
<a href="http://perv.i2p/stats.cgi">perv.i2p</a> tracks active eepsites.
</p>
<h3 id="myeepsite">How do I set up my own eepsite?
<span class="permalink">(<a href="#myeepsite">link</a>)</span></h3>
<p>
Click on the <a href="http://localhost:7658/">My Eepsite Link</a>
on the top of your router console for instructions.
</p>
<h3 id="slow">Why is I2P so slow?
<span class="permalink">(<a href="#slow">link</a>)</span></h3>
<p>
Why are downloads, torrents, web browsing, and everything else so slow on I2P?
The encryption and routing within the I2P network adds a substantial amount of overhead and limits bandwidth.
Anonymity isn't free.
</p>
<p>
In addition, you and everybody else probably need to increase your bandwidth limits.
Two key settings are the inbound and outbound bandwidth limiters on
<a href="http://localhost:7657/config.jsp">the configuration page</a>.
With the default settings of 32KBps you will generally get no better than 15KBps data transfer in I2PSnark.
Increasing the settings (but keeping within your actual connection limitations)
will increase the potential transfer rate for I2PSnark and all other applications.
</p><p>
Also, do you have sufficient share bandwidth configured to allow participating tunnels
to route through your router? Believe it or not, allowing participating traffic
keeps you well-integrated in the network and helps your own transfer speeds.
</p><p>
I2P is a work in progress. Lots of improvements and fixes are being implemented, and
generally speaking, running the latest release will help your performance.
If you haven't, <a href="download.html">install the latest release</a>.
</p>
<h3 id="snark">Bittorrent / I2PSnark / Azureus I2P Plugin Questions?
<span class="permalink">(<a href="#snark">link</a>)</span></h3>
<p>
See the
<a href="http://forum.i2p/viewtopic.php?t=2068">I2P Bittorrent FAQ</a>
<a href="http://forum.i2p2.de/viewtopic.php?t=2068">(outside I2P)</a>
</p>
<h3 id="irc">How do I connect to IRC within I2P?
<span class="permalink">(<a href="#irc">link</a>)</span></h3>
<p>
On the
<a href="http://localhost:7657/i2ptunnel/index.jsp">I2PTunnel configuration page</a>,
start the ircProxy.
Then tell your IRC client to connect to localhost port 6668.
</p>
<h3 id="remote_webconsole">How can I access the web console from my other machines or password protect it?
<span class="permalink">(<a href="#remote_webconsole">link</a>)</span></h3>
<p>
For security purposes, the router's admin console by default only listens
for connections on the local interface. However, with a little hacking,
you can make it reachable remotely:
</p>
<ol>
<li>Open up clients.config and replace<br />
<code>clientApp.0.args=7657 ::1,127.0.0.1 ./webapps/</code><br />
with <br />
<code>clientApp.0.args=7657 0.0.0.0 ./webapps/</code></li>
<li>Go to <a href="http://localhost:7657/configadvanced.jsp">http://localhost:7657/configadvanced.jsp</a>
and add a new option: <code>consolePassword=foo</code> (or whatever password you want)</li>
<li>Go to <a href="http://localhost:7657/index.jsp">http://localhost:7657/index.jsp</a>
and hit "Graceful restart", which restarts the JVM and reloads the client applications</li>
</ol>
<p>
After that fires up, you should now be able to reach your console remotely.
You will be prompted for a username and password though - the username is
"admin" and the password is whatever you specified in step 2 above. Note: the
<code>0.0.0.0</code> above specifies an <i>interface</i>, not a network or netmask. 0.0.0.0
means "bind to all interfaces", so it can be reachable on 127.0.0.1:7657 as well as
any LAN/WAN IP.
</p>
<h3 id="remote_i2cp">How can I use applications from my other machines?
<span class="permalink">(<a href="#remote_i2cp">link</a>)</span></h3>
<p>
By default, the router I2CP interface (port 7654) binds to address 127.0.0.1. To bind to 0.0.0.0, set the
router advanced configuration option <tt>i2cp.tcp.bindAllInterfaces=true</tt> and restart.
</p>
<h3 id="eepsite">Whats an "eepsite"?
<span class="permalink">(<a href="#eepsite">link</a>)</span></h3>
<p>
An eepsite is a website that is hosted anonymously - you can access it by
setting your web browser's HTTP proxy to use the web proxy (typically it
listens on localhost port 4444), and browsing to the site.
</p>
<h3 id="browserproxy">How do I configure my browser?
<span class="permalink">(<a href="#browserproxy">link</a>)</span></h3>
<p>
The proxy config for different browsers is on a <a href="htproxyports.html">
separate page</a> with screenshots. More advanced configs with external tools
are possible but could introduce leaks in your setup.
</p>
<h3 id="active">What do the Active x/y numbers mean in the router console?
<span class="permalink">(<a href="#active">link</a>)</span></h3>
<p>
x is the number of peers you've sent or received a message from
successfully in the last minute, y is the number of peers seen in the last
hour or so.
</p>
<h3 id="socks">Is it possible to use I2P as a SOCKS proxy?
<span class="permalink">(<a href="#socks">link</a>)</span></h3>
<p>
The SOCKS proxy is working as of release 0.7.1. SOCKS 4/4a/5 are supported.
There is no SOCKS outproxy so it is of limited use.
</p><p>
In addition, many applications leak sensitive
information that could identify you on the Internet. I2P only filters
connection data, but if the program you intend to run sends this
information as content, I2P has no way to protect your anonymity. For
example, some mail applications will send the IP address of the machine
they are running on to a mail server. There is no way for I2P to filter
this, thus using I2P to 'socksify' existing applications is possible, but
extremely dangerous.
</p><p>
If you would like more information on the socks proxy application anyway,
there are some helpful hints on the <a href="socks.html">socks page</a>.
</p>
<h3 id="ports">What ports does I2P use?
<span class="permalink">(<a href="#ports">link</a>)</span></h3>
<p>
Okay, here's a rundown of the default ports (everything is configurable
through various settings, of course):
</p>
<ul>
<li><b>Internet-facing ports</b>
Note: New installs as of release 0.7.8 do not use port 8887; they select a random port
between 9000 and 31000 when the program is run for the first time.
The selected port is shown on the router <a href="http://127.0.0.1:7657/confignet.jsp">configuration page.</a>
<ul>
<li><b>Outbound UDP from the random port noted on the <a href="http://127.0.0.1:7657/confignet.jsp">configuration page</a> to arbitrary remote UDP ports, allowing replies</b></li>
<li><b>Outbound TCP from random high ports to arbitrary remote TCP ports</b></li>
<li><b>(optional, but recommended) Inbound UDP to the port noted on <a href="http://127.0.0.1:7657/confignet.jsp">configuration page</a> from arbitrary locations</b></li>
<li><b>(optional, but recommended) Inbound TCP to the port noted on <a href="http://127.0.0.1:7657/confignet.jsp">configuration page</a> from arbitrary locations</b><br />
Inbound TCP may be disabled on the <a href="http://127.0.0.1:7657/confignet.jsp">configuration page.</a></li>
<li><b>Outbound UDP on port 123, allowing replies</b><br />
This is necessary for I2P's internal time sync (via SNTP -
querying a random SNTP host in pool.ntp.org or another
server you specify)</li>
</ul>
</li>
</ul>
<ul>
<li><b>Local I2P ports</b>, listening only to local connections by default,
except where noted:
<ul>
<li><b>1900:</b> UPnP SSDP UDP multicast listener.
<i>Cannot be changed. Binds to all interfaces.
May be disabled on <a href="http://localhost:7657/confignet.jsp">confignet.jsp</a>.
</i></li>
<li><b>2827:</b> BOB bridge, a higher level socket API for clients
<i>Disabled by default.
May be enabled/disabled on <a href="http://localhost:7657/configclients.jsp">configclients.jsp</a>.
May be changed in the bob.config file.
</i></li>
<li><b>4444:</b> HTTP proxy
<i>May be disabled or changed on the i2ptunnel page in the router console.
May also be configured to be bound to a specific interface or all interfaces.
</i></li>
<li><b>4445:</b> HTTPS proxy
<i>May be disabled or changed on the i2ptunnel page in the router console.
May also be configured to be bound to a specific interface or all interfaces.
</i></li>
<li><b>6668:</b> IRC proxy
<i>May be disabled or changed on the i2ptunnel page in the router console.
May also be configured to be bound to a specific interface or all interfaces.
</i></li>
<li><b>7652:</b> UPnP HTTP TCP event listener.
<i>Binds to the LAN address.
May be changed with advanced config i2np.upnp.HTTPPort=nnnn.
May be disabled on <a href="http://localhost:7657/confignet.jsp">confignet.jsp</a>.
</i></li>
<li><b>7653:</b> UPnP SSDP UDP search response listener.
<i>Binds to all interfaces.
May be changed with advanced config i2np.upnp.SSDPPort=nnnn.
May be disabled on <a href="http://localhost:7657/confignet.jsp">confignet.jsp</a>.
</i></li>
<li><b>7654:</b> I2P Client Protocol port, used by client apps.
<i>May be changed to a different port on
<a href="http://localhost:7657/configclients.jsp">configclients.jsp</a>
but this is not recommended.
May be to bind to a different interface or all interfaces, or disabled, on
<a href="http://localhost:7657/configclients.jsp">configclients.jsp</a>.
</i></li>
<li><b>7655:</b> UDP for SAM bridge, a higher level socket API for clients
<i>Only opened when a SAM V3 client requests a UDP session.
May be enabled/disabled on <a href="http://localhost:7657/configclients.jsp">configclients.jsp</a>.
May be changed in the clients.config file with the SAM command line option sam.udp.port=nnnn.
</i></li>
<li><b>7656:</b> SAM bridge, a higher level socket API for clients
<i>Disabled by default for new installs as of release 0.6.5.
May be enabled/disabled on <a href="http://localhost:7657/configclients.jsp">configclients.jsp</a>.
May be changed in the clients.config file.
</i></li>
<li><b>7657:</b> Your router console
<i>May be disabled in the clients.config file.
May also be configured to be bound to a specific interface or all interfaces in that file.
</i></li>
<li><b>7658:</b> Your eepsite
<i>May be disabled in the clients.config file.
May also be configured to be bound to a specific interface or all interfaces in the jetty.xml file.
</i></li>
<li><b>7659:</b> Outgoing mail to smtp.postman.i2p
<i>May be disabled or changed on the i2ptunnel page in the router console.
May also be configured to be bound to a specific interface or all interfaces.
</i></li>
<li><b>7660:</b> Incoming mail from pop.postman.i2p
<i>May be disabled or changed on the i2ptunnel page in the router console.
May also be configured to be bound to a specific interface or all interfaces.
</i></li>
<li><b>8998:</b> mtn.i2p2.i2p (Monotone - disabled by default)
<i>May be disabled or changed on the i2ptunnel page in the router console.
May also be configured to be bound to a specific interface or all interfaces.
</i></li>
<li><b>31000:</b> Local connection to the wrapper control channel port.
<i>Outbound to 32000 only, does not listen on this port.
Starts at 31000 and will increment until 31999 looking for a free port.
To change, see the
<a href="http://wrapper.tanukisoftware.com/doc/english/prop-port.html">wrapper documentation</a>.
For more information see <a href="#port32000">below</a>.
</i></li>
<li><b>32000:</b> Local control channel for the service wrapper.
<i>To change, see the
<a href="http://wrapper.tanukisoftware.com/doc/english/prop-port.html">wrapper documentation</a>.
For more information see <a href="#port32000">below</a>.
</i></li>
</ul>
</li>
</ul>
<p>
The local I2P ports and the I2PTunnel ports do not need to be reachable from
remote machines, but *should* be reachable locally. You can also create
additional ports for I2PTunnel instances via http://localhost:7657/i2ptunnel/
(and in turn, would need to get your firewall to allow you local access, but
not remote access, unless desired).
</p>
<p>
So, to summarize, nothing needs to be reachable by unsolicited remote peers, but
if you can configure your NAT/firewall to allow inbound UDP and TCP the <a href="http://localhost:7657/config">outbound facing port</a>, you'll
get better performance. You will also need to be able to send outbound UDP packets
to arbitrary remote peers (blocking IPs randomly with something like PeerGuardian
only hurts you - don't do it).
</p>
<h3 id="port32000">Why is I2P listening on port 32000?
<span class="permalink">(<a href="#port32000">link</a>)</span></h3>
<p>The Tanuki java service wrapper that we use opens this port&mdash;bound to localhost&mdash;in order
to communicate with software running inside the JVM. When the JVM is launched it is given a key
so it can connect to the wrapper. After the JVM establishes its connection
to the wrapper, the wrapper refuses any additional connections.</p>
<p>More information can be found in the
<a href="http://wrapper.tanukisoftware.com/doc/english/prop-port.html">wrapper documentation</a>.</p>
<h3 id="manual_reseed">How do I reseed manually?
<span class="permalink">(<a href="#manual_reseed">link</a>)</span></h3>
<p>
An I2P router only needs to be seeded once, to join the network for the first time.
Reseeding is nothing more than sending plain HTTP GET requests
to fetch a directory listing and download multiple "routerInfo" files
from a predefined reseed URL.
</p>
<p>
A typical symptom of a failed reseed is the "Known" indicator
(on the left sidebar of the router console) displaying a very small value
(often less than 5) which does not increase. This can occur, among other things,
if your firewall limits outbound traffic, and blocked the reseed request.
</p>
To reseed an I2P router manually, do the following:
<ul>
<li>Stop your I2P router
</li><li>Open <!-- DOWN <a href="http://i2pdb.tin0.de/netDb/">http://i2pdb.tin0.de/netDb/</a> or -->
<a href="http://netdb.i2p2.de/">http://netdb.i2p2.de/</a> using a web browser
</li><li>Save a dozen "routerInfo" files to your I2P "netDb" directory
<!-- DOWN
</li><li>Alternate method (easier): Download <a href="http://i2pdb.tin0.de/latest.zip">http://i2pdb.tin0.de/latest.zip</a>
and unzip it into your I2P "netDb" directory.
-->
</li><li>Start your I2P router
</li></ul>
<h3 id="compat6x">I'm using FreeBSD and when I start I2P I receive an error about <code>libm.so.4</code>!
<span class="permalink">(<a href="#compat6x">link</a>)</span></h3>
When trying to start the router using "i2prouter start", you may see output like the following:<br />
<code>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;$ ./i2prouter start<br />
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Starting I2P Service...<br />
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;/libexec/ld-elf.so.1: Shared object "libm.so.4" not found, required by "i2psvc"
</code>
<p>In order to be inclusive and try to ensure that I2P will run on as many systems
as possible, up until I2P 0.8.9 we used a <a href="http://wrapper.tanukisoftware.com/">java wrapper</a>
compiled for FreeBSD 6.x. If you're receiving this error you most likely are missing the necessary compatibility libraries.
These libraries may be installed by performing the following steps:</p>
<ul>
<li>Switch to the root user with <code>su</code> or log in as <code>root</code>.</li>
<li><code>cd /usr/ports/misc/compat6x</code></li>
<li><code>make install</code></li>
</ul>
<p>If you cannot install these compatibility libraries (or do not want to), other possibilities would be to compile the wrapper for <a href="manualwrapper">your system</a>,
starting I2P with the <code>runplain.sh</code> script, or you can replace the wrapper with one from the source tarball.</p>
<p>For the 0.8.9 release of I2P, the wrapper was upgraded to v3.5.12 and compiled on systems running FreeBSD 7.2.</p>
<h3 id="protocolfamily">In <code>wrapper.log</code> I see an error that states "<code>Protocol family unavailable</code>" when loading the Router Console
<span class="permalink">(<a href="#protocolfamily">link</a>)</span></h3>
<p>Often this error will occur with any network enabled java software on some systems that are configured to use IPv6 by default. There are a few ways to solve this:</p>
<ul>
<li>On Linux based systems, you can <code>echo 0 > /proc/sys/net/ipv6/bindv6only</code></li>
<li>Look for the following lines in <code>wrapper.config</code>.<br />
<code>#wrapper.java.additional.5=-Djava.net.preferIPv4Stack=true<br />
#wrapper.java.additional.6=-Djava.net.preferIPv6Addresses=false<br />
</code><br />
If the lines are there, uncomment them by removing the "#"s. If the lines are not there, add them without the "#"s.<br /></li>
</ul>
Another option would be to remove the <strong>::1</strong> from <code>~/.i2p/clients.config</code>
<p><strong>WARNING</strong>: For any changes to <code>wrapper.config</code> to take effect, you must completely
stop the router and the wrapper. Clicking <em>Restart</em> on your
router console will NOT reread this file! You must
click <em>Shutdown</em>, wait 11 minutes, then start I2P.</p>
<hr />
<h3 id="question">I have a question!
<span class="permalink">(<a href="#question">link</a>)</span></h3>
<p>
Great! Find us on IRC irc.freenode.net #i2p or post to
the <a href="http://forum.i2p2.de/">forum</a> and we'll post it here (with
the answer, hopefully).
</p>
{% endblock %}
Reference in New Issue View Git Blame Copy Permalink