<%@page contentType="text/html" %> I2P Router Console - config networking <%@include file="nav.jsp" %> <%@include file="summary.jsp" %> " />
<%@include file="confignav.jsp" %> " />
<% String prev = System.getProperty("net.i2p.router.web.ConfigNetHandler.nonce"); if (prev != null) System.setProperty("net.i2p.router.web.ConfigNetHandler.noncePrev", prev); System.setProperty("net.i2p.router.web.ConfigNetHandler.nonce", new java.util.Random().nextLong()+""); %> " /> Bandwidth limiter

" /> KBps In ()
" /> KBps Out ()
Share ()

<% int share = nethelper.getShareBandwidth(); if (share < 12) { out.print("NOTE: You have configured I2P to share only " + share + "KBps. "); out.print("I2P requires at least 12KBps to enable sharing. "); out.print("Please enable sharing (participating in tunnels) by configuring more bandwidth. "); out.print("It improves your anonymity by creating cover traffic, and helps the network.
"); } else { out.print("You have configured I2P to share " + share + "KBps. "); out.print("The higher the share bandwidth the more you improve your anonymity and help the network.
"); } %>


UPnP Configuration:
/> Enable UPnP to open firewall ports UPnP status

IP Configuration:
Externally reachable hostname or IP address:
/> Use all auto-detect methods
/> Disable UPnP IP address detection
/> Ignore local interface IP address
/> Use SSU IP address detection only
/> Specify hostname or IP: " /> <% String[] ips = nethelper.getAddresses(); if (ips.length > 0) { out.print(" or \n"); } %>
/> Hidden mode - do not publish IP(not recommended; change restarts router)

UDP Configuration:
Internal UDP port: " />
/> Require SSU introductions (Enable if you cannot open your firewall)

Current External UDP address:

Inbound TCP Configuration:
Externally reachable hostname or IP address:
/> Use auto-detected IP address (currently ) if we are not firewalled
/> Always use auto-detected IP address (Not firewalled)
/> Disable (Firewalled)
/> Specify hostname or IP: " />

Externally reachable TCP port:
/> Use the same port configured for SSU (currently )
/> Specify Port: " />

Note: changing any of these settings will terminate all of your connections and effectively restart your router.


Configuration Help:

If you can, please poke a hole in your NAT or firewall to allow unsolicited UDP packets to reach you on your external UDP address. If you can't, I2P now includes supports UDP hole punching with "SSU introductions" - peers who will relay a request from someone you don't know to your router for your router so that you can make an outbound connection to them. I2P will use these introductions automatically if it detects that the port is not forwarded (as shown by the Reachability: Firewalled line), or you can manually require them here. Users behind symmetric NATs, such as OpenBSD's pf, are not currently supported.

Hostnames entered here will be published in the network database. They are not private. Also, do not enter a private IP address like 127.0.0.1 or 192.168.1.1.

You do not need to allow inbound TCP connections - outbound connections work with no configuration. However, if you want to receive inbound TCP connections, you must poke a hole in your NAT or firewall for unsolicited TCP connections. If you specify the wrong IP address or hostname, or do not properly configure your NAT or firewall, your network performance will degrade substantially. When in doubt, leave the hostname and port number blank.

Reachability Help:

While I2P will work adequately behind a firewall, your speeds and network integration will generally improve if you open up your port (generally 8887) to both UDP and TCP, and enable inbound TCP above. If you think you have opened up your firewall and I2P still thinks you are firewalled, remember that you may have multiple firewalls, for example both software packages and external hardware routers. If there is an error, the logs may also help diagnose the problem.

  • OK - Your UDP port does not appear to be firewalled.
  • Firewalled - Your UDP port appears to be firewalled. As the firewall detection methods are not 100% reliable, this may occasionally be displayed in error. However, if it appears consistently, you should check whether both your external and internal firewalls are open on port 8887. I2P will work fine when firewalled, there is no reason for concern. When firewalled, the router uses "introducers" to relay inbound connections. However, you will get more participating traffic and help the network more if you can open your firewall(s). If you think you have already done so, remember that you may have both a hardware and a software firewall, or be behind an additional, institutional firewall you cannot control. Also, some routers cannot correctly forward both TCP and UDP on a single port, or may have other limitations or bugs that prevent them from passing traffic through to I2P.
  • Testing - The router is currently testing whether your UDP port is firewalled.
  • Hidden - The router is not configured to publish its address, therefore it does not expect incoming connections.
  • WARN - Firewalled and Fast - You have configured I2P to share more than 128KBps of bandwidth, but you are firewalled. While I2P will work fine in this configuration, if you really have over 128KBps of bandwidth to share, it will be much more helpful to the network if you open your firewall.
  • WARN - Firewalled and Floodfill - You have configured I2P to be a floodfill router, but you are firewalled. For best participation as a floodfill router, you should open your firewall.
  • WARN - Firewalled with Inbound TCP Enabled - You have configured inbound TCP, however your UDP port is firewalled, and therefore it is likely that your TCP port is firewalled as well. If your TCP port is firewalled with inbound TCP enabled, routers will not be able to contact you via TCP, which will hurt the network. Please open your firewall or disable inbound TCP above.
  • WARN - Firewalled with UDP Disabled - You have configured inbound TCP, however you have disabled UDP. You appear to be firewalled on TCP, therefore your router cannot accept inbound connections. Please open your firewall or enable UDP.
  • ERR - Clock Skew - Your system's clock is skewed, which will make it difficult to participate in the network. Correct your clock setting if this error persists.
  • ERR - Private TCP Address - You must never advertise an unroutable IP address such as 127.0.0.1 or 192.168.1.1 as your external address. Correct the address or disable inbound TCP above.
  • ERR - SymmetricNAT - I2P detected that you are firewalled by a Symmetric NAT. I2P does not work well behind this type of firewall. You will probably not be able to accept inbound connections, which will limit your participation in the network.
  • ERR - UDP Port In Use - Set i2np.udp.internalPort=xxxx in advanced config and restart - I2P was unable to bind to port 8887 or other configured port. Check to see if another program is using port 8887. If so, stop that program or configure I2P to use a different port. This may be a transient error, if the other program is no longer using the port. However, a restart is always required after this error.
  • ERR - UDP Disabled and Inbound TCP host/port not set - You have not configured inbound TCP with a hostname and port above, however you have disabled UDP. Therefore your router cannot accept inbound connections. Please configure a TCP host and port above or enable UDP.
  • ERR - Client Manager I2CP Error - check logs - This is usually due to a port 7654 conflict. Check the logs to verify. Do you have another I2P instance running? Stop the conflicting program and restart I2P.