Opened 9 months ago

Closed 8 months ago

#2224 closed enhancement (fixed)

FAQs Page Updates

Reported by: slumlord Owned by: slumlord
Priority: minor Milestone: 0.9.35
Component: www/i2p Version: 0.9.34
Keywords: faq, website, i2p.www, faqs Cc: sadie
Parent Tickets:

Description

Notes:

  • Re-categorize/re-organize
  • Remove old/outdated questions
  • Update questions/answers
  • Remove '.jsp' from router console links

Subtickets

Attachments (1)

i2p_traffic_path.jpg (38.4 KB) - added by slumlord 9 months ago.
Diagram of an example path taken by traffic over I2P to aid in explaining I2P's "slowness" as compared to regular internet traffic

Download all attachments as: .zip

Change History (12)

comment:1 Changed 9 months ago by sadie

I shifted the page contents into three categories: General, Getting Started and Troubleshooting to start.

We should condense and update outproxy questions , and bundle other topics like router issues, basic configuration questions, etc to cut down on the visual noise of having so many topics.
The sidebar and page content are at the moment completely out of sync - the sidebar shows categories, page does not!

General

  • What Systems Work On I2P?
  • Is installing Java required to use I2P?
  • What is an eepsite?
  • What do active x/y numbers mean i the console?
  • Is my router an "exit node" to the regular internet?
  • I cant access regular internet websites through I2P
  • Is using an outproxy safe?
  • I am opposed to certain kinds of content...

Getting Started

  • How Do I configure My browser?
  • How do I connect to IRC within I2P?
  • How Do I set up my own eepsite?
  • What ports does I2P use?
  • I'm missing lots of host in my address book. What are some good subscription links?
  • Updated outproxy set up information
  • Bitorrent/snark etc questions
  • How can I access the web console from my other machines or password protect it?
  • How can I use applications form my other machines?
  • Is it possible to use I2P as a Socks proxy?
  • How do I reseed manually?

Troubleshooting

  • My router is using too much CPU
  • My router has been up for several minutes and has zero or very few connections
  • My router has very few active peers, is that okay?
  • My active peers/known peers/... vary dramatically over time, is anything wrong
  • Why is I2P so slow?
  • I'm using FreeBSD and when I start I2P I receive an error..
  • in wrapper.log I see an error....

Post was very poorly formatted. Please review and correct your post next time. I made some errors while fixing the formatting, I have corrected that as well. - slumlord

Last edited 8 months ago by slumlord (previous) (diff)

comment:2 Changed 9 months ago by slumlord

Thank you, Sadie :)

General notes:

  • Try to make answers to questions more general (e.g. don't include version numbers unless where absolutely necessary as over time the answers could get outdated and would require more frequent updates)
  • Remove '.jsp' from console links

Question by question review:

What systems will I2P run on? 

> Change references to e.g. raspberry pi
> trac link at the end

---

I think I found a bug, where can I report it? (link)
Here are some places, pick one or more.

    trac.i2p2.i2p ticket (preferred method)
> add clearnet link:    trac.i2p2.de ticket (preferred method)
    pastethis.i2p and follow up on IRC in #i2p
    Discuss with the developers on IRC in #i2p-dev

Please include relevant information from the router logs and wrapper logs.

> Please include relevant information from the logs page:
> http://127.0.0.1:7657/, including I2P VERSION AND RUNNING ENVIRONMENT router
> logs and wrapper logs.

---

I'm missing lots of hosts in my addressbook. What are some good subscription
links? (link)

> Split into 3 Qs: "cant find host? explain destinations" "what is a
> subscription?" "what are some good subscription links"

---

What happened to *.i2p.net? What happened to jrandom? Is I2P dead? (link)

> Remove

---

My router is using too much CPU?!? (link)

> Try to categorize
> remove '.jsp' from console links (also across website as a whole)

---

I am opposed to certain types of content. How do I keep from distributing,
storing, or accessing them? (link)

> Reword

---

My active peers / known peers / participating tunnels / connections / bandwidth
vary dramatically over time! Is anything wrong? (link)

No. This is normal. All routers adjust dynamically to changing network
conditions and demands.

> This can be kept as is

---

My router has been up for several minutes and has zero or very few connections
(link)

> Update answer

---

My router has very few active peers, is this OK? (link)

> Update answer

---

Is my router an "exit node" to the regular Internet? I don't want it to be.
(link)

> Include text about default outproxy with a new I2P install (meeh's outproxy)
> Short text about telegram/i2p outproxy
> Include link to outproxy guide on i2pforum.i2p/i2pforum.net
Version 0, edited 9 months ago by slumlord (next)

comment:3 Changed 9 months ago by sadie

I am opposed to certain types of content. How do I keep from distributing,
storing, or accessing them? (link)

Reword ( here is what I came up with for this section)

I have heard that questionable content can be distributed and hosted on I2P. What are my risks of being involved in anything that may be seen as illegal?

The I2P network was created to support anonymous communication for those who want or require their communications and identity to be private.

All traffic that you route on I2P has multiple layers of encryption. This means that you do not know a message's contents, source or destination. All traffic you route happens within the I2P network, there is no exit node, so there is no gateway where traffic could be monitored. Additionally, unlike Freenet, I2P does no distributed storage of content.

Since all traffic is encrypted and not stored, there should be no concern about ever interacting with content on the I2P network that is not by choice.

comment:4 Changed 9 months ago by slumlord

Updated Questions/Answers? so far:

Updated Questions/Answers
=========================

1 - What systems will I2P run on? 

  I2P is written in the Java programming language 
  [ https://en.wikipedia.org/wiki/Java_(programming_language) ]. 
  It has been tested on Windows, Linux, FreeBSD and OSX. An Android port also
  exists [ http://i2p-projekt.i2p/en/download#android ].

  In terms of memory usage, I2P is configured to use 128 MB of RAM by default.
  This is sufficient for browsing and IRC usage. However, other activities may
  require greater memory allocation. For example, if one wishes to run a
  high-bandwidth router, participate in I2P torrents or serve high-traffic
  hidden services, a higher amount of memory is required.

  In terms of CPU usage, I2P has been tested to run on modest systems such as
  the Raspberry Pi range of single-board computers 
  [ https://en.wikipedia.org/wiki/Raspberry_Pi ]. 
  As I2P makes heavy use of cryptographic techniques, a stronger CPU will be
  better suited to handle the workload generated by I2P as well as tasks
  related to the rest of the system (i.e. Operating System, GUI, Other
  processes e.g. Web Browsing).

  A comparison of some of the available Java Runtime Environments (JRE) is
  available here: 
    https://trac.i2p2.de/wiki/java 
  Using Sun/Oracle Java or OpenJDK is recommended.

2 - I think I found a bug, where can I report it?

  You may report any bugs/issues that you encounter on our bugtracker.  You can
  join our IRC channel as well: either through our IRC network, IRC2P or on
  Freenode.

    -   Our bugtracker, over I2P: trac.i2p2.i2p Or over clearnet: trac.i2p2.de
    -   Our forums: i2pforum.i2p or i2pforum.net
    (site unavailable..)-   pastethis.i2p and follow up on IRC2P in #i2p
    -   zerobin.i2p and follow up on IRC2P in #i2p
    -   Discuss with the developers on IRC2P in #i2p-dev

  Please include relevant information from the logs page:
    http://127.0.0.1:7657/logs
  We request that you share all of the text under the 'I2P Version and Running
  Environment' section as well as any errors or warnings displayed in the
  Critical/Router/Event/Service (Wrapper) log sections.

3 - I'm missing lots of hosts in my addressbook. What are some good
    subscription links?

  3.a - My router often displays a message saying "Website Not Found In
        Addressbook", why do I see this message?

    Human-readable addresses such as 'http://website.i2p' are references to a
    long, random string known as a _destination_. These references are
    registered and stored at services such as stats.i2p, which is run by zzz. A
    "b32" is a hash (specifically, a sha256 hash) of the destination which end
    in ".b32.i2p".

    It is possible to add subscriptions to your router's configuration which
    may reduce the frequency of these messages.
  
  3.b - What is an addressbook subscription?

    This is a list of files hosted on various I2P websites that contain a list
    of I2P hosts and their associated destinations.

    The addressbook is located at http://localhost:7657/dns where further
    information can be found.

  3.c - What are some good addressbook subscription links?

    You may try the following:
      
      http://stats.i2p/cgi-bin/newhosts.txt
      http://identiguy.i2p/hosts.txt


4 - (Remove) What happened to *.i2p.net? What happened to jrandom? Is I2P dead?



5 - My router is using too much CPU?!? (Reword question)
5 - My router is using a large amount of CPU, what can I do about this?

There are many possible causes of high CPU usage. Here is a checklist:

    * Java Runtime Environment
    Try to use either OpenJDK or Sun/Oracle Java if it's available for your
    system. You can check which version of java you have installed by typing
    java -version at a command/shell prompt. Performance tends to suffer with
    other implementations of java.

    * File sharing applications, e.g. BitTorrent
    Are you running a BitTorrent client over I2P? Try reducing the number of
    torrents, the bandwidth limits, or try turning it off completely to see if
    that helps.

    * High bandwidth settings
    Are your bandwidth limits set too high? It is possible that too much
    traffic is going through your I2P router and it is overloaded. Try reducing
    the setting for share bandwidth percentage on the configuration page.

    * I2P Version
    Make sure that you're running the latest version of I2P to get the benefits
    of increased performance and bug fixes.

    * Memory allocation
    Has enough memory been set aside for use by I2P? Look at the memory graph
    on the graphs page to see if the memory usage is "pegged"—the JVM is
    spending most of its time in garbage collection. Increase the setting
    wrapper.java.maxmemory in the file wrapper.config.

    * Bursts of high-usage vs. constant 100% usage
    Is the CPU usage simply higher than you would like, or is it pegged at 100%
    for a long time? If it's pegged, this could be a bug. Look in the logs for
    clues.

    * Java-related
    You may be using the Java-based BigInteger library instead of the native
    version, especially if you are running on a new or unusual OS or hardware
    (OpenSolaris, mipsel, etc.). See the jbigi page for instructions on
    diagnosing, building, and testing methods.

    * Participating tunnels
    If your native jbigi library is working fine, the biggest user of CPU may
    be routing traffic for participating tunnels. This uses CPU because at each
    hop a layer of encryption must be decoded. You can limit participating
    traffic in two ways - by reducing the share bandwidth on
    http://127.0.0.1:7657/confignet, or by setting
    router.maxParticipatingTunnels=nnn on http://127.0.0.1:7657/configadvanced 

6 - I am opposed to certain types of content. How do I keep from distributing,
    storing, or accessing them?

  I2P is an anonymous network - it is designed to withstand attempts at
  blocking or censoring of content, thus providing a means for communication
  that anyone can use. I2P traffic that transits through your router is
  encrypted, often with several layers of encryption. Except in the case of a
  serious security vulnerability (of which none are currently known), it is not
  possible to know what the contents of the traffic are and thus not possible
  to distinguish between traffic which one is opposed to or not opposed to.

  We consider the 3 parts of the question:

    -   Distribution 
        All traffic on I2P is encrypted in multiple layers. You don't know a
        message's contents, source, or destination. All traffic you route is
        internal to the I2P network, you are not an exit node (referred to as
        an outproxy in our documentation). Your only alternative is to refuse
        to route any traffic, by setting your share bandwidth or maximum
        participating tunnels to 0 (see above). It would be nice if you didn't
        do this, you should help the network by routing traffic for others.
        Over 95% of users route traffic for others.

    -   Storage 
        I2P does not do distributed storage of content, this has to be
        specifically installed and configured by the user (with Tahoe-LAFS, for
        example). That is a feature of a different anonymous network, Freenet.
        By running I2P, you are not storing content for anyone.

    -   Access 
        If there are hidden services which you dislike, you may refrain from
        visiting them. Your router will not request any content without your
        specific instruction to do so.


7 - My active peers / known peers / participating tunnels / connections /
    bandwidth vary dramatically over time! Is anything wrong?

  No, there isn't anything wrong. This is normal behavior. All routers adjust
  dynamically to changing network conditions and demands. Routers come online
  and go offline depending on whether the system it is installed on is
  operational or not, as well as whether there is an available network
  connection. Your router is constatly updating its local Network Database.
  Tunnels which your router is participating in expire every 10 minutes and may
  or may not be rebuilt through your router.

8 - My router has been up for several minutes and has zero or very few
    connections

  New installations of I2P carry out the reseeding process automatically, as
  well as when the number of known peers falls to a drastically low value.

  If you need to carry out a reseed of your router, please see the reseed
  instructions.

9 - My router has very few active peers, is this OK?

  If your router has 10 or more active peers, everything is fine. The router
  should maintain connections to a few peers at all times. The best way to stay
  "better-connected" to the network is to share more bandwidth. The amount of
  bandwidth that is shared by the router can be changed on the configuration
  page: 
    http://localhost:7657/config

10 - Is my router an "exit node" to the regular Internet? I don't want it to
     be

  No. Unlike Tor, "exit nodes" or "outproxies", as they are referred to on the
  I2P network, are not an inherent part of the network. Only volunteers who
  specifically set up and run separate applications will relay traffic to the
  regular Internet. There are very, very few of these.

  By default, I2P's HTTP Proxy (configured to run on port 4444) includes a
  single outproxy: false.i2p. This is run on a voluntary basis by Meeh.

  There is an outproxy guide available on our forums:
    http://i2pforum.i2p/viewtopic.php?f=21&t=189

11 - I can't access regular Internet sites through I2P

  I2P is primarily not intended, nor designed, to be used as a proxy to the
  regular internet. With that said, there are services which are provided by
  volunteers that act as proxies to clearnet based content - these are referred
  to as _outproxies_ on the I2P network. There is an outproxy configured by
  default in I2P's HTTP client tunnel - false.i2p. While this service does
  currently exist, there is no guarantee that it will always be there as it is
  not an official service provided by the I2P project. If your main requirement
  from an anonymous network is the ability to access clearnet resources, we would
  recommend using Tor.

12 - I can't access https:// or ftp:// sites through I2P

  - HTTPS
  Within I2P, there is no requirement to use HTTPS. All traffic is encrypted
  end-to-end, any further encryption, e.g. with the use of HTTPS, doesn't
  create any further benefits.

  However, if one would like to use HTTPS or has a requirement to do so, the
  existing default I2P HTTP Proxy has support for HTTPS traffic.  Any hidden
  service operator would have to specifically set up and enable HTTPS access.

  - FTP
  FTP is not supported for technical reasons.

  There are no FTP "outproxies" to the Internet—it may not even be possible to
  set up one. Any other kind of outproxy may work if it's set up with a
  standard tunnel. If you would like to set up some type of outproxy, carefully
  research the potential risks. The I2P community may or may not be able to
  help with the technical aspects, feel free to ask.

  As explained several times above, any existing outproxy isn't a core part of
  the network. They are services run by individuals and they may or may not be
  operational at any given time.

13 - Is using an outproxy safe?

  I2P does not encrypt the Internet, neither does Tor - for example, through
  Transport Layer Security (TLS). I2P and Tor both aim to transport your traffic
  as-is securely and anonymously over the corresponding network, to its
  destination. Any unencrypted traffic generated at your system will arrive at
  the outproxy (on I2P) or the exit node (on Tor) as unencrypted traffic. This
  means that you are vulnerable to snooping by the outproxy operators. One way to
  protect your outproxy traffic against this is to ensure that any traffic that
  will be handled by the outproxy is encrypted with TLS. 

  For more information, you may read the Tor FAQ's answer to this question:
    https://www.torproject.org/docs/faq#CanExitNodesEavesdrop

  In addition, you may be vulnerable to collusion between the outproxy operator
  and operators of other I2P services, if you use the same tunnels ("shared
  clients"). There is additional discussion about this on zzz.i2p (currently
  offline - mirrored at i2pforum.i2p or i2pforum.net --
  http://i2pforum.i2p/viewtopic.php?f=32&t=272 ).

  Ultimately, this is a question that only you can answer because the correct
  answer depends on your browsing behaviour, your threat model, and how much
  you choose to trust the outproxy operator.

14 - How do I access IRC, BitTorrent, or other services on the regular Internet?

  Unless an outproxy has been specifically set up for the service you want to
  connect to, this cannot be done. There are only three types of outproxies
  running right now: HTTP, HTTPS, and email. Note that there is no SOCKS
  outproxy. If this type of service is required, we recommend that you use Tor. 

  Please be aware that the Tor project recommends against using BitTorrent over
  Tor, as there are serious anonymity-related issues associated with doing so.
    https://blog.torproject.org/bittorrent-over-tor-isnt-good-idea


15 - Most of the eepsites within I2P are down?

  If you consider every eepsite that has ever been created, yes, most of them
  are down. People and eepsites come and go. A good way to get started in I2P
  is check out a list of eepsites that are currently up. http://identiguy.i2p
  tracks active eepsites.

16 - How do I set up my own eepsite?

  Click on the Website link at the top of your router console for instructions.

17 - Why is I2P so slow? (Reword)
17 - What makes downloads, torrents, web browsing, and everything else slower
     on I2P as compared to the regular internet?
 
  The encryption and routing within the I2P network adds a substantial amount of
  overhead and limits bandwidth. 

  We can try to clarify this with the aid of a diagram:

  [i2p_traffic_path.jpg]

  In this diagram, the path that some I2P traffic takes as it travels through
  the network is traced. A user's I2P router is denoted by the box labeled 'A'
  and an I2P Hidden Service (for example, the http://stats.i2p website) is
  labelled as 'B'. Both the client and the server are using 3-hop tunnels,
  these hops are represented by the boxes labelled 'P', 'Q', 'R', 'X', 'Y',
  'Z', 'P_1', 'Q_1', 'R'_1, 'X_1', 'Y_1' and 'Z_1'.
  
  The boxes labelled 'P', 'Q' and 'R' represent an outbound tunnel for A while
  the boxes labelled 'X_1', 'Y_1', 'Z_1' represent an outbound tunnel for 'B'.
  Similarly, the boxes labelled 'X', 'Y' and 'Z' represent and inbound tunnel
  for 'B' while the boxes labelled 'P_1', 'Q_1' and 'R_1' represent an inbound
  tunnel for 'A'. The arrows in between the boxes show the direction of
  traffic. The text above and below the arrows detail some example bandwidth
  between a pair of hops as well as example latencies.

  When both client and server are using 3-hop tunnels throughout, a total of 12
  other I2P routers are involved in relaying traffic. 6 peers relay traffic
  from the client to the server which is split into a 3-hop outbound tunnel
  from 'A' ('P', 'Q', 'R') and a 3-hop inbound tunnel to 'B' ('X', 'Y', 'Z').
  Similarly, 6 peers relay traffic from the server to back to the client.

  First, we can consider latency - the time that it takes for a request from a
  client to traverse the I2P network, reach the the server and traverse back to
  the client. Adding up all latencies we see that:

      40 + 100 + 20 + 60 + 80 + 10 + 30 ms        (client to server)
    + 60 + 40 + 80 + 60 + 100 + 20 + 40 ms        (server to client) 
    -----------------------------------
    TOTAL:                          740 ms

  The total round-trip time in our example adds up to 740 ms - certainly much
  higher than what one would normally see while browsing regular internet
  websites.

  Second, we can consider available bandwidth. This is determined through the
  slowest link between hops from the client and server as well as when traffic
  is being transmitted by the server to the client. For traffic going from the
  client to the server, we see that the available bandwidth in our example
  between hops 'R' & 'X' as well as hops 'X' & 'Y' is 32 KB/s. Despite higher
  available bandwidth between the other hops, these hops will act as a
  bottleneck and will limit the maximum available bandwidth for traffic from
  'A' to 'B' at 32 KB/s. Similarly, tracing the path from server to client
  shows that there is maximum bandwidth of 64 KB/s - between hops 'Z_1' & 'Y_1,
  'Y_1' & 'X_1' and 'Q_1' & 'P_1'.

  We recommend increasing your bandwidth limits. This helps the network by
  increasing the amount of available bandwidth which will in turn improve your
  I2P experience. Bandwidth settings are located on the
  http://localhost:7657/config page. Please be aware of your internet
  connection's limits as determined by your ISP, and adjust your settings
  accordingly. 

  We also recommend setting a sufficient amount of shared bandwidth - this
  allows for participating tunnels to be routed through your I2P router.
  Allowing participating traffic keeps your router well-integrated in the
  network and improves your transfer speeds.

  I2P is a work in progress. Lots of improvements and fixes are being
  implemented, and, generally speaking, running the latest release will help
  your performance. If you haven't, install the latest release.

18 - Bittorrent / I2PSnark / Azureus I2P Plugin Questions?

  > Current link points to i2pforum - remove this FAQ entry?

19 - How do I connect to IRC within I2P?

  A tunnel to the main IRC network within I2P, Irc2P, is created when I2P is
  installed (see the I2PTunnel configuration page), and is automatically
  started when the I2P router starts. To connect to it, configure your IRC
  client to connect to localhost on port 6668. HexChat-like client users can
  create a new network with the server localhost/6668 (remember to tick "Bypass
  proxy server" if you have a proxy server configured). Weechat users can use
  the following command to add a new network:

    /server add irc2p localhost/6668

20 - How can I access the web console from my other machines or password protect
     it?

  For security purposes, the router's admin console by default only listens for
  connections on the local interface. 

  There are two methods for accessing the console remotely:
  (1) SSH Tunnel
  (2) Configuring your console to be available on a Public IP address with a
      username & password
  These are detailed below:

  (1) SSH Port Forwarding/Tunneling

      If you are running a Unix-like Operating System, this is the easiest
      method for remotely accessing your I2P console.
      (Note: SSH server software is available for systems running Windows, for
      example https://github.com/PowerShell/Win32-OpenSSH )

      Once you have configured SSH access to your system, the '-L' flag is
      passed to SSH with appropriate arguments - for example:

        ssh -L 7657:localhost:7657 <System_IP>

      where '<System_IP>' is replaced with your System's IP address. This
      command forwards port 7657 (the number before the first colon) to the
      remote system's (as specified by the string 'localhost' between the first
      and second colons) port 7657 (the number after the second colon). Your
      remote I2P console will now be available on your local system as
      'http://localhost:7657' and will be available for as long as your SSH
      session is active. If you would like to start an SSH session without
      initiating a shell on the remote system, you can add the '-N' flag:

        ssh -NL 7657:localhost:7657 <System_IP>

  (2) Configuring your console to be available on a Public IP address with a
      username & password

        1 -   Open ~/.i2p/clients.config and replace
                clientApp.0.args=7657 ::1,127.0.0.1 ./webapps/
              with
                clientApp.0.args=7657 ::1,127.0.0.1,<System_IP> ./webapps/
              where you replace <System_IP> with your system's public IP
              address
        2 -   Go to http://localhost:7657/configui and add a console username
              and password if desired - Adding a username & password is highly
              recommended to secure your I2P console from tampering, which
              could lead to de-anonymization.
        3 -   Go to http://localhost:7657/index.jsp and hit "Graceful restart",
              which restarts the JVM and reloads the client applications

      After that fires up, you should now be able to reach your console
      remotely. Load the router console at http://<System_IP>:7657 and you will
      be prompted for the username and password you specified in step 2 above
      if your browser supports the authentication popup. 
      
      Note: You can specify 0.0.0.0 in the above configuration. This specifies
            an interface, not a network or netmask. 0.0.0.0 means "bind to all
            interfaces", so it can be reachable on 127.0.0.1:7657 as well as
            any LAN/WAN IP. Be careful when using this option as the console
            will be available on ALL addresses configured on your system.

21 - How can I use applications from my other machines?

  Please see the previous answer for instructions on using SSH Port Forwarding,
  and also see this page in your console: http://localhost:7657/configi2cp

22 - Whats an "eepsite"? 

  An eepsite is a website that is hosted anonymously, a hidden service which is
  accessible through your web browser. It can be accessed by setting your web
  browser's HTTP proxy to use the I2P web proxy (typically it listens on
  localhost port 4444), and browsing to the site.

23 - How do I configure my browser?

  The proxy config for different browsers is on a separate page with screenshots.
  More advanced configs with external tools, such as the browser plug-in
  FoxyProxy or the proxy server Privoxy, are possible but could introduce leaks
  in your setup.

24 - What do the Active x/y numbers mean in the router console?

  x is the number of peers you've sent or received a message from successfully
  in the last minute, y is the number of peers seen in the last hour or so. Try
  hovering your cursor over the other lines of information for a brief
  description.

25 - Is it possible to use I2P as a SOCKS proxy?

  The SOCKS proxy has been functional since release 0.7.1. SOCKS 4/4a/5 are
  supported. I2P does not have a SOCKS outproxy so it is limited to use within
  I2P only.

  Many applications leak sensitive information that could identify you on the
  Internet and this is a risk that one should be aware of when using the I2P
  SOCKS proxy. I2P only filters connection data, but if the program you intend to
  run sends this information as content, I2P has no way to protect your
  anonymity. For example, some mail applications will send the IP address of the
  machine they are running on to a mail server. There is no way for I2P to filter
  this, thus using I2P to 'socksify' existing applications is possible, but
  extremely dangerous.

  If you would like more information on the socks proxy application anyway, there
  are some helpful hints on the socks page -
    http://i2p-projekt.i2p/en/docs/api/socks

26 - What ports does I2P use?

  The ports that are used by I2P can be divided into 2 sections: 
  (1) Internet-facing ports, which are used for communication with other I2P
      routers
  (2) Local ports, for local connections

  (1) Internet-facing ports Note: Since release 0.7.8, new installs do not use
  port 8887; a random port between 9000 and 31000 is selected when the program
  is run for the first time. The selected port is shown on the router
  configuration page.
      
      - OUTBOUND
        - UDP from the random port listed on the configuration page to
        arbitrary remote UDP ports, allowing for replies
        - TCP from random high ports to arbitrary remote TCP ports
        - Outbound UDP on port 123, allowing for replies.
        This is necessary for I2P's internal time sync (via SNTP -
        querying a random SNTP host in pool.ntp.org or another server you
        specify)
      - INBOUND
        - (Optional, recommended) UDP to the port noted on the
        configuration page from arbitrary locations
        - (Optional, recommended) TCP to the port noted on configuration
        page from arbitrary locations
        - Inbound TCP can be disabled on the configuration page

  (2) Local I2P ports, listening only to local connections by default, except
      where noted: (to be formatted into table format)
      
      - 1900: UPnP SSDP UDP multicast listener. Cannot be changed. Binds to all
        interfaces. May be disabled on confignet.jsp.
      - 2827: BOB bridge, a higher level socket API for clients Disabled by
        default. May be enabled/disabled on configclients.jsp. May be changed
        in the bob.config file.
      - 4444: HTTP proxy May be disabled or changed on the i2ptunnel page in
        the router console. May also be configured to be bound to a specific
        interface or all interfaces.
      - 4445: HTTPS proxy May be disabled or changed on the i2ptunnel page in
        the router console. May also be configured to be bound to a specific
        interface or all interfaces.
      - 6668: IRC proxy May be disabled or changed on the i2ptunnel page in the
        router console. May also be configured to be bound to a specific
        interface or all interfaces.
      - 7652: UPnP HTTP TCP event listener. Binds to the LAN address. May be
        changed with advanced config i2np.upnp.HTTPPort=nnnn. May be disabled
        on confignet.jsp.
      - 7653: UPnP SSDP UDP search response listener. Binds to all interfaces.
        May be changed with advanced config i2np.upnp.SSDPPort=nnnn. May be
        disabled on confignet.jsp.
      - 7654: I2P Client Protocol port, used by client apps. May be changed to
        a different port on configclients.jsp but this is not recommended. May
        be to bind to a different interface or all interfaces, or disabled, on
        configclients.jsp.
      - 7655: UDP for SAM bridge, a higher level socket API for clients Only
        opened when a SAM V3 client requests a UDP session. May be
        enabled/disabled on configclients.jsp. May be changed in the
        clients.config file with the SAM command line option sam.udp.port=nnnn.
      - 7656: SAM bridge, a higher level socket API for clients Disabled by
        default for new installs as of release 0.6.5. May be enabled/disabled
        on configclients.jsp. May be changed in the clients.config file.
      - 7657: Your router console May be disabled in the clients.config file.
        May also be configured to be bound to a specific interface or all
        interfaces in that file.
      - 7658: Your eepsite May be disabled in the clients.config file. May also
        be configured to be bound to a specific interface or all interfaces in
        the jetty.xml file.
      - 7659: Outgoing mail to smtp.postman.i2p May be disabled or changed on
        the i2ptunnel page in the router console. May also be configured to be
        bound to a specific interface or all interfaces.
      - 7660: Incoming mail from pop.postman.i2p May be disabled or changed on
        the i2ptunnel page in the router console. May also be configured to be
        bound to a specific interface or all interfaces.
      - 8998: mtn.i2p2.i2p (Monotone - disabled by default) May be disabled or
        changed on the i2ptunnel page in the router console. May also be
        configured to be bound to a specific interface or all interfaces.
      - 31000: Local connection to the wrapper control channel port. Outbound
        to 32000 only, does not listen on this port. Starts at 31000 and will
        increment until 31999 looking for a free port. To change, see the
        wrapper documentation. For more information see below.
      - 32000: Local control channel for the service wrapper. To change, see
        the wrapper documentation. For more information see below.

  The local I2P ports and the I2PTunnel ports do not need to be reachable from
  remote machines, but *should* be reachable locally. You can also create
  additional ports for I2PTunnel instances via http://localhost:7657/i2ptunnel/
  (and in turn, would need to get your firewall to allow you local access, but
  not remote access, unless desired).

  So, to summarize, nothing needs to be reachable by unsolicited remote peers,
  but if you can configure your NAT/firewall to allow inbound UDP and TCP the
  outbound facing port, you'll get better performance. You will also need to be
  able to send outbound UDP packets to arbitrary remote peers (blocking IPs
  randomly with something like PeerGuardian only hurts you - don't do it).

27 - Why is I2P listening on port 32000?

  The Tanuki java service wrapper that we use opens this port—bound to
  localhost—in order to communicate with software running inside the JVM. When
  the JVM is launched it is given a key so it can connect to the wrapper. After
  the JVM establishes its connection to the wrapper, the wrapper refuses any
  additional connections.

  More information can be found in the wrapper documentation.

28 - How do I reseed manually?

  An I2P router only needs to be seeded once, to join the network for the first
  time. Reseeding involves fetching multiple "RouterInfo" files (bundled into a
  signed zip-file) from at least two predefined server URLs picked from a
  volunteer-run group of clearnet HTTPS servers.

  A typical symptom of a failed reseed is the "Known" indicator (on the left
  sidebar of the router console) displaying a very small value (often less than
  5) which does not increase. This can occur, among other things, if your local
  firewall limits outbound traffic or if the reseed request is blocked entirely.

  If you are stuck behind an ISP firewall or filter, you can use the following
  manual method (non-automated technical solution) to join the I2P network.

  As of release 0.9.33, you may also configure your router to reseed through a
  proxy. Go to http://localhost:7657/configreseed and configure the proxy type,
  hostname, and port.

  Joining the I2P Network using a reseed file

    Please contact a known trustworthy friend who has a running I2P router, and
    ask them for help with reseeding your I2P router. Request that they send
    you a reseed file exported from their running I2P router. It is vital that
    the file is exchanged over a secure channel, e.g. encrypted to avoid
    external tampering (PGP Sign, Encrypt and Verified with a trusted public
    key). The file itself is unsigned, so please accept files only from known
    trusted friends. Never import a reseed file if you can not verify its
    source.

    To import the received i2preseed.zip file into your local I2P router:

      - Go to http://localhost:7657/configreseed
      - Under "Manual Reseed from File" click "Browse..."
      - Select the i2preseed.zip file
      - Click "Reseed from File"

    Check the log for the following message: Reseed got 100 router infos from
    file with 0 errors

  Sharing a reseed file

    For trusted friends you can use your local I2P router to give them a jump
    start:

      - Go to http://localhost:7657/configreseed
      - Under "Create Reseed File" click "Create reseed file"
      - Securely send the i2preseed.zip file to your friend

  Do not reveal this file in any case to unknown users, since it contains
  sensitive private data (100 RouterInfo) from your own I2P router! In order to
  protect your anonymity: you may wait a few random hours/days before you share
  the file with your trusted friend. It is also advisable to use this procedure
  sparingly (< 2 per week).

  General guidelines for manual reseeding of I2P

    - Do not publicly publish the reseed file or share these files with a
      friend of a friend!
    - This file should be used only for a very limited number of friends (< 3)!
    - The file is valid only a few days (< 20)!

29 - In wrapper.log I see an error that states "Protocol family unavailable" when
     loading the Router Console

  Often this error will occur with any network enabled java software on some
  systems that are configured to use IPv6 by default. There are a few ways to
  solve this:

    - On Linux based systems, you can echo 0 > /proc/sys/net/ipv6/bindv6only
    - Look for the following lines in wrapper.config.
    - #wrapper.java.additional.5=-Djava.net.preferIPv4Stack=true
    - #wrapper.java.additional.6=-Djava.net.preferIPv6Addresses=false

    If the lines are there, uncomment them by removing the "#"s. If the lines
    are not there, add them without the "#"s.

  Another option would be to remove the ::1 from ~/.i2p/clients.config

  WARNING: For any changes to wrapper.config to take effect, you must
  completely stop the router and the wrapper. Clicking Restart on your router
  console will NOT reread this file! You must click Shutdown, wait 11 minutes,
  then start I2P.

30 - Is installing Java required to use I2P?

  While the main I2P client implementation requires Java, there are several
  alternative clients which don't require Java.
    http://i2p-projekt.i2p/en/about/alternative-clients

31 - I have a question!

  Great! Find us on IRC:
    - irc.freenode.net #i2p
    - IRC2P #i2p 
  or post to the forum and we'll post it here (with the answer, hopefully).
    - https://i2pforum.net/
    - http://i2pforum.i2p/

Last edited 9 months ago by slumlord (previous) (diff)

Changed 9 months ago by slumlord

Diagram of an example path taken by traffic over I2P to aid in explaining I2P's "slowness" as compared to regular internet traffic

comment:5 Changed 9 months ago by zzz

  • Milestone changed from undecided to 0.9.35

I like the new organization proposed in comment 1 and the preliminary changes posted in subsequent comments.

In general, the existing page has far too much colloquial language and long sentences with multiple clauses. Since this page is linked from the console, and is part of the high-priority translation resource, we should strive for clear, short, direct sentences which are easily translatable.

If possible we should get this page updated, and new strings pushed to Transifex, before the .35 tag freeze, so we can encourage our translators to work on it along with the .35 changes.

comment:6 Changed 8 months ago by slumlord

Request review & comment. I will check in changes on 13th June 2018, which is the updated tag freeze date if I recall correctly.

comment:7 Changed 8 months ago by sadie

re: 18 - Bittorrent / I2PSnark / Azureus I2P Plugin Questions? - lets remove this section for now. I agree that updating any documentation should consider translation. I am very happy with this update - it is a big improvement!

comment:8 Changed 8 months ago by slumlord

Updates are in

779f1fb1dfe3cccd81b7084f467d6257f49589b9 and
b717d71b1d4154a9bd358e96b76780ee45572e08

Please review.

Updates to browser-config page pending.

comment:9 Changed 8 months ago by slumlord

Updates to browser-config in

f073ee02359cc8402f4b40371824b8249694a8d3 and
d001d91b21cc70e7332eb246a9068e729760a6cd

comment:10 Changed 8 months ago by slumlord

  • Status changed from new to testing

comment:11 Changed 8 months ago by slumlord

  • Resolution set to fixed
  • Status changed from testing to closed

Closing ticket as FAQs page updates are complete. Please open a separate ticket for any issues regarding the FAQs page.

Note: See TracTickets for help on using tickets.