Difference between revisions of "DNS"
(Created page with "The domain name system - short DNS - provides a resolution of the domain (for example geti2p.net) into an IP address (for example 81.7.7.63). In I2P, the IP addresses of the p...") |
AGentooCat (talk | contribs) m (remove over-explanation of destinations) |
||
| (4 intermediate revisions by 3 users not shown) | |||
| Line 1: | Line 1: | ||
| + | A "domain name system" (DNS for short) provides a resolution of a domain (for example <code>geti2p.net</code>) into an IP address (for example <code>81.7.7.63</code>). In I2P, an eepsites IP(+port) is its "destination" (a very long string<ref>around 500 characters, see below</ref>), so resolution goes by <code>eephost->destination</code> (for example [see ref]<ref>Destination for i2p-projekt.i2p by stats.i2p: <pre>8ZAW~KzGFMUEj0pdchy6GQOOZbuzbqpWtiApEj8LHy2~O~58XKxRrA43cA23a9oDpNZDqWhRWEtehSnX5NoCwJcXWWdO1ksKEUim6cQLP-VpQyuZTIIqwSADwgoe6ikxZG0NGvy5FijgxF4EW9zg39nhUNKRejYNHhOBZKIX38qYyXoB8XCVJybKg89aMMPsCT884F0CLBKbHeYhpYGmhE4YW~aV21c5pebivvxeJPWuTBAOmYxAIgJE3fFU-fucQn9YyGUFa8F3t-0Vco-9qVNSEWfgrdXOdKT6orr3sfssiKo3ybRWdTpxycZ6wB4qHWgTSU5A-gOA3ACTCMZBsASN3W5cz6GRZCspQ0HNu~R~nJ8V06Mmw~iVYOu5lDvipmG6-dJky6XRxCedczxMM1GWFoieQ8Ysfuxq-j8keEtaYmyUQme6TcviCEvQsxyVirr~dTC-F8aZ~y2AlG5IJz5KD02nO6TRkI2fgjHhv9OZ9nskh-I2jxAzFP6Is1kyAAAA</pre></ref>). |
||
| − | The domain name system - short DNS - provides a resolution of the domain (for example geti2p.net) into an IP address (for example 81.7.7.63). In I2P, the IP addresses of the participating routers are known, but not which router offering services. Instead, I2P services (for example eepsites) are linked to destinations. This means I need the appropriate destination to call an I2P service. So you could say that the IP address of a Web site in i2P is the destination of an eepsite. |
||
| − | + | A real life use of DNS would be a phone book: to call someone, you lookup the their name in the phone book. A phone book's equivalent would be a DNS server in clearnet, or a name registry in I2P. |
|
== How to get to the destinations for the corresponding services? == |
== How to get to the destinations for the corresponding services? == |
||
| + | An I2P router has a local DNS system in itself called "addressbook", storing the domain names and destinations, allowing for resolution without contacting a name registry. In a regulat environment, this would be "/etc/hosts" (or "C:\Windows\System32\drivers\etc\hosts" for Windows). |
||
| − | The own I2P router itself also leads a list of domain names and destinations. These are often stored in the so-called hosts.txt. This means that in case of resolution the router look at the local list. This local list of domain names and destinations is also referred to as an address book. |
||
| − | === |
+ | === How to populate the router's addressbook? === |
| − | There are several registries in I2P |
+ | There are several name registries in I2P, which keep a list of domain name-destination pairs. If you are subscribed to one or more, the router will regularly check in the background whether its registries offer new domain names or updated ones of the old ones, then fetch the new/updated entries and apply them to the addressbook. |
| + | |||
| − | The DNS in i2P can be described as decentralized. So there is no central instance that keeps the domain names and the destinations ready. For example, if a registry is down, you once saved the entries that locally stored at this point and, secondly, you can easily use multiple registries. This means it can be without problems one or more registries offline, as there are several. |
||
| + | ''Subscription in this context is a router having a list of name registries to fetch a domain/destination list from. You can add or remove a subscription from your router easily.'' |
||
| − | Often it is so that the registries exchange the lists with each other - or the operator of a service registers and shares their destination with more than one registry. The second reason why you can describe the DNS in i2P as a decentralized is that there is no instance that can prevent the registry. Even if you broke a registry to delete an entry, you still have the entry yourself and other registries. |
||
| + | |||
| ⚫ | |||
| + | This system can be described as decentralized for these arguments: |
||
| + | # If one name registry goes down, you can still subscribe to another one (and you should do that anyway). |
||
| + | # No name registries are needed for any resolving to take place, given that a list of domain/destination pairs has already been fetched. |
||
| + | # Name registries often exchange their lists by other ones, to keep theirs more synchronized, making it possible to get (roughly) the same list from different name registries. |
||
| + | # A service operator might choose to register their eepsite with different registries at once. |
||
| + | |||
| ⚫ | |||
{| class="wikitable sortable" |
{| class="wikitable sortable" |
||
|+ Registries |
|+ Registries |
||
| Line 16: | Line 23: | ||
! Site !! Operator !! Reliable |
! Site !! Operator !! Reliable |
||
|- |
|- |
||
| − | | stats.i2p || |
+ | | stats.i2p || By zzz, one of the main developers of I2P. || Yes |
| ⚫ | |||
| + | | reg.i2p || Developers of i2pd || Yes |
||
|- |
|- |
||
| inr.i2p || Unknown || Probably yes |
| inr.i2p || Unknown || Probably yes |
||
| Line 26: | Line 35: | ||
| i2pjump.i2p || Unknown || Probably yes |
| i2pjump.i2p || Unknown || Probably yes |
||
|} |
|} |
||
| + | |||
| − | It is also possible to provide a list of domain names and destinations without being acting as a registry. A selection of such services: |
+ | It is also possible to simply provide a list of domain names and destinations without being acting as a registry accepting new domains. A selection of such services: |
{| class="wikitable sortable" |
{| class="wikitable sortable" |
||
| + | |+ Providers of lists with domain names and destinations without registration function |
||
| − | |+ Anbieter von Listen mit Domainnamen und Destinations ohne Registrierungsfunktion |
||
|- |
|- |
||
! Site !! Operator !! Info !! Reliable |
! Site !! Operator !! Info !! Reliable |
||
|- |
|- |
||
| − | | http://i2p-projekt.i2p/hosts.txt || |
+ | | http://i2p-projekt.i2p/hosts.txt || Operated by the I2P project. || This list contains long existing eepsites and serves to provide a "basic list". || Yes |
|- |
|- |
||
| − | | http://notbob.i2p/hosts.txt || Notbob || || |
+ | | http://notbob.i2p/hosts.txt || Notbob || || Yes |
|} |
|} |
||
| − | == What are |
+ | == What are jump URLs/Services? == |
| + | If a router doesn't know the destination of an eepsite, and the name registries subscribed to doesn't have this domain (or they have and the router haven't fetched it yet), a "jump URL" can be used instead. A jump URL is in the format of: <code><nowiki>http://[[domain]].i2p/?i2paddresshelper=[[the long destination string]]</nowiki></code> |
||
| − | Sometimes it happens that the router does not know the destination of a domain. This may be because the domain is new and the router has not yet updated the list of domain names and destinations. But it may also be that the domain name is only registered with a registration site and the router does not get information from exactly this registry. |
||
| + | |||
| − | No matter what the reason is, in this case, Jump Services are used. The Jump Service looks to yourself in the address book - so in its own list of domain names and destinations and returns the appropriate destination to the router. Of course, it may happen that the Jump Service does not know the domain. In this case, it is advisable to try another Jump Service. |
||
| + | This lets a router to register this domain within themselves, allowing for the local resolutions of <nowiki>[[domain]] to be for [[the long destination string]]</nowiki>. |
||
| − | Since Jump Services needs to know many domains and have a large list accordingly, most Jump Services are operated by registries, which must already have a large list due to their function as a registry. |
||
| + | |||
| − | A selection of Jump Services: |
||
| + | A jump URL is easy to construct, for example, take the destination that was given at the top of this page for i2p-projekt.i2p, and prefix it to make it look like this: |
||
| + | <code><nowiki>http://i2p-projekt.i2p/?i2paddresshelper=8ZAW~KzGF[...]</nowiki></code> |
||
| + | |||
| + | A jump service provides these jump URLs from their list. Mostly, these services are hosted within an existing registry, since a registry already has a lot of domains (by nature), increasing the chances of a jump URL being given successfully. |
||
| + | |||
| + | A selection of jump services (put a hostname like "i2p-projekt.i2p" at the end of one): |
||
{| class="wikitable sortable" |
{| class="wikitable sortable" |
||
|+ Jump services |
|+ Jump services |
||
| Line 58: | Line 74: | ||
|} |
|} |
||
| + | == What are these different addressbooks? == |
||
| − | == For me there are several address books. Which should I use? == |
||
| + | ''This section applies to Java I2P routers, as [[I2Pd]] doesn't have multiple addressbooks.'' |
||
| − | In general, you should use the router address book. In this, all entries of registries are also loaded. |
||
| + | |||
| ⚫ | |||
| + | If you are going to add a domain name in your addressbook by yourself via SusiDNS, you would see that there are several addressbooks. |
||
| ⚫ | |||
| + | |||
| − | The local address book is automatically intrigued in the Router Address Book (merge). |
||
| + | The router addressbook is the one that the router operates. You will notice that this is a very long list of domains. This is because the lists fetched from the subscribed-to registries are stored here, and these registries (by nature) have a lot of domains. You don't need to touch this to add your eepsite, you would instead register it with a registry. |
||
| ⚫ | |||
| + | |||
| ⚫ | |||
| + | |||
| ⚫ | The local address book can be used to seeprate the services that you operate from the ones in the router addressbook. For example, if you operate an eepsite (for example a private blog), you can enter them here. Normally, you also don't need this addressbook. This addressbook's entries will shadow the ones in the router addressbook's ones<ref>FIXME if wrong</ref>. |
||
| + | |||
| ⚫ | |||
== Which registries should I use? == |
== Which registries should I use? == |
||
| − | + | Anyone being able to run a registry is a double-edged sword. The good edge is that there are always enough registries, talking to and syncing with each other, letting you to use anyone of them with almost no downtime. The bad edge is that a malicious person might host a registry, giving you wrong destinations, causing you to go to fraudulent eepsites, and potentially putting you in a bad situation (passwords being stolen, deanonymization attacks, etc). This is why there are only a few registry subscriptions in an out-of-the-box router, and why one should explore a registry before adding it to their subscription list. |
|
== Glossary == |
== Glossary == |
||
| Line 74: | Line 96: | ||
! Term !! Meaning |
! Term !! Meaning |
||
|- |
|- |
||
| − | | IP address || In order for computers to be able to communicate (talk) with one another, they need |
+ | | IP address || In order for computers to be able to communicate (talk) with one another, they need an IP address, like names for humans. In principle, every computer that is connected to the Internet has an IP address. |
|- |
|- |
||
| Eepsite || A website in the I2P network |
| Eepsite || A website in the I2P network |
||
|- |
|- |
||
| + | | I2P Router || A piece of software that lets you browse the I2P network, and most likely letting you to read this. |
||
| − | | I2P Router || Die lokale Software, welche auf dem Computer installiert ist, damit man Zugang zum I2P Netzwerk bekommt. (z. B. Java I2P oder I2Pd) |
||
|- |
|- |
||
| − | | I2P service || A service that is offered in the I2P network. These can be eepsites, chat servers, |
+ | | I2P service || A service that is offered in the I2P network. These can be eepsites, chat servers, games, anything you can imagine. |
|- |
|- |
||
| − | | Destination || An IP address in the I2P network. The difference |
+ | | Destination || An equivalent of an IP address in the I2P network. The difference being that it is very long, and can be imagined as a pack of an IP address and a port. |
|- |
|- |
||
| + | | Clearnet || The regular internet. |
||
| − | | Expert info || Additional information, which is not important for understanding the text. |
||
|- |
|- |
||
| ⚫ | |||
| − | | Clearnet || In contrast to the I2P network, the Clearnet is the "normal" Internet. |
||
| ⚫ | |||
| ⚫ | |||
| − | |- |
||
| − | | decentralized || Decentralized means that it is not subordinate to any central authority (government, private person, company) that is bundled in one place. |
||
| − | |- |
||
| − | | I2Pd || I2P router written in C ++. In contrast to the "normal" Java I2P router, I2Pd requires fewer system resources (RAM, CPU, ...). |
||
| − | |- |
||
| − | | address book || There is a list of domain names and corresponding destinations. This collection on your I2P router is also known as an address book. |
||
|} |
|} |
||
| + | |||
| + | == References == |
||
| + | <references /> |
||
== External sites == |
== External sites == |
||
| − | * |
+ | * http://i2p-projekt.i2p/en/docs/naming |
| − | * |
+ | * http://i2p-projekt.i2p/en/faq |
Latest revision as of 20:46, 2 April 2024
A "domain name system" (DNS for short) provides a resolution of a domain (for example geti2p.net) into an IP address (for example 81.7.7.63). In I2P, an eepsites IP(+port) is its "destination" (a very long string[1]), so resolution goes by eephost->destination (for example [see ref][2]).
A real life use of DNS would be a phone book: to call someone, you lookup the their name in the phone book. A phone book's equivalent would be a DNS server in clearnet, or a name registry in I2P.
How to get to the destinations for the corresponding services?
An I2P router has a local DNS system in itself called "addressbook", storing the domain names and destinations, allowing for resolution without contacting a name registry. In a regulat environment, this would be "/etc/hosts" (or "C:\Windows\System32\drivers\etc\hosts" for Windows).
How to populate the router's addressbook?
There are several name registries in I2P, which keep a list of domain name-destination pairs. If you are subscribed to one or more, the router will regularly check in the background whether its registries offer new domain names or updated ones of the old ones, then fetch the new/updated entries and apply them to the addressbook.
Subscription in this context is a router having a list of name registries to fetch a domain/destination list from. You can add or remove a subscription from your router easily.
This system can be described as decentralized for these arguments:
- If one name registry goes down, you can still subscribe to another one (and you should do that anyway).
- No name registries are needed for any resolving to take place, given that a list of domain/destination pairs has already been fetched.
- Name registries often exchange their lists by other ones, to keep theirs more synchronized, making it possible to get (roughly) the same list from different name registries.
- A service operator might choose to register their eepsite with different registries at once.
There are many registries and everyone can open their own. Here is a selection of registries:
| Site | Operator | Reliable |
|---|---|---|
| stats.i2p | By zzz, one of the main developers of I2P. | Yes |
| reg.i2p | Developers of i2pd | Yes |
| inr.i2p | Unknown | Probably yes |
| identiguy.i2p | Unknown | Probably yes |
| isitup.i2p | Unknown | Probably yes |
| i2pjump.i2p | Unknown | Probably yes |
It is also possible to simply provide a list of domain names and destinations without being acting as a registry accepting new domains. A selection of such services:
| Site | Operator | Info | Reliable |
|---|---|---|---|
| http://i2p-projekt.i2p/hosts.txt | Operated by the I2P project. | This list contains long existing eepsites and serves to provide a "basic list". | Yes |
| http://notbob.i2p/hosts.txt | Notbob | Yes |
What are jump URLs/Services?
If a router doesn't know the destination of an eepsite, and the name registries subscribed to doesn't have this domain (or they have and the router haven't fetched it yet), a "jump URL" can be used instead. A jump URL is in the format of: http://[[domain]].i2p/?i2paddresshelper=[[the long destination string]]
This lets a router to register this domain within themselves, allowing for the local resolutions of [[domain]] to be for [[the long destination string]].
A jump URL is easy to construct, for example, take the destination that was given at the top of this page for i2p-projekt.i2p, and prefix it to make it look like this:
http://i2p-projekt.i2p/?i2paddresshelper=8ZAW~KzGF[...]
A jump service provides these jump URLs from their list. Mostly, these services are hosted within an existing registry, since a registry already has a lot of domains (by nature), increasing the chances of a jump URL being given successfully.
A selection of jump services (put a hostname like "i2p-projekt.i2p" at the end of one):
| URL | Info |
|---|---|
| http://stats.i2p/cgi-bin/jump.cgi?a= | This site is operated by ZZZ, one of the main developers of I2P. |
| http://i2pjump.i2p/jump/ | This page collects the address books from different pages and provides them. |
| http://notbob.i2p/cgi-bin/jump.cgi?q= | This site is operated by NotBob. |
| http://inr.i2p/jump/ | It is not known who operates this page. She seems to be trustworthy. |
| http://reg.i2p/jump/ | This site is operated by the developers of I2PD. |
What are these different addressbooks?
This section applies to Java I2P routers, as I2Pd doesn't have multiple addressbooks.
If you are going to add a domain name in your addressbook by yourself via SusiDNS, you would see that there are several addressbooks.
The router addressbook is the one that the router operates. You will notice that this is a very long list of domains. This is because the lists fetched from the subscribed-to registries are stored here, and these registries (by nature) have a lot of domains. You don't need to touch this to add your eepsite, you would instead register it with a registry.
The private addressbook, is, private. This means it is shared with no one else and only in your router. It can be used, for example, to save a service that you operate (like a SSH or an FTP server) or a private forum that no one else should see. Normally, you do not need this, unless you do.
The local address book can be used to seeprate the services that you operate from the ones in the router addressbook. For example, if you operate an eepsite (for example a private blog), you can enter them here. Normally, you also don't need this addressbook. This addressbook's entries will shadow the ones in the router addressbook's ones[3].
The public addressbook should only be used by experts and experienced eepsite operators. It can be used to publish a list of domain names and destinations yourself.
Which registries should I use?
Anyone being able to run a registry is a double-edged sword. The good edge is that there are always enough registries, talking to and syncing with each other, letting you to use anyone of them with almost no downtime. The bad edge is that a malicious person might host a registry, giving you wrong destinations, causing you to go to fraudulent eepsites, and potentially putting you in a bad situation (passwords being stolen, deanonymization attacks, etc). This is why there are only a few registry subscriptions in an out-of-the-box router, and why one should explore a registry before adding it to their subscription list.
Glossary
| Term | Meaning |
|---|---|
| IP address | In order for computers to be able to communicate (talk) with one another, they need an IP address, like names for humans. In principle, every computer that is connected to the Internet has an IP address. |
| Eepsite | A website in the I2P network |
| I2P Router | A piece of software that lets you browse the I2P network, and most likely letting you to read this. |
| I2P service | A service that is offered in the I2P network. These can be eepsites, chat servers, games, anything you can imagine. |
| Destination | An equivalent of an IP address in the I2P network. The difference being that it is very long, and can be imagined as a pack of an IP address and a port. |
| Clearnet | The regular internet. |
| local | On your own computer, not shared with anybody else. |
References
- ↑ around 500 characters, see below
- ↑ Destination for i2p-projekt.i2p by stats.i2p:
8ZAW~KzGFMUEj0pdchy6GQOOZbuzbqpWtiApEj8LHy2~O~58XKxRrA43cA23a9oDpNZDqWhRWEtehSnX5NoCwJcXWWdO1ksKEUim6cQLP-VpQyuZTIIqwSADwgoe6ikxZG0NGvy5FijgxF4EW9zg39nhUNKRejYNHhOBZKIX38qYyXoB8XCVJybKg89aMMPsCT884F0CLBKbHeYhpYGmhE4YW~aV21c5pebivvxeJPWuTBAOmYxAIgJE3fFU-fucQn9YyGUFa8F3t-0Vco-9qVNSEWfgrdXOdKT6orr3sfssiKo3ybRWdTpxycZ6wB4qHWgTSU5A-gOA3ACTCMZBsASN3W5cz6GRZCspQ0HNu~R~nJ8V06Mmw~iVYOu5lDvipmG6-dJky6XRxCedczxMM1GWFoieQ8Ysfuxq-j8keEtaYmyUQme6TcviCEvQsxyVirr~dTC-F8aZ~y2AlG5IJz5KD02nO6TRkI2fgjHhv9OZ9nskh-I2jxAzFP6Is1kyAAAA
- ↑ FIXME if wrong