Skip to content
Moritz Warning edited this page Apr 4, 2015 · 100 revisions

Welcome to the KadNode wiki!

##FAQ

  • What is KadNode?
    In short, KadNode is the Transmissions DHT with interfaces and packaging.
    Slightly longer; KadNode is a tool that resolves names to IP addresses using the BitTorrent P2P network. KadNode runs in background and intercepts and answers name request for the .p2p domain. It has a very low resource consumption. The main task is to just return IP addresses for identifiers, not necessarly traditional DNS.
  • How to start?
    See the Howto Start.
  • How does KadNode intercept DNS reqests?
    On some systems the Name Service Switch (NSS) support (see /etc/nsswitch.conf) is used. For other systems KadNode includes a basic DNS server that listens on the local host (Supported are A, AAAA and SRV requests - to transmit the port). But this is tricky, because the might interfere with existing local DNS settings.
  • How long does it take to resolve an address?
    An estimate would be 8 seconds. Unless the address has been been cached.
  • So, it's all about DNS?
    No, KadNode is not traditional DNS. It just maps and 20 byte identifiers (or sha1(some-string)) to IP addresses. Everybody can announce identifiers. Use verification like HTTPS or other cryptography mechanisms.
  • Can KadNode be used as a DNS server?
    KadNode is not a DNS server, it does not forward domains and its copabilities are quite simplistic.
    It is meant to be an interface to a real DNS-Server (bind, dnsmasq etc.)
  • How much traffic does KadNode generate?
    See this small Benchmark.
  • Does KadNode offer authentication/verification?
    Yes, KadNode has an extension (called 'auth') to create a public/secret key pair and to lookup nodes using the public key as you would use a domain name. The resolved IP addresses are those of nodes that have the corresponding secret key. Keep in mind that this approach is not very secure!
  • How are public keys distributed?
    This is not in the scope of KadNode. So it is your task to enter the keys into the configuration files. KadNode does not intend to solve the task of key distribution.
  • Is the authentication/verification secure?
    No. The current mechanism is vulnerable to man-in-the-middle attacks!
  • How to compile KadNode without UPNP, NAT-PMP or authentication (libsodium) support?
    Edit the FEATURES variable in Makefile and remove 'upnp', 'natpmp' or 'auth'. You can check the binary using kadnode -v.
  • Local Peer Discover (LPD) does not work on bridged devices..
    Try to disable the multicast_snooping or multicast_querier option, this is needed for OpenWrt: echo 0 > /sys/devices/virtual/net/br-lan/bridge/multicast_snooping
  • How does the authentication work?
    Please consult the Authentication Details.
  • What about Namecoin and others?
    Namecoin tries to imitate traditional DNS where a domain is globally unique. KadNode merely maps identifiers to IP addresses without more thought. The authentication extension for KadNode is more of an experiment for a more specific application.
  • Lookup is slow? What is going on?
    KadNode may need a few seconds to resolve an identifier. If it takes considerably longer than 10 seconds, then your node might no properly bootstrapped. Let me now if you have reason to assume otherwise. There has been added a branch for speed enhancements.
  • What is "fatal error: sodium.h: No such file or directory"?
    When you try to compile KadNode, then you need to have libsodium installed. Otherwise, see Build&Installation below.
  • Why do not use the nodes ID to find a node? They do not need to be announced in comparison to value IDs ?
    Value IDs might not be free to choose in the future as some BitTorrent security features propose. You can also have only one.
  • When are peers exported?
    When a peer file is given (--peerfile), good peers are written to it every 24 hours and on proper shutdown (but only after at least 5min runtime).
  • Where does the name KadNode come from?
    It is short form Kademlia Node; Kademlia is the name of the DHT design used for BitTorrent.

Build&Installation

To build KadNode with all features, you first need to build and install libsodium (if the auth feature will be enabled):

wget https://github.com/jedisct1/libsodium/releases/download/1.0.1/libsodium-1.0.1.tar.gz
tar -xvzf libsodium-1.0.1.tar.gz
cd libsodium-1.0.1
./configure && make && sudo make install

Now build and install KadNode:

git clone [email protected]:mwarning/KadNode.git
cd KadNode
make && sudo make install

Before doing make, you can set the features variable to included the features you like to use.

TO DO List

  • increase lookup speed
  • fix browsers to try multiple IP addresses until http/https succeeds xD
  • use "ed25519_ ", "hex_" etc. prefix for all identifiers that will not put into sha1
  • Proper cryptography (etc. signing, prevention of man-in-the-middle attacks)
  • randomize order of results to help load balancing of destinations
  • only send an auth package per lookup request and destination to avoid packet multiplier attacks
  • static linking of libsodium (already done for OpenWrt packages)
  • clean shutdown - freeing all data structures
  • do not return localhost address from kad_lookup_value for requests that originate from to outside
  • may happen when local dnsmasq hands out results
  • evaluate using telehash.org
  • evaluate https://grepular.com/Publishing_PGP_Keys_in_the_DNS

Local Peer Discovery

A KadNode instance that knows no other peer sends a multicast message every 5 minutes to discovery new nodes. The message format is now compatible with the implementatons used in Taransmission and libtorrent. An informal LPD description can be found on the Internet. KadNode pretends to download the Torrent that the other client is downloading in order to be accepted as peer.

Forwarding DNS queries to KadNode on OpenWrt

The DNS forwarder on OpenWrt is dnsmasq. To instruct dnsmasq to use KadNode to resolve all DNS request for the .p2p domain using KadNode, you need to add just one line in /etc/config/dhcp. It is easier to do it on the command line:

uci add_list dhcp.@dnsmasq[0].server='/p2p/::1#5353'
uci commit

KadNode will act as an upstream DNS-Server for the .p2p top level domain. If it does not work it may mean that KadNode tries to connect to the IPv4 localhost address. Change ::1 by 127.0.0.1 in this case.

###Logging When KadNode is started as daemon (in background), the logging output is written to /var/log/syslog.

Clone this wiki locally