merge bitcoin#24555: create initial doc/cjdns.md for CJDNS how-to documentation

This commit is contained in:
Kittywhiskers Van Gogh 2024-05-21 08:37:29 +00:00
parent 554bd24186
commit c736ebf566
No known key found for this signature in database
GPG Key ID: 30CD0C065E5C4AAD
3 changed files with 107 additions and 9 deletions

95
doc/cjdns.md Normal file
View File

@ -0,0 +1,95 @@
# CJDNS support in Dash Core
It is possible to run Dash Core over CJDNS, an encrypted IPv6 network that
uses public-key cryptography for address allocation and a distributed hash table
for routing.
## What is CJDNS?
CJDNS is like a distributed, shared VPN with multiple entry points where every
participant can reach any other participant. All participants use addresses from
the `fc00::/8` network (reserved IPv6 range). Installation and configuration is
done outside of Dash Core, similarly to a VPN (either in the host/OS or on
the network router).
Compared to IPv4/IPv6, CJDNS provides end-to-end encryption and protects nodes
from traffic analysis and filtering.
Used with Tor and I2P, CJDNS is a complementary option that can enhance network
redundancy and robustness for both the Dash network and individual nodes.
Each network has different characteristics. For instance, Tor is widely used but
somewhat centralized. I2P connections have a source address and I2P is slow.
CJDNS is fast but does not hide the sender and the recipient from intermediate
routers.
## Installing CJDNS and connecting to the network
To install and set up CJDNS, follow the instructions at
https://github.com/cjdelisle/cjdns#cjdns.
Don't skip steps
["2. Find a friend"](https://github.com/cjdelisle/cjdns#2-find-a-friend) and
["3. Connect your node to your friend's
node"](https://github.com/cjdelisle/cjdns#3-connect-your-node-to-your-friends-node).
You need to be connected to the CJDNS network before it will work with your
Dash Core node.
Typically, CJDNS might be launched from its directory with
`sudo ./cjdroute < cjdroute.conf` and it sheds permissions after setting up the
[TUN](https://en.wikipedia.org/wiki/TUN/TAP) interface. You may also [launch it as an
unprivileged user](https://github.com/cjdelisle/cjdns/blob/master/doc/non-root-user.md)
with some additional setup.
The network connection can be checked by running `./tools/peerStats` from the
CJDNS directory.
## Run Dash Core with CJDNS
Once you are connected to the CJDNS network, the following Dash Core
configuration option makes CJDNS peers automatically reachable:
```
-cjdnsreachable
```
When enabled, this option tells Dash Core that it is running in an
environment where a connection to an `fc00::/8` address will be to the CJDNS
network instead of to an [RFC4193](https://datatracker.ietf.org/doc/html/rfc4193)
IPv6 local network. This helps Dash Core perform better address management:
- Your node can consider incoming `fc00::/8` connections to be from the CJDNS
network rather than from an IPv6 private one.
- If one of your node's local addresses is `fc00::/8`, then it can choose to
gossip that address to peers.
## Additional configuration options related to CJDNS
```
-onlynet=cjdns
```
Make automatic outbound connections only to CJDNS addresses. Inbound and manual
connections are not affected by this option. It can be specified multiple times
to allow multiple networks, e.g. onlynet=cjdns, onlynet=i2p, onlynet=onion.
CJDNS support was added to Dash Core in version 21.0 and there may be fewer
CJDNS peers than Tor or IP ones. You can use `dash-cli -addrinfo` to see the
number of CJDNS addresses known to your node.
In general, a node can be run with both an onion service and CJDNS (or any/all
of IPv4/IPv6/onion/I2P/CJDNS), which can provide a potential fallback if one of
the networks has issues. There are a number of ways to configure this; see
[doc/tor.md](https://github.com/dashpay/dash/blob/master/doc/tor.md) for
details.
## CJDNS-related information in Dash Core
There are several ways to see your CJDNS address in Dash Core:
- in the "Local addresses" output of CLI `-netinfo`
- in the "localaddresses" output of RPC `getnetworkinfo`
To see which CJDNS peers your node is connected to, use `dash-cli -netinfo 4`
or the `getpeerinfo` RPC (i.e. `dash-cli getpeerinfo`).
To see which CJDNS addresses your node knows, use the `getnodeaddresses 0 cjdns`
RPC.

View File

@ -73,8 +73,8 @@ phase when syncing up a new node can be very slow. This phase can be sped up by
using other networks, for instance `onlynet=onion`, at the same time. using other networks, for instance `onlynet=onion`, at the same time.
In general, a node can be run with both onion and I2P hidden services (or In general, a node can be run with both onion and I2P hidden services (or
any/all of IPv4/IPv6/onion/I2P), which can provide a potential fallback if one any/all of IPv4/IPv6/onion/I2P/CJDNS), which can provide a potential fallback if
of the networks has issues. one of the networks has issues.
## Persistent vs transient I2P addresses ## Persistent vs transient I2P addresses
@ -102,9 +102,9 @@ listening should only be turned off if really needed.
There are several ways to see your I2P address in Dash Core if accepting There are several ways to see your I2P address in Dash Core if accepting
incoming I2P connections (`-i2pacceptincoming`): incoming I2P connections (`-i2pacceptincoming`):
- in the debug log (grep for `AddLocal`, the I2P address ends in `.b32.i2p`) - in the "Local addresses" output of CLI `-netinfo`
- in the output of the `getnetworkinfo` RPC in the "localaddresses" section - in the "localaddresses" output of RPC `getnetworkinfo`
- in the output of `dash-cli -netinfo` peer connections dashboard - in the debug log (grep for `AddLocal`; the I2P address ends in `.b32.i2p`)
To see which I2P peers your node is connected to, use `dash-cli -netinfo 4` To see which I2P peers your node is connected to, use `dash-cli -netinfo 4`
or the `getpeerinfo` RPC (e.g. `dash-cli getpeerinfo`). or the `getpeerinfo` RPC (e.g. `dash-cli getpeerinfo`).

View File

@ -11,9 +11,9 @@ for how to properly configure Tor.
## How to see information about your Tor configuration via Dash Core ## How to see information about your Tor configuration via Dash Core
There are several ways to see your local onion address in Dash Core: There are several ways to see your local onion address in Dash Core:
- in the debug log (grep for "tor:" or "AddLocal") - in the "Local addresses" output of CLI `-netinfo`
- in the output of RPC `getnetworkinfo` in the "localaddresses" section - in the "localaddresses" output of RPC `getnetworkinfo`
- in the output of the CLI `-netinfo` peer connections dashboard - in the debug log (grep for "AddLocal"; the Tor address ends in `.onion`)
You may set the `-debug=tor` config logging option to have additional You may set the `-debug=tor` config logging option to have additional
information in the debug log about your Tor configuration. information in the debug log about your Tor configuration.
@ -22,6 +22,9 @@ CLI `-addrinfo` returns the number of addresses known to your node per
network. This can be useful to see how many onion peers your node knows, network. This can be useful to see how many onion peers your node knows,
e.g. for `-onlynet=onion`. e.g. for `-onlynet=onion`.
To fetch a number of onion addresses that your node knows, for example seven
addresses, use the `getnodeaddresses 7 onion` RPC.
## 1. Run Dash Core behind a Tor proxy ## 1. Run Dash Core behind a Tor proxy
The first step is running Dash Core behind a Tor proxy. This will already anonymize all The first step is running Dash Core behind a Tor proxy. This will already anonymize all
@ -51,7 +54,7 @@ outgoing connections, but more is possible.
-onlynet=onion Make automatic outbound connections only to .onion addresses. -onlynet=onion Make automatic outbound connections only to .onion addresses.
Inbound and manual connections are not affected by this option. Inbound and manual connections are not affected by this option.
It can be specified multiple times to allow multiple networks, It can be specified multiple times to allow multiple networks,
e.g. onlynet=onion, onlynet=i2p. e.g. onlynet=onion, onlynet=i2p, onlynet=cjdns.
An example how to start the client if the Tor proxy is running on local host on An example how to start the client if the Tor proxy is running on local host on
port 9050 and only allows .onion nodes to connect: port 9050 and only allows .onion nodes to connect: