How to use NS to connect DarkNet and don't overkill NS in the same time


(Zimny) #1

Hi folks,

This “How To” is about get access to the one of common DarkNet (https://geti2p.net) protocols and not overload your NS (NS performance and system requirments)which is distributed on CentOS but without any kernel tuning.
I’m shearing this because maybe some of you like to have I2P router over the world and access this protocol.
I also don’t like Vim to much so I will edit with Nano. I will install Monitorix (https://www.monitorix.org/) just to get full picture how our router is doing.
CentOS don’t have actually net-tools in minimal.iso so we will install this also just to have netstat in Monitorix.
I will go in short so just steps to do and nothing more :slight_smile:
You will have after all of this I2P router,and Monitorix on your local LAN and not overkilled your NS. Just you need forward ports to your I2P from NS.
Let’s be professional in this new net -> DarkNet users so I recommend that you install IPS module from NS so you can track/block what you don’t like. (just don’t be mad about policies because you can kill your NS box and don’t get accurate data. Use “SCAN” policy for start. You will see how honest and clean DarkNet is and you not overload your NS server).

OK.
Let’s start do it.

Environment - VM
==============
I recommend don’t do it on your local machine.
Let’s do it in VM box because this is just router to I2P and this manual will work for both local and VM installation but my recommendation is don’t do it locally.
In this days we can have virtualised host for cheap so here we will do that on the VM which is connected to Your LAN and behind your NS gateway.

I2P box <- VM box you can do it from your WebVirtMgr which is not supported by NS any more but this is because development die there. You can still tune your NS with this -> https://github.com/retspen/webvirtcloud
==============
1 core
1G Ram
256M boot
512M swap - just in case how much you planning be active in DarkNet. If just for browsing or email you can ignore it.
3G disc
==============
yum update
yum install nano wget java-1.8.0-openjdk https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm net-tools
yum install monitorix
systemctl enable monitorix
systemctl start monitorix
nano /etc/monitorix/monitorix.conf
==============
# Monitorix - configuration file
#
# See monitorix.conf(5) manpage for a detailed description of each option.
#

title = i2p router <- name it so is the name in your browser
hostname = i2p.yourlocaldomain.local <- do it if you have local DNS / just handy to quickly access the statistics
==============
systemctl disable firewalld <- just do it if you are in your LAN and forward tcp/udp port designed for your I2P router
Let’s tune a bit our VM box
==============
sudo nano /etc/sysctl.conf
vm.swappiness = 10
vm.vfs_cache_pressure = 50
Install your cert just to not login over ssh plain text (but we are still in LAN of course :-) )
==============
mkdir .ssh
chmod 700 .ssh
nano .ssh/authorized_keys -> your generated id_rsa.pub copy and paste here
chmod 600 .ssh/authorized_keys
==============
wget (java version you prefer but read this -> https://geti2p.net/en/download)
export JAVA_HOME=/usr/lib/jvm/your download/jre 
java -jar i2p.jar -console
==============
edit -> /root/.i2p/clients.config (Let’s do this router accessible from any client on your LAN this is why I’m root in this manual and keep it clean. This is just our gateway for your browser nothing more.)
change -> clientApp.0.args=7657 0.0.0.0 ./webapps/
edit -> nano i2prouter <- you like to be root
ALLOW_ROOT=true
reboot <- I prefer this after all my installations.
sh i2prouter start (of course you are in the same directory)
======================
Welcome in DarkNet without going mad about performance for both networks.
You will not overkill NS gateway and you will have I2P network working.
If you planning torrents, etc through this gateway you are just another scriptkido in my opinion.
Any question will be answered :-)
i2prouter tuning 
======================
bandwidth - 200 IN/OUT ;50% sharing <- my recommendations on start/ you need to know who is your privilege clearnet/darknet

I will implemented emby server also anyone like to have “How To” about it because if not then I do not keep going with this section of NS.

Sorry for this bold but I just copy and paste


(Zimny) #2

Not very familiar with this soft forum so if any one can edit in not bold then you are welcome. I just done this in my text editor.


(Davide Principi) #3

I’m not familiar with DarkNet, but I can help to format the post :wink:

What is DarkNet? What’s its purpose?
Why NethServer is overkilled if it’s connected to DarkNet?


(Zimny) #4

Hi,

We have few protocols around (https://en.wikipedia.org/wiki/Darknet). I2P is probably most developed about anonymity.
I got issues with NS when use it like a gate when the I2P router is in LAN and no documentation on this.
Basically I overload NS routing table in no more then 5 min. when use it like a gate for I2P router.
This is not just NS this is CentOS default setup (NS performance and system requirments)
But of course we need consider NS like a “all in one” solution so no focus on some usability.
Only all futures are “on” but without focus on performance.
I open this thread (NS performance and system requirments) to indicate that NS is a distro which can be use for special purpose only but then need be tuneup and documented.

Thank you for make it more readable in the same time. I was just using simple text editor and then past and copy text to your community.
BTW few years ago I helped my friend with his forum software :slight_smile:
Formatting sometimes can be a huge mess.


(Davide Principi) #5

ahm, please always consider this community our community!

Thanks for clarifying :slight_smile:


(Michael Träumner) #6

Here are some Infos about the forum and how to format your posts.


(Rob Bosch) #7

Just a quick question: Why I2P and not a more known variant like TOR?
To be honest I have mixed feelings with actively supporting anonimizing networks. Yes, they are very useful to bypass censorship by suppressing governments and give options without fearing getting arrested for just voicing an opinion.
On the other hand, these services also are known for illegal things like weapons and drugs trade, human trafficking and several other things. All things that I think are immoral to support.


(Zimny) #8

I published this in NS because in the same time got here performance issue. Like I said not because of bug or something just default CentOS setup.
If anyone get this scenario then can use this manual to don’t be confused where is the network performance gap.
Tor is completely different from I2P. And this is unfair to discribe this kind of development like an “better don’t touch”
You will never have alternatives like crypto currencies if you like to still think that what you have on your account is worth in gold also. I think that was the idea of Rockefeller family with all this banking :slight_smile:
Also this type of network implementation can be open door for publishing important information if you believe that we don’t have any censorship around