IRCaBot 2.1.0
GPLv3 © acetone, 2021-2022
#saltr
/2023/03/19
dr|z3d hi uop23ip
uop23ip hi @dr|z3d, thanks for giving me voice. new to irc :)
dr|z3d welcome, welcome. make yourself at home :)
dr|z3d the first thing you'll want to do is register your nickname. you can do that with /msg nickserv register chooseyourpassword fake@memail.com
dr|z3d when you've done that, let me know and I'll ensure you always have voice in the channel.
dr|z3d if you want to group several nicknames to a single account, /msg nickserv help group
uop23ip_ Thanksbefore i fk up again: I examined a decrease of bw by switching to i2p+ before the main 2.2 release. At first i thought it could be i2p+, but i am testing now the vanilla 2.2 with the config. I got the same bw of 100-200kbs. With vanilla and before 2.2 i got 1-2mbs.
dr|z3d I wouldn't worry too much about bandwidth right now, the network's under attack so the main thing to worry about is how the network performs *for you*
dr|z3d the fact you were seeing 2.2MB/s is more likely a result of those network attacks.
uop23ip_ Why are there different number of fast and high capacity peers i2p to i2p+?
dr|z3d and 2.2.0/2.2.0+ have mitigations to prevent attacks.
dr|z3d that's a good question.
dr|z3d I2P sets lower limits for fast/high cap peers.
uop23ip_ >the fact you were seeing 2.2MB/s is more likely a result of those network attacks. - I thought the same
dr|z3d I2P+ sets higher limits, and also lowers the amount of local tunnels any one router can participate in as a percentage of your tunnels.
dr|z3d those attacks were running at 40MB/s on some routers.
uop23ip_ Is the banning of i2p+ more restrict? i2p has 200 at the moment and with i2p+ a few hours ago, i got 800+.
dr|z3d yes, is the short answer.
dr|z3d there are routers on the network that are hostile. I2P+ bans those.
uop23ip_ So without the measures implemented in 2.2. i actually helped the attacker? :) He needed hops and does not attack with 0/1 hops?
dr|z3d if you look at your banned peer list, you'll see the reason for most bans in I2P+.
dr|z3d there were/are various attacks. all attempt to degrade network performance in one way or another.
uop23ip_ Yes ff without ssu are the most ones
dr|z3d 99% of floodfills with those characteristics are hostile.
uop23ip_ eepsite access is ok for me.
dr|z3d what are you running now? I2P or I2P+ ?
uop23ip_ i2p for a couple of hours
uop23ip_ i will give a little bit more time to see if the banned numbers or the numbers in general evolve
uop23ip_ The tunnel participation graph is not so sinus shaped as in i2p+. More linear
dr|z3d different tolerances regarding potentially abusive peers is probably the reason for that.
dr|z3d in I2P+, if peers request more tunnels than what's considered reasonable, they're effectively told "no more for you right now".
dr|z3d well, that happens in both I2P and I2P+.
dr|z3d if the router carries on requesting tunnels after it's been sent rejections, both I2P and I2P+ will start ignoring the router. I2P+ will then, once the absolute limit for rejected requests has been hit, temp ban the router.
dr|z3d I2P+ is also more selective about the routers it will host tunnels for. slow/unreachable and older than the current release? go elswhere.
uop23ip_ And that's the way how to make a sinus curve. :)
dr|z3d the main thing to check is "does the network perform fast enough? do eepsites load fast?" if those two things appear good, everything is fine.
uop23ip_ @dr|z3d, re:I2P sets lower limits for fast/high cap peers. - Is there a limit of max numbers. I got round numbers like 30/150 for fast/hc
dr|z3d yes, there are soft and hard limits.
dr|z3d I2P sets those much lower than I2P+
dr|z3d I2P+ excludes slower peers (by b/w tier) altogether from the fast/high cap tiers, and also tests for latency and demotes peers that don't respond fast enough.
uop23ip_ loading is ok, torrent i didn't test to see for a high download. Upload seems with 100kbs not so fast as i expected. But besides that, does the transit traffic somewhat indicates what bw is reachable. Like me tunnel-bw is su tunnel bw?
dr|z3d transit traffic doesn't indicate much other than a) the state of the network generally, and b) how favored your router currently is by other routers.
mesh btw I saw the same thing as uop23ip_ and dragonheart: upgrade to saw i2p+ 2.2.0, see a dramatic drop in bandwidth
mesh not sure if good thing or bad thing
dr|z3d to be expected. and of itself not so important right now. the important thing is how the network performs for you, how responsive eepsites are etc.
mesh alright. that's cool. I thought maybe something was off, but yeah I guess it makes sense that bandwidth drops after the ddos attacks stop
dr|z3d no indication the ddos attacks have stopped. but there are more mitigations in 2.2.0 to make them less effective, doubly so in I2P+.
dr|z3d adding the following to /configlogging can give you some indication of what's being suppressed: net.i2p.router.tunnel.pool.ParticipatingThrottler=WARN
dr|z3d in the latest I2P+ build, that will be even noiser as it will ignore requests from older/unreachable routers.
dr|z3d (older+slower or older+unreachable)
mesh that's interesting. Yeah would like to know if and why the router is throttling the participation count
dr|z3d so as the network upgrades, less requests will be ignored.
dr|z3d logging has been enhanced there, so you'll know what the caps and version is of the ignored router.
dr|z3d uop23ip__: please register your nickname. I'm not going to keep manually voicing you every 5 minutes.
uop23ip__ Is it in general better to do a fresh i2p+ install instead of an update from vanilla? Have there been any problems in the past?
dr|z3d better to do a fresh install if you want the optimal out of box experience.
dr|z3d you need to make sure any existing i2p config dir is renamed or deleted, otherwise i2p+ will inherit previous settings.
dr|z3d generally there's no issue cross-grading as long as you installed i2p/i2p+ from the java installer.
uop23ip__ More for comparision, as i will change tommorow again to i2p+ to see any differences. As i said i updated from vanilla with a well established router, maybe that made a difference
uop23ip__ At the moment i have double the bw as with i2p+ from 100-200 to 200-500. Could be the malrouters bw
dr|z3d could be. also remember I2P+ isn't handling requests for older and slower/unreachable routers. so also that.
uop23ip__ Or it is the network. It is changing for sure, with the update etc.
dr|z3d_ there's a possible intersection of abusive/older routers.
dr|z3d_ that too.. quite a few variables.
uop23ip__ Especially those 9.51 routers - the armish of i2p :)
dr|z3d as mentioned, the important thing is overall network responsiveness.
dr|z3d bandwidth usage and transit tunnel count will be tuned in time, but for now, local performance is more important than anything else.
uop23ip__ Seems you looking at a bunch of kids with ultra high dosages of sugar after a 10th birthday party. That bad?
dr|z3d not sure I understand the analogy.
uop23ip__ There has been chaos, but now they calming down and tommorow everything will be good again. - Yeah my analogies ;)
dr|z3d not sure about the calming down part.
dr|z3d I mean, from the perspective of routers, maybe, but from the perspective of the network, not so much.
mesh uop23ip__: both vanilla i2p and i2p+ have this attribute
mesh I've tried both i2p+ 2.2.0 and i2p 2.2.0 and in both cases I see significantly decreased bandwidth in/out and significantly decreased "Tunnels:Participating" count
mesh I've heard this is somewhat intentional (a deliberate attempt to better spread the load, especially for floodfills) and there's internal throttling around participation in particular
uop23ip__ @mesh, with both i can't reach 1-2mbs. But the vanilla has 2x bw as i2p+. particiaption is also higher with 1200 against 6-800 and banned is still 150-200 low
uop23ip__ looking at my banned list, i think the floodfill w/o ssu filter of i2p+ let the banned number rise up to 800. Not 1 entry with floodfills
dr|z3d this conversation is circular. yes, I2P+ does more aggressive blocking and throttling, both of suspect and older/unreachable routers. no, this shouldn't impact your local performance. yes, as more routers upgrade, things will improve. no, I don't want to keep on hearing the same thing repeated in channel :)
mesh uop23ip__: that's sort of the point of i2p+. It's much more particular about who it will build tunnels for
mesh dr|z3d: it's not about local performance. some of us pay money to run servers in the cloud to contribute back to i2p. When stuff like this happens it's a bit off putting to see the server you bought to contribute start giving back much less
mesh anyways it's not a big deal. If this is a deliberate strategy then not much to do but this sort of thing probably should be communicated in release notes otherwise you get lots of people wasting time trying to figure out why the upgrade has led to so much "worse" performance
dr|z3d as mentioned previously, and repeatedly, when more routers upgrade, the effect should lessen. while the network is under attack, my priority is mitigating various attack strategies and ensuring local performance doesn't degrade.
dr|z3d there are no easy fixes, and balancing transit tunnel throughput with local performance is a balancing act.
dr|z3d if you want to help, encourage people to update. that should help the overall health of the network.
dr|z3d approx 2:1 ratio of 0.9.57 to 0.9.58 routers right now.
dr|z3d metrics to pay attention to in i2p+ are the build success percentage score over time, the number of unreachable routers in your netdb vs total count, and the number of L tier routers.
uop23ip__ Are those ff w/o ssu specific to a router version with old ssu or is it specific for the attacker. Just curious, why you banned these 2 attributes. seems so easy
dr|z3d they're attack-router specific.
dr|z3d most normal floodfills have both transports enabled. 99% of them.
dr|z3d as for why floodfills? one of the attacks works by seeding a huge number of floodfills onto the network which don't bother responding to queries.
uop23ip__ To respond they need to have ssu enabled?
dr|z3d floodfills can function on either transport.
dr|z3d hostile floodfills have been observed to only function on NTCP, possibly because they're routing over Tor which prevents UDP.
uop23ip__ They routing over the tor outproxxies? Can't they be ip banned in the netdb or do i not understand how they use tor?
dr|z3d latest I2P+ already bans routers hosted on tor exit node ips.
dr|z3d i2pd allows you to router your traffic over a socks proxy. not a great idea, esp with Tor, but it's possible.
dr|z3d *route
uop23ip__ So they are doing i2p over tor. What number of routers are we talking about? Is tor even made for i2p :)
dr|z3d It's a pre-emptive defense strategy. I don't know how many routers are routing over Tor, but the attacker claims he is. That's sufficient reason to block Tor, aside from the fact that routers using Tor are generally perform pretty poorly, because of the increased hop count and the ongoing DDOS attack on Tor.
mesh Somewhat ironic to have i2p ban tor-hosted nodes but I guess it makes sense
mesh the IP-based regime is sort of a pseudo-identity and trust system. Once that goes out the window it's very easy to launch endless bad nodes and evade bonds
mesh err evade bans
dr|z3d actually, no. i2p works on the basis of zero trust.
mesh I2P probably could implement something like a certificate-based system. Only trust -- or trust more == routers that can present a certificate signed by some CA
mesh dr|z3d: not really. "zero trust" isn't actually a thing in the real world. I2p certainly requires everybody download and trust the i2p codebase and the i2p developers especially with the auto-update mechanism
mesh and the whole outproxy thing
mesh well zero trust does require trust of certs even if you don't trust magical vpns
mesh which was my point. personally I would be a fan of a model where floodfill routers could at least increase their trustiworthiness by getting certs signed by the trust roots which are of course the i2p developers
mesh though anybody could become a trust root
mesh I think such systems of explicit trust are actually more secure than anonymous systems of implicit trust where you just have to sorta hope all the floodfill routers out there aren't secretly run by China
dr|z3d floodfills are profiled, good floodfills are used, bad floodfills are ignored. that's what a zero trust system does, verification.
uop23ip__ Is something like that also possible with/from ygdrassl or is the ip of the router still detectable?
dr|z3d ygg routers only work with i2pd.
mesh dr|z3d: that's the point. you can't ban bad floodfills when their ip means nothing. So you end up banning every router that uses tor.
mesh the actual trust model is based off of ips
mesh which isn't a bad concept of identity for a p2p network but it does impose limitations which could be resolved using an explicit if decentralized trust model
dr|z3d no, that's not the point. the point is that floodfills that are poorly performing will be marked as bad and not used, irrespective of any targeted bans. but targeted bans pre-empt the profiling phase.
mesh yes, that's the point
mesh what you call "zero trust" is just "we identifty routers by ips and if we can't identify your ip reliably we'll ban you preemptively"
mesh or ignore you
mesh this is no different from "we identify routers by certificates and if we don't trust your cert we'll ignore you preemptively"
mesh it's just a question of your trust model defines router identity
mesh anyways there's lots of research to do about profiling metrics. the existence of i2p+ itself proves that everybody has different opinions on which routers and floodfills they actually want to connect with and use for services like floodfill queries and tunnel creation
dr|z3d validation doesn't mean identifying the ip of a router.
mesh one of these days I'd like to actually make this much more pluggable in the codebase. you wouldn't even need a separate i2p+ distribution. just download the i2p vanilla distribution and plugin your profiling and trust model
dr|z3d that's but one part of a multi-layered approach.
mesh this would open the door to some interesting research
dr|z3d first you need to start off with something easier. you know, merge requests.
dr|z3d focus on something you think could be improved, either in i2p or i2p+, or both, then submit an MR, mesh. save the bluesky thinking for later.
dr|z3d discuss any proposed improvements with eyedeekay or me beforehand to avoid wasting time on something that's unlikely to be merged.
mesh is muwire just like napster?
mesh oh muwire is a rewrite of limewire
snowflakes zzz is alive?
dr|z3d yes, zzz is alive.
dr|z3d see eyedeekay's post on i2pforum.i2p
snowflakes dr|z3d, some bird said me...
snowflakes That him did was poisoned by
dr|z3d is bullshit.
snowflakes brain eating-amoeba
snowflakes On religion buullshit
snowflakes And own sexual preferences
snowflakes even if him don't open Bible
dr|z3d don't believe everything you hear, snowflakes, especially anything that comes out of zlatinb's mouth.
snowflakes and don't know that Christianity is a sect
snowflakes some a greek myth is the history
snowflakes and him don't be killed
snowflakes so. is not matter.
snowflakes IDK how is was if true. but zlatinb would go to some doctor
snowflakes <orignal> скажи ему "three doses of moderna"
snowflakes do you have link to this post?
snowflakes The email address you entered is not allowed to be used.
dr|z3d check for the latest posts, there aren't many on the homepage.
dr|z3d use @i2pmail.org if @mail.i2p doesn't work.
dr|z3d welcome back, orignal, you been gone a while :)
snowflakes hq/postman.i2p
orignal plaz told me you are discusssing zzz drama
orignal I joined to add my 5 cents
orignal how about 3 doses of moderna?
snowflakes ЭThe unplanned breakdown lead to minimal loss of email ( 2h incoming mails are missing ).
snowflakes Sorry for the inconvenience and TTYL
snowflakes postman"
dr|z3d moderna won't cut it. whatever you're proposing.
orignal he got sufferred by it
orignal and not able to do the job anymore
snowflakes `12234567930%aA
orignal ofc it was a joke
dr|z3d in the absence of actual verifiable truth, just make up some bullshit, is that the idea, orignal?
dr|z3d of course :)
orignal but seriously I think Java is hijacked by SJW dudes
snowflakes fKDiwu28UD829
orignal as long as they are in power there I don't see any ptential
snowflakes Wanted mailaddress: temporarly123@mail.i2p
snowflakes Wanted password: fKDiwu28UD829
snowflakes Your nickname/handle/fullname: N/A
snowflakes Should your address be listed ?: No
orignal an this is verifiable truth
orignal they keep this dumb Inclusion
orignal that causes so many troubles
orignal Nazi is dumber that I thought
snowflakes by eyedeekay
snowflakes 18 Mar 2023 11:51
snowflakes Forum: Misc
snowflakes Topic: zzz and the state of i2p Java router development
snowflakes Replies: 7
snowflakes Views: 343
snowflakes Re: zzz and the state of i2p Java router development
snowflakes Thanks Igillis, I will get to that this weekend.
snowflakes "We won't be discussing any aspect of zzz's situation out of respect for his right to take his presence private. I will speak generally, zzz isn't arrested, he isn't in danger of being arrested, he isn't dead. I understand why you would feel this is an inadequate explanation, but I simply won't be sa..."
dr|z3d not sure the project's been hijacked, orignal, but there are certainly disparate views represented :)
dr|z3d >>> use @i2pmail.org if @mail.i2p doesn't work.
dr|z3d you mean the statement echelon added a couple of years ago? hard to miss it, given zlatinb's continual ranting about it.
orignal yes, and it indicated that Java-I2P project has been hijacks
orignal hijacked
orignal this is not what people expect from I2P
dr|z3d do I think it's appropriate for a project site? not really, seems more like virtue signaling than anything else to me, but what do I know?
orignal and gradpa did nothing with it claiming that he was "an ordinaridy developer"
dr|z3d notwithstanding, that's echelon's statement to own. he speaks for himself, not the entire project.
orignal I think this crap must be removed immediately
dr|z3d zzz prefers to delegate responsibility and just focus on code. you must know that.
orignal if they want to resolves current cirsis
orignal yes he focuses on code and then "got fired"
orignal as old whoite straight man
orignal if you don't want to manage the project don't be surprised when you get fired
XANA dr|z3d, do you happen to know what happened with zzz.i2p I'm unable to reach them from some time
XANA so zzz is all gone?
eyedeekay far as anybody knows
XANA so where all people moved?
eyedeekay i2pforum.i2p is the new space, we're ironing out a few UX issues with signup and session timeouts still but it should be usable now, and improved soon
XANA Your account has been created. However, this board requires account activation by the administrator group. An email has been sent to them and you will be informed when your account has been activated.
XANA hope they accept mail.i2p mails
eyedeekay That would be the UX issue, PM me your account name and I'll bug the admin
XANA same as here
XANA soo snark will not get more updates?
eyedeekay snark, snark-rpc, and snark-standalone will all live on
eyedeekay I'm not likely to start with Snark right now, not without ideas from the community, my immediate plans mostly have to do with susimail
orignal zzz.i2p is gone for good
orignal i2pforum.i2p is very nice place
orignal 1. Nazi has deleted my account there altough I had it there before
orignal 2. No i2pd in 3rd party apps section
orignal eyedeekay I'm sorry but it's bad idea to have dev forum run by echelon
orignal he has too bad reputation in the communitinty
orignal please run you own forum when you have time
orignal similar to zzz.i2p
orignal either eldorado or somethign modern lika flaskbb. you can ask polistern what she uses
eyedeekay I'll probably pick something a little more modern i.e. flaskbb but I've not had time to get one of my own up yet
orignal it sould be you priority #1
orignal don't send people to echelon
orignal you can lose all remaning support this way
orignal people need to go to you not to him
eyedeekay Well ultimately I am the one who decides what gets included in the release right now, they need to come to me anyway
eyedeekay I have this thing: 2v3k4se76fqomfd2x6xun5xsunl2bf6ekytg76by544dsjhzwsqq.b32.i2p it almost works but not quite yet
dr|z3d oh no, eyedeekay, oh no.
orignal no, sir. you are a replacement of zzz now
dr|z3d whatever that link is, it's definitely not a forum :)
orignal and must demonstrate clearly that nothing has changed since zzz's departure
orignal eyedeekay why https?
eyedeekay Because I could
eyedeekay It's not going to take over as the dev forum, don't worry
orignal https is i2p is mauvetone
dr|z3d a little better presentationally than eyedeekay's forum, but still a bit rudimentary looking, orignal. and no, for some reason I thought i2pd was sending pongs fine.
orignal anywhay you need a forum asap
orignal if you need help with eldorado let me know
orignal dr|z3d I thought to untils polistern found out it didn't
eyedeekay I might ping you about it but if I can find something with a docker-compose file I'll probably use that
orignal she tried to implemnent pings through BOB
orignal I run one on regualer VPS without docker
orignal as you know 333.i2p was intended as a parody to zzz.i2p
orignal same emgine and same name )))
eyedeekay purplebote.i2p/about is apparently vpub-plus
orignal probaby I know she is playing with different engines
orignal oh no, please. No phpbb
eyedeekay bitnami's still a thing? I'll look into that
orignal slow and acients looking ))
dr|z3d doesn't have to be ancient looking. looks positively modern in its default skin compared to eldorado.
eyedeekay Might be a winner
orignal no guys you have missed the main feaute of zzz.i2p
orignal recent topic on the main page
dr|z3d I've had some experience skinning simplemachines, it's pretty straight forward.
orignal topics
orignal that phpbb doesn't have
orignal flarum has it but it uses javascript
dr|z3d flarum doesn't work without js, sadly.
dr|z3d categories and topics up your wazoo, orignal.
orignal last active topics
orignal like on zzz.i2p
dr|z3d check the bottom of the front page of that form link.
dr|z3d "Recent posts" more or less does what you want.