Tunnel creation rate fail to about 7 - 10%, why?

[Nokia808]

Hi. Always when I launch i2pd, tunnel creation rate started 100% or 90% but after 1 minute it decreased to about only 10% or even just 7%. It may raise to 24% but never stabilized at higher rate! Why? This happened even if Internet speed is excellent! Is there some thing can I do to improve this situation?

[orignal]

Network status: OK Tunnel creation success rate: 56%

[Nokia808]

[orignal]

Wait for few hours. Since your transit is so low it means that the network doesn't know you well

[Nokia808]

@orignal I launched i2pd & use it for about 2 hrs, then leave it launched over night & finally - at morning - browsed i2p sites for further 1 hrs, but at end tunnel creation success rate is just 14% & transit still low !!! What it could be the cause ? What van I do further to solve this ?

[orignal]

Probably, your NTCP2 port is not accessible from outside fort whatever reason.

[Asherathe]

Mine also maxes out at about 8-12%, even after days of running. I manually selected a port and opened it on the firewall, so not sure why. I'm running the flatpak version on Peppermint 10, and wondering if permissions need to be changed.

[Nokia808]

@orignal I'm also using flatpak version on my Fedora Linux 64 bit Cinnamon edition. Kindly to install flatpak version from FlatHub & examine this issue on it to see if it is a flatpak specific or not.

[orignal]

https://github.com/PurpleI2P/i2pd/commit/1f6be38145911ef72901eb7bdc4cee881bd33ea1 should fix it

[Nokia808]

@orignal Thank you for your hard efforts ! However, I have to wait next flatpak release to test this fix if work or not.

[Nokia808]

@orignal Hi. I updated my flatpak i2pd to last version 2.35.0 but issue is still existing without any improvement though my Internet speed fast & very good (download speed on clear net 3.8 MB/sec) !

Kindly, examine this issue on flatpak package. I feel it is flatpak specific ....

[r4sas]

Delete your old netDb and router.info/router.keys from i2pd datadir

[Nokia808]

@r4sas I did what you command me to do & deleted them. No thing changed regarding this issue at all ! I tried 2 times. The 1st one, the creation crate was 62% then (10 seconds later) failed to 10% then started to increase gradually & reach to max of 20% after about 10 minutes usage & continue so for about 1/3 hr then fail to 18% & remain 18% after 4 hrs ! I tried 2nd trial & started at 100% then (only 10 seconds later) failed to 14% then after 3 hrs was just at 16% !

However, there is change with other point: previously I was unable to use false.i2p outproxy. But now I'm able to use it & browse clear net okay through false.i2p So, false.i2p was not overloaded but there was an internal error corrected when I deleted what you asked to delete !!

Kindly, re-examine this issue to see what you can do further. I feel that much of power of i2pd currently not available with flatpak package ......

[Asherathe]

I'm still testing the most recent flatpak. After deleting the recommended files and i2pd.conf, I was getting around 21%, which is an improvement. But, after enabling ipv6 and uPnP and restarting from within the gui, I'm down to 0% after 11 hours running. My firewall doesn't show anything being blocked, but NetDB is creating errors that it's unable to publish RouterInfo.

Edit: NetworkManager-wait-online.service had silently failed, and needed to be restarted. I'm now getting around 21% with ipv6 enabled, after about 45 minutes of being connected.

[nonlin-lin-chaos-order-etc-etal]

I am installing 35 flatpak to test it myself. And i2pd_qt I use (the app which is the center of flatpak's i2pd) also shows "Tunnel creation success rate: 15%"

[nonlin-lin-chaos-order-etc-etal]

Transit: 62.52 MiB (0.00 KiB/s)

[nonlin-lin-chaos-order-etc-etal]

One exception to the above. One way to empower the flatpak and i2pd_qt abilities is to create a new stream of money or any cryptocurrencies or virtual money into me so that I could devote more time to development of it. Purposeful money. Currently I do it with no monetary support.

You can help.

@Nokia808 if you want you could try to hire me to extend flatpak's i2pd; my current pay rate is 19 USD/hour; I accept any money, cryptomoney or virtualmoney. Otherwise I will search for other opportunities for 19$/hr.

However the issue's tag [1] is to be with libi2pd and i2pd kernel most probably; and is not the flatpak's i2pd_qt's issue.

[1] Tunnel creation rate fall to about 7 - 10%

[r4sas]

I can say that this is network issue.

@Nokia808 please test with Java I2P first.

[Nokia808]

@r4sas I do not install external packages on my system apart from signed AppImages on very rare occasions. But I do not agree with you because I'm currently using the fastest Internet speed available for public in Iraq & I tested the issue at morning when download speed is 4 MB/sec. Even at this fast speed, false.i2p was not working before I deleted the folders & files that you suggested on me to delete. Just after deleting them I was able to use outproxy http .....

[r4sas]

@Nokia808 I'm currently speak not about your connectivity speed, but about your outside reachability. As you know, some "good" companies (sites, hosting providers, etc) reject requests from some networks due to regulations (I think you know what I mean). That's why I asking you to check what will happen with Java I2P. That would help us understand that problem is really in i2pd.

And yes, need more logs... with error level at least.

[Nokia808]

@r4sas 1) VPN allowed without problem, 2) connection to Tor (from within Tor browser & system Tor bundle) are allowed & no need to use Tor bridges, 3) Retroshare working well, 4) Jami working well, 5) Tox clients like qTox working without problem, 6) DNS Over TLS to encrypt DNS on Android devices working without problem .....

With ALL these anonymous applications & networks working, it is very very very very unlikely what you suspect ! Moreover, not I'm only suffering from this problem, but other persons - outside my country - also suffer from same issue & commented here confirming the defect.

[r4sas]

Anyway, logs are preferred way to understand.

[nonlin-lin-chaos-order-etc-etal]

@r4sas we could dig on my machine, I have the same:

Uptime: 1 days, 10 hours, 31 min, 0 seconds
Network status: OK
Tunnel creation success rate: 15%

[it was somewhat old version of i2pd]

[nonlin-lin-chaos-order-etc-etal]

@r4sas on java i2p, how do i know "Tunnel creation success rate"?

[nonlin-lin-chaos-order-etc-etal]

Today i am running trunk:

Uptime: 1 days, 5 hours, 14 min, 21 seconds
Network status: OK
Tunnel creation success rate: 29%

[Nokia808]

I changed ISP to other company with faster speed & same issue still happening !

[r4sas]

No logs - no help.

[Nokia808]

@r4sas Does the log will reveal sensitive data ? Does it will disclose confidential information that should not be displayed for other ?

How can I obtain the log ?

[Nokia808]

@r4sas I launched i2pd & after established connection I click on "Log" section from within GUI. I saw the following:

Initialising the daemon...

Nothing else as long as browser not used. But when start browsing, I saw the following:

1) when visiting http://hq.postman.i2p/

Initialising the daemon... 16:58:30@xxx/error - Garlic: can't handle ECIES-X25519-AEAD-Ratchet message 16:58:30@xxx/error - Garlic: can't handle ECIES-X25519-AEAD-Ratchet message 16:58:32@xxx/error - I2PTunnel: read error: End of file 16:58:32@xxx/error - I2PTunnel: write error: Bad file descriptor

2) when visited http://web.telegram.i2p/ log became as following:

Initialising the daemon... 16:58:30@xxx/error - Garlic: can't handle ECIES-X25519-AEAD-Ratchet message 16:58:30@xxx/error - Garlic: can't handle ECIES-X25519-AEAD-Ratchet message 16:58:32@xxx/error - I2PTunnel: read error: End of file 16:58:32@xxx/error - I2PTunnel: write error: Bad file descriptor 17:01:03@xxx/error - I2PTunnel: read error: End of file 17:01:08@xxx/error - I2PTunnel: read error: End of file 17:01:10@xxx/error - I2PTunnel: read error: End of file 17:01:10@xxx/error - I2PTunnel: read error: End of file 17:01:27@xxx/error - I2PTunnel: read error: End of file 17:01:31@xxx/error - I2PTunnel: read error: End of file 17:01:32@xxx/error - I2PTunnel: read error: End of file 17:01:33@xxx/error - I2PTunnel: read error: End of file 17:01:34@xxx/error - I2PTunnel: read error: End of file 17:01:34@xxx/error - I2PTunnel: read error: End of file 17:01:34@xxx/error - I2PTunnel: read error: End of file 17:01:35@xxx/error - I2PTunnel: read error: End of file 17:01:35@xxx/error - I2PTunnel: read error: End of file 17:01:35@xxx/error - I2PTunnel: read error: End of file 17:01:36@xxx/error - I2PTunnel: read error: End of file 17:01:36@xxx/error - I2PTunnel: read error: End of file 17:01:37@xxx/error - I2PTunnel: read error: End of file 17:01:37@xxx/error - I2PTunnel: read error: End of file 17:01:38@xxx/error - I2PTunnel: read error: End of file 17:01:38@xxx/error - I2PTunnel: read error: End of file 17:01:38@xxx/error - I2PTunnel: read error: End of file 17:01:39@xxx/error - I2PTunnel: read error: End of file 17:01:39@xxx/error - I2PTunnel: read error: End of file 17:01:42@xxx/error - I2PTunnel: read error: End of file 17:01:44@xxx/error - I2PTunnel: read error: End of file 17:01:46@xxx/error - I2PTunnel: read error: End of file 17:01:50@xxx/error - I2PTunnel: read error: End of file 17:01:51@xxx/error - I2PTunnel: read error: End of file 17:02:10@xxx/error - I2PTunnel: read error: End of file 17:02:41@xxx/error - I2PTunnel: read error: End of file

3) when visited http://identiguy.i2p/ log became as following:

Initialising the daemon... 16:58:30@xxx/error - Garlic: can't handle ECIES-X25519-AEAD-Ratchet message 16:58:30@xxx/error - Garlic: can't handle ECIES-X25519-AEAD-Ratchet message 16:58:32@xxx/error - I2PTunnel: read error: End of file 16:58:32@xxx/error - I2PTunnel: write error: Bad file descriptor 17:01:03@xxx/error - I2PTunnel: read error: End of file 17:01:08@xxx/error - I2PTunnel: read error: End of file 17:01:10@xxx/error - I2PTunnel: read error: End of file 17:01:10@xxx/error - I2PTunnel: read error: End of file 17:01:27@xxx/error - I2PTunnel: read error: End of file 17:01:31@xxx/error - I2PTunnel: read error: End of file 17:01:32@xxx/error - I2PTunnel: read error: End of file 17:01:33@xxx/error - I2PTunnel: read error: End of file 17:01:34@xxx/error - I2PTunnel: read error: End of file 17:01:34@xxx/error - I2PTunnel: read error: End of file 17:01:34@xxx/error - I2PTunnel: read error: End of file 17:01:35@xxx/error - I2PTunnel: read error: End of file 17:01:35@xxx/error - I2PTunnel: read error: End of file 17:01:35@xxx/error - I2PTunnel: read error: End of file 17:01:36@xxx/error - I2PTunnel: read error: End of file 17:01:36@xxx/error - I2PTunnel: read error: End of file 17:01:37@xxx/error - I2PTunnel: read error: End of file 17:01:37@xxx/error - I2PTunnel: read error: End of file 17:01:38@xxx/error - I2PTunnel: read error: End of file 17:01:38@xxx/error - I2PTunnel: read error: End of file 17:01:38@xxx/error - I2PTunnel: read error: End of file 17:01:39@xxx/error - I2PTunnel: read error: End of file 17:01:39@xxx/error - I2PTunnel: read error: End of file 17:01:42@xxx/error - I2PTunnel: read error: End of file 17:01:44@xxx/error - I2PTunnel: read error: End of file 17:01:46@xxx/error - I2PTunnel: read error: End of file 17:01:50@xxx/error - I2PTunnel: read error: End of file 17:01:51@xxx/error - I2PTunnel: read error: End of file 17:02:10@xxx/error - I2PTunnel: read error: End of file 17:02:41@xxx/error - I2PTunnel: read error: End of file 17:06:36@xxx/error - Garlic: can't handle ECIES-X25519-AEAD-Ratchet message 17:06:36@xxx/error - Garlic: can't handle ECIES-X25519-AEAD-Ratchet message

ALL the above 3 sites are appeared to me okay in browser.

4) when I visited cs.i2p the site (a VPN site) never opened to me in browser ! Log became as following:

Initialising the daemon... 16:58:30@xxx/error - Garlic: can't handle ECIES-X25519-AEAD-Ratchet message 16:58:30@xxx/error - Garlic: can't handle ECIES-X25519-AEAD-Ratchet message 16:58:32@xxx/error - I2PTunnel: read error: End of file 16:58:32@xxx/error - I2PTunnel: write error: Bad file descriptor 17:01:03@xxx/error - I2PTunnel: read error: End of file 17:01:08@xxx/error - I2PTunnel: read error: End of file 17:01:10@xxx/error - I2PTunnel: read error: End of file 17:01:10@xxx/error - I2PTunnel: read error: End of file 17:01:27@xxx/error - I2PTunnel: read error: End of file 17:01:31@xxx/error - I2PTunnel: read error: End of file 17:01:32@xxx/error - I2PTunnel: read error: End of file 17:01:33@xxx/error - I2PTunnel: read error: End of file 17:01:34@xxx/error - I2PTunnel: read error: End of file 17:01:34@xxx/error - I2PTunnel: read error: End of file 17:01:34@xxx/error - I2PTunnel: read error: End of file 17:01:35@xxx/error - I2PTunnel: read error: End of file 17:01:35@xxx/error - I2PTunnel: read error: End of file 17:01:35@xxx/error - I2PTunnel: read error: End of file 17:01:36@xxx/error - I2PTunnel: read error: End of file 17:01:36@xxx/error - I2PTunnel: read error: End of file 17:01:37@xxx/error - I2PTunnel: read error: End of file 17:01:37@xxx/error - I2PTunnel: read error: End of file 17:01:38@xxx/error - I2PTunnel: read error: End of file 17:01:38@xxx/error - I2PTunnel: read error: End of file 17:01:38@xxx/error - I2PTunnel: read error: End of file 17:01:39@xxx/error - I2PTunnel: read error: End of file 17:01:39@xxx/error - I2PTunnel: read error: End of file 17:01:42@xxx/error - I2PTunnel: read error: End of file 17:01:44@xxx/error - I2PTunnel: read error: End of file 17:01:46@xxx/error - I2PTunnel: read error: End of file 17:01:50@xxx/error - I2PTunnel: read error: End of file 17:01:51@xxx/error - I2PTunnel: read error: End of file 17:02:10@xxx/error - I2PTunnel: read error: End of file 17:02:41@xxx/error - I2PTunnel: read error: End of file 17:06:36@xxx/error - Garlic: can't handle ECIES-X25519-AEAD-Ratchet message 17:06:36@xxx/error - Garlic: can't handle ECIES-X25519-AEAD-Ratchet message 17:12:28@xxx/error - ElGamal decrypt hash doesn't match 17:12:28@xxx/error - Garlic: can't handle ECIES-X25519-AEAD-Ratchet message 17:12:28@xxx/error - ElGamal decrypt hash doesn't match 17:12:28@xxx/error - Garlic: can't handle ECIES-X25519-AEAD-Ratchet message 17:12:28@xxx/error - ElGamal decrypt hash doesn't match 17:12:28@xxx/error - Garlic: can't handle ECIES-X25519-AEAD-Ratchet message 17:12:28@xxx/error - ElGamal decrypt hash doesn't match 17:12:28@xxx/error - Garlic: can't handle ECIES-X25519-AEAD-Ratchet message 17:12:28@xxx/error - ElGamal decrypt hash doesn't match 17:12:28@xxx/error - Garlic: can't handle ECIES-X25519-AEAD-Ratchet message 17:12:28@xxx/error - ElGamal decrypt hash doesn't match 17:12:28@xxx/error - Garlic: can't handle ECIES-X25519-AEAD-Ratchet message 17:12:37@xxx/error - ElGamal decrypt hash doesn't match 17:12:37@xxx/error - Garlic: can't handle ECIES-X25519-AEAD-Ratchet message 17:12:37@xxx/error - ElGamal decrypt hash doesn't match 17:12:37@xxx/error - Garlic: can't handle ECIES-X25519-AEAD-Ratchet message 17:12:37@xxx/error - ElGamal decrypt hash doesn't match 17:12:37@xxx/error - Garlic: can't handle ECIES-X25519-AEAD-Ratchet message 17:12:37@xxx/error - ElGamal decrypt hash doesn't match 17:12:37@xxx/error - Garlic: can't handle ECIES-X25519-AEAD-Ratchet message 17:12:37@xxx/error - ElGamal decrypt hash doesn't match 17:12:37@xxx/error - Garlic: can't handle ECIES-X25519-AEAD-Ratchet message 17:12:55@xxx/error - ElGamal decrypt hash doesn't match 17:12:55@xxx/error - Garlic: can't handle ECIES-X25519-AEAD-Ratchet message 17:13:04@xxx/error - ElGamal decrypt hash doesn't match 17:13:04@xxx/error - Garlic: can't handle ECIES-X25519-AEAD-Ratchet message 17:13:13@xxx/error - ElGamal decrypt hash doesn't match 17:13:13@xxx/error - Garlic: can't handle ECIES-X25519-AEAD-Ratchet message 17:13:13@xxx/error - ElGamal decrypt hash doesn't match 17:13:13@xxx/error - Garlic: can't handle ECIES-X25519-AEAD-Ratchet message 17:13:13@xxx/error - ElGamal decrypt hash doesn't match 17:13:13@xxx/error - Garlic: can't handle ECIES-X25519-AEAD-Ratchet message 17:13:14@xxx/error - ElGamal decrypt hash doesn't match 17:13:14@xxx/error - Garlic: can't handle ECIES-X25519-AEAD-Ratchet message 17:13:22@xxx/error - ElGamal decrypt hash doesn't match 17:13:22@xxx/error - Garlic: can't handle ECIES-X25519-AEAD-Ratchet message 17:13:29@xxx/error - ElGamal decrypt hash doesn't match 17:13:29@xxx/error - Garlic: can't handle ECIES-X25519-AEAD-Ratchet message 17:13:58@xxx/error - ElGamal decrypt hash doesn't match 17:13:58@xxx/error - Garlic: can't handle ECIES-X25519-AEAD-Ratchet message 17:13:58@xxx/error - ElGamal decrypt hash doesn't match 17:13:58@xxx/error - Garlic: can't handle ECIES-X25519-AEAD-Ratchet message 17:13:58@xxx/error - ElGamal decrypt hash doesn't match 17:13:58@xxx/error - Garlic: can't handle ECIES-X25519-AEAD-Ratchet message 17:13:59@xxx/error - ElGamal decrypt hash doesn't match 17:13:59@xxx/error - Garlic: can't handle ECIES-X25519-AEAD-Ratchet message 17:13:59@xxx/error - ElGamal decrypt hash doesn't match 17:13:59@xxx/error - Garlic: can't handle ECIES-X25519-AEAD-Ratchet message 17:13:59@xxx/error - ElGamal decrypt hash doesn't match 17:13:59@xxx/error - Garlic: can't handle ECIES-X25519-AEAD-Ratchet message 17:14:08@xxx/error - ElGamal decrypt hash doesn't match 17:14:08@xxx/error - Garlic: can't handle ECIES-X25519-AEAD-Ratchet message 17:14:08@xxx/error - ElGamal decrypt hash doesn't match 17:14:08@xxx/error - Garlic: can't handle ECIES-X25519-AEAD-Ratchet message 17:14:08@xxx/error - ElGamal decrypt hash doesn't match 17:14:08@xxx/error - Garlic: can't handle ECIES-X25519-AEAD-Ratchet message 17:14:43@xxx/error - ElGamal decrypt hash doesn't match 17:14:43@xxx/error - Garlic: can't handle ECIES-X25519-AEAD-Ratchet message 17:14:43@xxx/error - ElGamal decrypt hash doesn't match 17:14:43@xxx/error - Garlic: can't handle ECIES-X25519-AEAD-Ratchet message 17:14:43@xxx/error - ElGamal decrypt hash doesn't match 17:14:43@xxx/error - Garlic: can't handle ECIES-X25519-AEAD-Ratchet message 17:14:57@xxx/error - Streaming: No packets have been received yet 17:14:59@xxx/error - ElGamal decrypt hash doesn't match 17:14:59@xxx/error - Garlic: can't handle ECIES-X25519-AEAD-Ratchet message 17:15:10@xxx/error - ElGamal decrypt hash doesn't match 17:15:10@xxx/error - Garlic: can't handle ECIES-X25519-AEAD-Ratchet message 17:15:10@xxx/error - ElGamal decrypt hash doesn't match 17:15:10@xxx/error - Garlic: can't handle ECIES-X25519-AEAD-Ratchet message 17:15:10@xxx/error - ElGamal decrypt hash doesn't match 17:15:10@xxx/error - Garlic: can't handle ECIES-X25519-AEAD-Ratchet message 17:15:10@xxx/error - ElGamal decrypt hash doesn't match 17:15:10@xxx/error - Garlic: can't handle ECIES-X25519-AEAD-Ratchet message 17:15:10@xxx/error - ElGamal decrypt hash doesn't match 17:15:10@xxx/error - Garlic: can't handle ECIES-X25519-AEAD-Ratchet message 17:15:10@xxx/error - ElGamal decrypt hash doesn't match 17:15:10@xxx/error - Garlic: can't handle ECIES-X25519-AEAD-Ratchet message 17:15:19@xxx/error - ElGamal decrypt hash doesn't match 17:15:19@xxx/error - Garlic: can't handle ECIES-X25519-AEAD-Ratchet message 17:15:20@xxx/error - ElGamal decrypt hash doesn't match 17:15:20@xxx/error - Garlic: can't handle ECIES-X25519-AEAD-Ratchet message 17:15:20@xxx/error - ElGamal decrypt hash doesn't match 17:15:20@xxx/error - Garlic: can't handle ECIES-X25519-AEAD-Ratchet message . . . & continue as such infinitely !!

Please notice that I used "xxx" instead of number composed from 3 elements. This number changed each time I start new i2pd session. I hide it by "xxx" because I'm not sure whether it is confidential or not, & you did not replay me on my previous question !

By the way what about site cs.i2p ?? is it displayed on your side or not ??

[orignal]

By the way what about site cs.i2p ?? is it displayed on your side or not ??

No it doesn't. Same error. I will take a look.

[orignal]

I was able to open it. It just doesn't understand a LeaseSet2 with two keys. You need to configure your tunnel/proxy with following parameters i2cp.leaseSetType=1 i2cp.leaseSetEncType=0

Then it opens fine and says "cryptostorm The VPN service provider for the truly paranoid"

[Nokia808]

@orignal @r4sas 1) why you did not re-open this issue again inspite log became available ??

2) what about the issue of tunnel creation limitation to low level ?? This is the title of this issue.

3) regarding VPN site: is it better to manage this problem from application site by a commit from your side ?

4) regarding VPN site, also, you said "You need to configure your tunnel/proxy with following parameters i2cp.leaseSetType=1 i2cp.leaseSetEncType=0" How can I do this ? No GUI for it !

[orignal]

2. You are only user who has this issue
3. There is a problem on their side
4. Through the config files

[Nokia808]

Last thing can I do, I did it just few hrs: delete lhome/myusername/.var/app/i2pd.website.i2pd folder while application was already powered off, then re-lunching it again to create this folder from scratch. I performed this 2 times but no thing changes !! Same problem: limited tunnel creating rate !

[orignal]

Try to hit your TCP port from outside, as I suggested 2 months ago, but you didn't do it.

[Nokia808]

@orignal How can I do that ? I mean how can I "hit my TCP port from outside" ? I'm on Fedora Linux 32 X64 bit with FirewallD.

[orignal]

telnet <your IP from some computer outside your network.

[Nokia808]

@orignal I did not understand ! It seem that it is an investigation process ?? I believe that it is some thing I should managed from my firewall ??

[orignal]

I think your ISP or your firewall blocks incoming TCP connections.

[Nokia808]

@orignal No ! At all ! Because VPN with pure TCP protocol setting run very okay on my system. This is beside the fact that Tor (both Tor browser & Tor system package) working very well without problem.

[datawizard93]

Hi. I'm having the exact same issue, low tunnel creation rate (16%) despite running for 13 hours, network status shows OK, and I have opened both the NTCP2 port as well as the SSU2 port in my router, and connecting to the port on my public IP using telnet succeeds.

I'm using the latest .deb binary release for the install, and my i2pd.conf is default apart from the port it's listening on for incoming connections.

The logs shows the same for me:

11:11:30@826/error - Garlic: Can't handle ECIES-X25519-AEAD-Ratchet message 11:11:31@826/error - Garlic: Can't handle ECIES-X25519-AEAD-Ratchet message 11:11:32@826/error - I2PTunnel: Read error: End of file 11:11:32@826/error - I2PTunnel: Read error: End of file 11:11:33@230/error - I2PTunnel: Read error: End of file 11:11:33@230/error - I2PTunnel: Read error: End of file 11:11:34@826/error - Garlic: Can't handle ECIES-X25519-AEAD-Ratchet message 11:11:34@826/error - Garlic: Can't handle ECIES-X25519-AEAD-Ratchet message 11:11:35@826/error - I2PTunnel: Read error: End of file 11:11:36@230/error - I2PTunnel: Read error: End of file 11:11:38@826/error - Garlic: Can't handle ECIES-X25519-AEAD-Ratchet message 11:11:38@826/error - Garlic: Can't handle ECIES-X25519-AEAD-Ratchet message 11:11:38@826/error - Garlic: Can't handle ECIES-X25519-AEAD-Ratchet message 11:11:39@826/error - Garlic: Can't handle ECIES-X25519-AEAD-Ratchet message 11:11:39@826/error - I2PTunnel: Read error: End of file 11:11:40@826/error - Garlic: Can't handle ECIES-X25519-AEAD-Ratchet message 11:11:40@230/error - I2PTunnel: Read error: End of file 11:11:42@826/error - Garlic: Can't handle ECIES-X25519-AEAD-Ratchet message

Ocassionally, the log also shows messages like this:

11:18:28@442/error - NTCP2: Wrong static key in SessionConfirmed 11:18:41@442/error - NTCP2: RouterInfo verification failed in SessionConfirmed from :63064 11:18:41@442/error - NTCP2: Host mismatch between published address and actual endpoint 11:18:45@302/error - Streaming: Can't send packets, missing remote LeaseSet, sSID=

I2P itself seems to work somewhat regardless, I can access my eepsites, access other eepsites etc, but occasionally it completely stops working and shows "Host down" for all sites (including my own). The I2P router console at :7070 stays running though.

My sent, received and transit speeds are also somewhat okay despite this, it has speeds of around 500KiB/s.

Should I create a new, separate, issue for this?

[Vort]

@datawizard93 most likely, low Tunnel creation success rate appear because network is overloaded right now (either attack or abuse). There were some fixes to i2pd since release, so you may try to update to latest commit version, it may rise TCSR by a few percent. If you want, you can say what bandwidth limits your node have, what is usual CPU load and whether your node have floodfill status, such information may help to understand what is going on.

[datawizard93]

Thanks for the quick reply. I assumed it might be due to some form of DoS on the I2P network.

I'm using unlimited bandwidth limit for the I2P router, the average CPU load seems to be around 1.50 so it's not getting overloaded by any means, and I don't have floodfill status enabled (that I know of, I haven't explicitly enabled it in the config at least).

[Vort]

CPU load seems to be around 1.50

Does it mean 1.5% or 150%? If at least 1 CPU core is loaded to 100%, it may cause problems.

[datawizard93]

Sorry, I meant 30% CPU usage average with the load average shown in top being 1.50, with 4 cores allocated.

[Vort]

Can you look at htop utility to see single core CPU load?

Like here:

[datawizard93]

Sure, here's what each CPU core load looks like:

[Vort]

Ok, thanks, such amount of CPU resources is enough for i2pd.

[datawizard93]

It might be worth mentioning as well, for some reason, on another I2P router I have which is firewalled and does not have it's NTCP2 and SSU2 ports port forwarded, the tunnel creation success rate is actually higher, at 32% (same i2pd config, default except for the port it's using). It's been running for 17 hours. Although the speeds on it are much lower, at around 2KiB/s.

[Vort]

on another I2P router I have which is firewalled ... the tunnel creation success rate is actually higher

This effect is known, but it is hard to say why it is happening.

[orignal]

Because less transit.