What ports does the I2P software use?
The ports that are used by I2P can be divided into 2 sections:
Internet-facing ports, which are used for communication with other I2P routers
Local ports, for local connections
These are described in detail below.
Internet-facing ports
Note: Since release 0.7.8, new installs do not use port 8887; a random port between 9000 and 31000 is selected when the program is run for the first time. The selected port is shown on the router configuration page.
OUTBOUND
UDP from the random port listed on the configuration page to arbitrary remote UDP ports, allowing for replies
TCP from random high ports to arbitrary remote TCP ports
Outbound UDP on port 123, allowing for replies. This is necessary for I2P's internal time sync (via SNTP - querying a random SNTP host in pool.ntp.org or another server you specify)
INBOUND
(Optional, recommended) UDP to the port noted on the configuration page from arbitrary locations
(Optional, recommended) TCP to the port noted on configuration page from arbitrary locations
Inbound TCP can be disabled on the configuration page
Local I2P ports, listening only to local connections by default, except where noted:
( INSERT GRAPH)
How can I access the web console from my other machines or password protect it?
For security purposes, the router's admin console by default only listens for connections on the local interface. There are two methods for accessing the console remotely:
SSH Tunnel
Configuring your console to be available on a Public IP address with a username & password
These are detailed below:
SSH Tunnel
If you are running a Unix-like Operating System, this is the easiest method for remotely accessing your I2P console. (Note: SSH server software is available for systems running Windows, for example https://github.com/PowerShell/Win32-OpenSSH)
Once you have configured SSH access to your system, the '-L' flag is passed to SSH with appropriate arguments - for example:
ssh -L 7657:localhost:7657 (System_IP)
where '(System_IP)' is replaced with your System's IP address. This command forwards port 7657 (the number before the first colon) to the remote system's (as specified by the string 'localhost' between the first and second colons) port 7657 (the number after the second colon). Your remote I2P console will now be available on your local system as 'http://localhost:7657/' and will be available for as long as your SSH session is active. If you would like to start an SSH session without initiating a shell on the remote system, you can add the '-N' flag:
ssh -NL 7657:localhost:7657 (System_IP)
Configuring your console to be available on a Public IP address with a username & password
Open ~/.i2p/clients.config and replace
clientApp.0.args=7657 ::1,127.0.0.1 ./webapps/
with
clientApp.0.args=7657 ::1,127.0.0.1,(System_IP) ./webapps/
where you replace (System_IP) with your system's public IP address
Go to http://localhost:7657/configui and add a console username and password if desired - Adding a username & password is highly recommended to secure your I2P console from tampering, which could lead to de-anonymization.
Go to http://localhost:7657/index and hit "Graceful restart", which restarts the JVM and reloads the client applications
After that fires up, you should now be able to reach your console remotely. Load the router console at http://(System_IP):7657 and you will be prompted for the username and password you specified in step 2 above if your browser supports the authentication popup.
NOTE: You can specify 0.0.0.0 in the above configuration. This specifies an interface, not a network or netmask. 0.0.0.0 means "bind to all interfaces", so it can be reachable on 127.0.0.1:7657 as well as any LAN/WAN IP. Be careful when using this option as the console will be available on ALL addresses configured on your system.
How can I use applications from my other machines?
Please see the previous answer for instructions on using SSH Port Forwarding, and also see this page in your console: http://localhost:7657/configi2cp
Is it possible to use I2P as a SOCKS proxy?
The SOCKS proxy has been functional since release 0.7.1. SOCKS 4/4a/5 are supported. I2P does not have a SOCKS outproxy so it is limited to use within I2P only.
Many applications leak sensitive information that could identify you on the Internet and this is a risk that one should be aware of when using the I2P SOCKS proxy. I2P only filters connection data, but if the program you intend to run sends this information as content, I2P has no way to protect your anonymity. For example, some mail applications will send the IP address of the machine they are running on to a mail server. There is no way for I2P to filter this, thus using I2P to 'socksify' existing applications is possible, but extremely dangerous.
If you would like more information on the socks proxy application anyway, there are some helpful hints on the socks page.
What makes downloads, torrents, web browsing, and everything else slower on I2P as compared to the regular internet?
The encryption and routing within the I2P network adds a substantial amount of overhead and limits bandwidth.
It is recommended to increase your bandwidth limits. This helps the network by increasing the amount of available bandwidth which will in turn improve your I2P experience. Bandwidth settings are located on the http://localhost:7657/config page. Please be aware of your internet connection's limits as determined by your ISP, and adjust your settings accordingly.
Additionally, setting a sufficient amount of shared bandwidth - this allows for participating tunnels to be routed through your I2P router. Allowing participating traffic keeps your router well-integrated in the network and improves your transfer speeds.
Improvements and fixes are being implemented constantly. Running the latest release will help your performance, and help keep you and the rest of the network safe.
What ports does the I2P software use? The ports that are used by I2P can be divided into 2 sections:
Internet-facing ports, which are used for communication with other I2P routers Local ports, for local connections These are described in detail below.
Internet-facing ports Note: Since release 0.7.8, new installs do not use port 8887; a random port between 9000 and 31000 is selected when the program is run for the first time. The selected port is shown on the router configuration page. OUTBOUND UDP from the random port listed on the configuration page to arbitrary remote UDP ports, allowing for replies TCP from random high ports to arbitrary remote TCP ports Outbound UDP on port 123, allowing for replies. This is necessary for I2P's internal time sync (via SNTP - querying a random SNTP host in pool.ntp.org or another server you specify) INBOUND (Optional, recommended) UDP to the port noted on the configuration page from arbitrary locations (Optional, recommended) TCP to the port noted on configuration page from arbitrary locations Inbound TCP can be disabled on the configuration page
Local I2P ports, listening only to local connections by default, except where noted: ( INSERT GRAPH)
How can I access the web console from my other machines or password protect it? For security purposes, the router's admin console by default only listens for connections on the local interface. There are two methods for accessing the console remotely:
SSH Tunnel Configuring your console to be available on a Public IP address with a username & password These are detailed below:
SSH Tunnel If you are running a Unix-like Operating System, this is the easiest method for remotely accessing your I2P console. (Note: SSH server software is available for systems running Windows, for example https://github.com/PowerShell/Win32-OpenSSH) Once you have configured SSH access to your system, the '-L' flag is passed to SSH with appropriate arguments - for example: ssh -L 7657:localhost:7657 (System_IP)
where '(System_IP)' is replaced with your System's IP address. This command forwards port 7657 (the number before the first colon) to the remote system's (as specified by the string 'localhost' between the first and second colons) port 7657 (the number after the second colon). Your remote I2P console will now be available on your local system as 'http://localhost:7657/' and will be available for as long as your SSH session is active. If you would like to start an SSH session without initiating a shell on the remote system, you can add the '-N' flag: ssh -NL 7657:localhost:7657 (System_IP)
Configuring your console to be available on a Public IP address with a username & password Open ~/.i2p/clients.config and replace clientApp.0.args=7657 ::1,127.0.0.1 ./webapps/
with clientApp.0.args=7657 ::1,127.0.0.1,(System_IP) ./webapps/
where you replace (System_IP) with your system's public IP address Go to http://localhost:7657/configui and add a console username and password if desired - Adding a username & password is highly recommended to secure your I2P console from tampering, which could lead to de-anonymization. Go to http://localhost:7657/index and hit "Graceful restart", which restarts the JVM and reloads the client applications After that fires up, you should now be able to reach your console remotely. Load the router console at http://(System_IP):7657 and you will be prompted for the username and password you specified in step 2 above if your browser supports the authentication popup.
NOTE: You can specify 0.0.0.0 in the above configuration. This specifies an interface, not a network or netmask. 0.0.0.0 means "bind to all interfaces", so it can be reachable on 127.0.0.1:7657 as well as any LAN/WAN IP. Be careful when using this option as the console will be available on ALL addresses configured on your system. How can I use applications from my other machines? Please see the previous answer for instructions on using SSH Port Forwarding, and also see this page in your console: http://localhost:7657/configi2cp
Is it possible to use I2P as a SOCKS proxy? The SOCKS proxy has been functional since release 0.7.1. SOCKS 4/4a/5 are supported. I2P does not have a SOCKS outproxy so it is limited to use within I2P only.
Many applications leak sensitive information that could identify you on the Internet and this is a risk that one should be aware of when using the I2P SOCKS proxy. I2P only filters connection data, but if the program you intend to run sends this information as content, I2P has no way to protect your anonymity. For example, some mail applications will send the IP address of the machine they are running on to a mail server. There is no way for I2P to filter this, thus using I2P to 'socksify' existing applications is possible, but extremely dangerous.
If you would like more information on the socks proxy application anyway, there are some helpful hints on the socks page.
What makes downloads, torrents, web browsing, and everything else slower on I2P as compared to the regular internet? The encryption and routing within the I2P network adds a substantial amount of overhead and limits bandwidth.
It is recommended to increase your bandwidth limits. This helps the network by increasing the amount of available bandwidth which will in turn improve your I2P experience. Bandwidth settings are located on the http://localhost:7657/config page. Please be aware of your internet connection's limits as determined by your ISP, and adjust your settings accordingly.
Additionally, setting a sufficient amount of shared bandwidth - this allows for participating tunnels to be routed through your I2P router. Allowing participating traffic keeps your router well-integrated in the network and improves your transfer speeds.
Improvements and fixes are being implemented constantly. Running the latest release will help your performance, and help keep you and the rest of the network safe.