Bitcoin-seeder is a crawler for the Bitcoin network, which exposes a list of reliable nodes via a built-in DNS server.
Features:
$ sudo apt-get install build-essential libboost-all-dev libssl-dev
Assuming you want to run a dns seed on dnsseed.example.com, you will need an authorative NS record in example.com's domain record, pointing to for example vps.example.com:
$ dig -t NS dnsseed.example.com
;; ANSWER SECTION dnsseed.example.com. 86400 IN NS vps.example.com.
On the system vps.example.com, you can now run dnsseed:
./dnsseed -h dnsseed.example.com -n vps.example.com
If you want the DNS server to report SOA records, please provide an e-mail address (with the @ part replaced by .) using -m.
Compiling will require boost and ssl. On debian systems, these are provided
by libboost-dev
and libssl-dev
respectively.
$ make
This will produce the dnsseed
binary.
It's sometimes useful to test dnsseed
locally to ensure it's giving good
output (either as part of development or sanity checking). You can inspect
dnsseed.dump
to inspect all nodes being tracked for crawling, or you can
issue DNS requests directly. Example:
$ dig @:: -p 15353 dnsseed.example.com ^ ^ ^ | __ Should match the host (-h) argument supplied to dnsseed | ||
---|---|---|---|
___ Port number (example uses the user space port; see below) | |||
___ Explicitly call the DNS server on localhost |
Typically, you'll need root privileges to listen to port 53 (name service).
One solution is using an iptables rule (Linux only) to redirect it to a non-privileged port:
$ iptables -t nat -A PREROUTING -p udp --dport 53 -j REDIRECT --to-port 15353
If properly configured, this will allow you to run dnsseed in userspace, using the -p 15353 option.
Another solution is allowing a binary to bind to ports < 1024 with setcap (IPv6 access-safe)
$ setcap 'cap_net_bind_service=+ep' /path/to/dnsseed