iodine

Posted on
sysadmin

By tunnelling network connections over DNS, you can get what amounts to free internet on certain networks, including (…) and most public wifi networks.

Process:

  1. Find / host an iodine server to create a virtual lan over dns
  2. Connect to a proxy on the virtual lan

Speeds:

  • Iodine webpage cites 1 Mbit
  • Confirmed 4-5 Mbit on (…) while (…) is connected. However dns traffic is just tcp/udp and is metered while you are connected
  • Only 50kbit on (…) while (…) is disconnected

Hosting iodine

  • (…) is running an iodine server.
  • An NZ-hosted server would be preferable if possible: “Performance is strongly coupled to low ping times, as iodine requires confirmation for every data fragment before moving on to the next.”

Hosting your own iodine server:

  • Debian 6 repository, apt-get install iodine
  • nohup iodine -f -c -P secret-password 192.168.99.1 your-iodine-hostname
  • Create an NS record for your-iodine-hostname that points to the correct server.
  • Check that the server is running via http://code.kryo.se/iodine/check-it/

Server must have /dev/tap available - on OpenVZ vpses this might not be guaranteed since one shares the host kernel. Debian 6 on BuyVM is confirmed to work.

Connecting to iodine

Windows

  • Install package, make sure to rename the tap device to ‘dns’ for some reason

Linux

Hosting a proxy on the virtual lan

Linux: just create a user

Connecting to a proxy on the virtual lan

ssh -ND 9583 -p {ssh port} {server-hostname} hosts a local SOCKS proxy on port 9583, on both windows and linux. To get ssh.exe on windows, use copssh, msys or cygwin, or you can do this with just the PuTTY gui by these instructions.

Firefox, ApexDC++: Connect to the socks proxy in the settings

All windows programs: Connect to the socks proxy via win+r > inetcpl.cpl > Connections tab > LAN settings > tick Proxy, Advanced > socks / localhost:9583