,

Running DNS Seeder for BIT-ECC Network

Heung-No Lee Avatar
Heung-No Lee

·

Running DNS Seeder for BIT-ECC Network

2021년 3월 9일

Heung-No Lee, Ha Young Park

Bitcoin-seeder is a crawler for the Bitcoin network, which exposes a list

of reliable nodes via a built-in DNS server.

Bitcoin must have a currently running a DNS server and a Bitcoin-seeder.

Does the Bitcoin Core have them?

No there is none in the core.

Can we get them from the Bitcoin network?

Can we go to github and download them?

They are downloadable from here: https://github.com/sipa/bitcoin-seeder

Then, what we need to do includes:

  1. Run a DNS server
  2. Run a BIT-ECC-seeder

To do this, we need to modify the source code above.

README

bitcoin-seeder

==============

Bitcoin-seeder is a crawler for the Bitcoin network, which exposes a list

of reliable nodes via a built-in DNS server.

Features:

* regularly revisits known nodes to check their availability

* bans nodes after enough failures, or bad behaviour

* accepts nodes down to v0.3.19 to request new IP addresses from,

but only reports good post-v0.3.24 nodes.

* keeps statistics over (exponential) windows of 2 hours, 8 hours,

1 day and 1 week, to base decisions on.

* very low memory (a few tens of megabytes) and cpu requirements.

* crawlers run in parallel (by default 24 threads simultaneously).

REQUIREMENTS

————

$ sudo apt-get install build-essential libboost-all-dev libssl-dev

USAGE

—–

Assuming you want to run a dns seed on dnsseed.example.com, you will

need an authorative NS record in example.com’s domain record, pointing

to for example vps.example.com:

$ dig -t NS dnsseed.example.com

;; ANSWER SECTION

dnsseed.example.com. 86400 IN NS vps.example.com.

On the system vps.example.com, you can now run dnsseed:

./dnsseed -h dnsseed.example.com -n vps.example.com

If you want the DNS server to report SOA records, please provide an

e-mail address (with the @ part replaced by .) using -m.

COMPILING

———

Compiling will require boost and ssl. On debian systems, these are provided

by `libboost-dev` and `libssl-dev` respectively.

$ make

This will produce the `dnsseed` binary.

RUNNING AS NON-ROOT

——————-

Typically, you’ll need root privileges to listen to port 53 (name service).

One solution is using an iptables rule (Linux only) to redirect it to

a non-privileged port:

$ iptables -t nat -A PREROUTING -p udp –dport 53 -j REDIRECT –to-port 5353

If properly configured, this will allow you to run dnsseed in userspace, using

the -p 5353 option.

Another solution is allowing a binary to bind to ports < 1024 with setcap (IPv6 access-safe)

$ setcap ‘cap_net_bind_service=+ep’ /path/to/dnsseed