ngrok tcp 4001. Tip: Use -region= flag for lower latency.tcp://hostname:port -> localhost:4001~/.ipfs/configipfs daemon
@avatar-lavventura hostname refers to the DNS name (e.g. 6.tcp.ngrok.io) returned by ngrok in step 2.
For: tcp://2.tcp.ngrok.io:17798
I have to add: "/dns4/2.tcp.ngrok.io/tcp/17798" right?
I believe this solution will bring high latency where the files first transfer into ngrok servers and than into the ipfs node.
@avatar-lavventura True. Better use the circuit-relay with hole-punching enabled. I used the ngrok solution only when public relays were not available.
How/where could I enable Swarm.RelayClient.Enabled? Would ipfs config --json Swarm.RelayClient.Enabled true be enough? also will it bring any security concerns?
@avatar-lavventura it ought to be enough if you're using ipfs v0.11.0 onwards. For older versions however you need ipfs config --json Swarm.EnableAutoRelay true. Below I give a list of commands which will cover both new and old versions, while saving your bandwidth.
ipfs config --bool Swarm.EnableRelayHop false
ipfs config --bool Swarm.RelayService.Enabled false
ipfs config --bool Swarm.DisableNatPortMap false
ipfs config --bool Swarm.Transports.Network.Relay true
ipfs config --bool Swarm.EnableAutoRelay true
ipfs config --bool Swarm.RelayClient.Enabled true
ipfs config --bool Swarm.EnableHolePunching true
ipfs config AutoNAT.ServiceMode disabledAFAIK there isn't any more security concerns than making your IPFS node reachable from the public internet entails. Your node might see a rise in bandwidth consumption.
If my node is only connected using ipfs swarm connect <ipfs_id> would all those still be needed?
ipfs swarm connect <peerID> means you are forming an outgoing connection to the node with peerID. For that you don't need to use relay or ngrok.
But, if you want other nodes to find your node and connect to it (i.e. incoming connections), e.g. to access files pinned by your node, then you gotta give your node a publicly reachable address on the internet. If you don't have a public IP (i.e. you are behind NAT), relays or ngrok will give you such a public IP.
In brief,
Thanks. I don't want other nodes to find me. Basically, I setup a google-instance (which has a public IP and open port, 4vCPU - 8 gb ram ) that runs a ipfs node. And from my laptop I did ipfs swarm connect <peerID> into the google instance. After the connection I was able share ipfs objects but the speed is extremely slow, 5 minutes for 100 mb. I am not sure its because how ipfs works or due to the google instance. While looking ways to improve the data transfer speed, I find myself in your gist.
PS: Respect for your bash-script on https://github.com/SomajitDey/ipfs-chat
An easy way to make a node undiscoverable by other nodes is to not connect to the DHT at all. To do this either launch your daemon with --routing=none flag or change the ipfs config file. That is to say either
ipfs daemon --routing=none or,ipfs config Routing.Type none followed by ipfs daemonIf a node is disconnected from DHT like this, it can still form outgoing connections to other nodes specified with ipfs swarm connect <fully-qualified-multiaddress>. It can also receive incoming connections from other nodes which know its own multiaddress - i.e. /ip4/<ip>/tcp/<port>/p2p/<peerID>
In case you need to connect to DHT but not publish your multiaddress to DHT, you may either
Addresses.NoAnnounceAddresses.Announce0.0.0.0 in Addresses.Swarm with 127.0.0.1For further discussions feel free to ask the friendly broader community at https://discuss.ipfs.io/ or their corresponding subreddit.
P.S: Thanks a lot for starring ipfs-chat. You might also be interested in another project I started IPNS-Link for exposing dynamic sites with IPNS as opposed to static ones. Here are two blogs abt it - 1) medium ; 2) dev
@SomajitDey I didn't know ipfs swarm connect /ip4/<ip>/tcp/<port>/p2p/<peerID> is able to connect nodes that are started as ipfs daemon --routing=none thanks for pointing it out. I did:
ipfs init --profile=server,badgerds
ipfs daemon --routing=noneBefore ipfs swarm connect /ip4/<ip>/tcp/<port>/p2p/<peerID> I always do nc -v <ip> 4001 to check is the the ipfs running or not.
and I was able share file using ipfs swarm connect /ip4/<ip>/tcp/<port>/p2p/<peerID>, but I did not know I can do it with fully-qualified-multiaddress as well.
I hope ipfs daemon --routing=none will also help to improve slow transfer over LAN. I remember seeing it over here: ipfs/kubo#5037 (comment)
I did not get the In case you need to connect to DHT but not publish your multiaddress to DHT, you may either part. I was directly sharing /ip4/<ip>/tcp/<port>/p2p/<peerID> with the node over a public domain. But I have concerns having IP and port information publicly known info.
By fully qualified multiaddress, I meant addresses that contain the ip, port and peerID, e.g. /ip4/<ip>/tcp/<port>/p2p/peerID.
If your google node is connected to DHT, your laptop node can get the fully-qualified-multiaddress of the google node from the DHT by referring to its peerID. When google node is not connected to the DHT (--routing=none), the laptop node must be given the full address of the google node by some other means - e.g. you hand typed it into ipfs swarm connect ....
Your multiaddress only becomes public when it is published to the DHT. As long as you remain disconnected to the DHT, your google node is undiscoverable by other nodes. For added safety however you can always use the Private Networks feature. In that way, only your laptop node and google node can connect to each other using a common secret key - forming a private network.
The slow transfer speed beats me. AFAIK, its not a problem with IPFS.
its not a problem with IPFS.
Like it is not problem for the IPFS developers? or slow transfer speed problem was always there for IPFS but accepted as it is?
@avatar-lavventura I meant that I suppose the slow speed is not due to ipfs per se. Because I and some of my colleagues who used ipfs didnt experience very slow speeds once the peers were swarm connected.
Probably there was some issues in the Google instance I am using since 100 MB was downloaded in ~10 minutes even peers were swarm connected.
Is
put-the-hostname-hererefers to IP address of the host?