| 28 Nov 2021 |
 neilalexander | In reply to @kenji_ichikawa:kuvio.de
Couple questions:
- If I'll run yggdrasil service (i mean website or something like that), can somebody {try to log in ssh,reveal my real IP,and so on}?
- How can I run service? Found nothing at docs about it 😬
Well, running Yggdrasil basically gives you an IP address on the Yggdrasil network, so yes, exposed ports will become available via Ygg. To counteract that, you should use a firewall (preferred solution) or ensure that your more sensitive services don’t bind to the Yggdrasil IP | 20:17:40 |
| neilalexander | Also running a service is basically just like normal, except with the consideration that your system now has a new IPv6 address to listen on | 20:17:56 |
 Kenji Ichikawa | In reply to @neilalexander:neilalexander.dev
Well, running Yggdrasil basically gives you an IP address on the Yggdrasil network, so yes, exposed ports will become available via Ygg. To counteract that, you should use a firewall (preferred solution) or ensure that your more sensitive services don’t bind to the Yggdrasil IP Thank you! Btw my "real" IP (I mean my IPv4 of my home network, you know) isn't exposed to the ygg network? sorry for stupid questions 🙄 | 20:30:59 |
| neilalexander | In reply to @kenji_ichikawa:kuvio.de
Thank you! Btw my "real" IP (I mean my IPv4 of my home network, you know) isn't exposed to the ygg network? sorry for stupid questions 🙄 Only your direct peers will see your “real” IP address. No one else on the network can/will see it | 20:31:29 |
| Kenji Ichikawa | In reply to @neilalexander:neilalexander.dev
Only your direct peers will see your “real” IP address. No one else on the network can/will see it Thanks! | 20:32:25 |
|  nihraguk8 joined the room. | 23:51:51 |
|  @nihraguk:libera.chat left the room. | 23:54:07 |
| 29 Nov 2021 |
 Salem Yaslem | it there 300::/7 map like http://[21e:e795:8e82:a9e2:ff48:952d:55f2:f0bb]/# | 00:01:02 |
 Jonathan | It would largely look the same | 00:11:58 |
| Jonathan | Also, I think you misunderstand the 300::/7 subnet | 00:12:18 |
| Salem Yaslem | In reply to @jboi:jboi.nl
It would largely look the same I cannot found 300::/7 peers in that map | 00:12:44 |
| Salem Yaslem | In reply to @jboi:jboi.nl
Also, I think you misunderstand the 300::/7 subnet explain to me :) | 00:12:58 |
| Jonathan | That subnet allows the Yggdrasil node to work like a router, it takes the first 64 bits of a Yggdrasil public key hash and then uses the last 64 bits to address something on the node’s network | 00:17:09 |
| Jonathan | It’s basically the same as the 200::7 network, except it allows the Yggdrasil node to act as a router | 00:17:31 |
| Jonathan | The map is of peerings between Yggdrasil nodes, so 200::/7 addresses or 300::/7 addresses don’t mean much there, it’s just represented with the former as that is the node’s public key hash in IP form | 00:18:18 |
| Jonathan | Take the first 4 chunks of the 200::/7 address, and you have the 300::/7 prefix it answers to | 00:18:51 |
| Salem Yaslem | ok | 00:43:10 |
| Salem Yaslem | I'm in setup public peer, what peers should I add to it so it can be globally reachable? | 00:47:53 |
 Revertron | In reply to @xlmnxp:matrix.org
I'm in setup public peer, what peers should I add to it so it can be globally reachable? Something near you, with optimal ping. | 00:50:59 |
| Salem Yaslem | In reply to @revertron:zhub.link
Something near you, with optimal ping. I will make it public peer, so it not important to be near me | 00:52:05 |
| Salem Yaslem | I found a bug :D | 01:00:06 |
| Salem Yaslem | when I have many IPs and I tried start yggdrasil in [::]:17001 for example, it will fire error message tell me the port is in use | 01:00:55 |
| Salem Yaslem | it not used by any service but because yggdrasil try to use other address it will be use in first address allocate it and second address will fire error message | 01:02:16 |
| Salem Yaslem | this will not work:
| 01:02:59 |
| Salem Yaslem | this will not work:
Listen: [
tls://0.0.0.0:17001
tls://[::]:17001
] | 01:03:06 |
| Salem Yaslem | this will not work:
tls://0.0.0.0:17001
tls://[::]:17001
]```
| 01:03:13 |
| Salem Yaslem | this will not work:
| 01:03:45 |
| Salem Yaslem | this will not work:
Listen: [
tls://0.0.0.0:17001
tls://[::]:17001
]
| 01:04:05 |
| Salem Yaslem | this will not work:
Listen: [
tls://0.0.0.0:17001
tls://[::]:17001
]
| 01:04:19 |
| Revertron | In reply to @xlmnxp:matrix.org
this will not work:
Listen: [
tls://0.0.0.0:17001
tls://[::]:17001
]
It's because sometimes [::] in linux means ipv4+ipv6. And you have already used your 0.0.0.0. | 01:06:22 |
