MRH.io logo

Private IPFS Networks

Why I sacrificed my connection to the hive mind for faster IPNS performance

December 19, 2018IPFS, IPNS, Private IPFS Networks

The Interplanetary File System (IPFS) has two modes of operation: the public (default), and private. A private IPFS network is a collection of IPFS nodes which can only connect to each other, and never interact with the public IPFS network.

I personally chose this apporach because I wanted the benefits of instant publishing via IPNS, and was willing to forego connection to the global network.

This post is part 2 in a series. Find part 1 here. Thanks again for writing, Omar!

Prerequisite: At least two permanent IPFS nodes

To use a private network for IPNS name publishing and resolution, you need to have at least two nodes in the network running at all times. IPNS is based on consensus, and you simply can’t have a consensus of one. In theory, you should probably have five, but two works for my purposes and will work for the purposes of this tutorial.

Needing more than one node is a bummer, since it simply makes this approach inaccessible to many, but you can still do this if you can get even enough together for the smallest server most cloud hosts provide. You could also get creative and run multiple nodes on your laptop and then use dynamic DNS for your domain name, _dnslnk but that’s definitely a topic for another post.

Overview

The main steps are as follows:

  1. Create and dissemenate a swarm key
  2. Manually connect your nodes
  3. Use _dnslink to point your domain name at one of your nodes.

Creating a swarm key

Here’s another way of looking at this topic:

Q: What is a private IPFS network?
A: It is a collection of IPFS nodes that share the same swarm key.

A swarm key is what allows the IPFS nodes in question to be able to connect to each other. If two nodes try to connect and a swarm key is present in one, the presence of the key is checked in the other. If the keys exist and match, the nodes connect.

Here’s how to generate one:

  1. If you don’t have Go, install it.
  2. Run these commands:

    $ go get github.com/Kubuxu/go-ipfs-swarm-key-gen/ipfs-swarm-key-gen
    $ ipfs-swarm-key-gen > ~/.ipfs/swarm.key
  3. Copy that key to your other node(s) using ssh, scp, et al.

Connecting to your nodes

If you try to publish now, you’ll get an error:

$ ipfs name publish QmUBcmULir4mXae22FPCpoGQ39NDPLnbN343ZU9CKUefPf
$ Error: failed to find any peer in table

To publish a name we need to have a network of at least two peers. Since private IPFS nodes do not swarm, you need to manually connect to them.

  1. Connect to the peers either manually,
# Manual connection to another node with the same swarm key
$ ipfs swarm connect /ip4/12.345.67.890/tcp/4001/ipfs/Qm.......

..or by editing the Bootstrap command inside ~/.ipfs/config:

{
  "API": {
    ...
  },
  "Addresses": {
    ...
  },
  "Bootstrap": [
     // Add peer addresses here with the same swarm key
  ]
}
  1. Restart the peers, and include an environment flag to validate your peer is set up correctly:
$ export LIBP2P_FORCE_PNET=1
$ ipfs daemon
  1. Finally, check to see if you’ve got your network.
$ ipfs swarm peers

IPNS publication and resolution should now be instant.

A final thought on why IPNS performance is so good: You have your own little consensus network. I think the implications of that are rather far-reaching, but I admit I haven’t had much time to ponder on it, let alone use it besides publishing this site.

I hope this was helpful. Please do email if you have any questions or comments.

TallyLabLike reading about IPFS and want to see it in action? Check out my and @skybondsor's work on TallyLab

Mark Robert Henderson

Mark Robert Henderson lives in coastal Massachusetts and works for the creators of OrbitDB.  The best way to reach him is via e-mail.

This website does not track you.