Setting up an IP-over-DNS tunnel

Iodine is a piece of software designed to forward IP traffic over DNS queries. Its main purpose is to circumvent the captive portals of public Wi-Fi networks. That can be possible because a lot of captive portals does not restrict DNS queries.

http://code.kryo.se/iodine/

I thought it is a fun idea to try out, so I set up my own server.

First I created a delegate for a subdomain to my linux server
dns

Then I installed iodine on my linux box.
Iodine comes in a package for Ubuntu, I could simply use that.

apt-get install iodine

Then start iodine

iodined

At first try I got Bad Handshake errors and was unable to connect

Opened dns0
Opened UDP socket
Version ok, both running 0x00000401. You are user #0
Received bad handshake
Retrying login...
Received bad handshake
Retrying login...

I found that adding a -c option fixes the problem. If you are stuck with handshake, add -c to your launch options.

iodine

I downloaded precompiled iodine for Windows and started it.
Then I could connect to my linux box via ssh at 10.0.0.1

I could use SOCKS forwarding over SSH to browse the web.
But browsing the web is very slow, opening the Google main page takes about 20 seconds to finish. So I would say that its not practically useful. It would be better to use a text based browser like elinks over the SSH connection.
Anyway with Iodine enabled I could successfully connect to the internet on a local Wimax network without paying for subscription.
In conclusion I say that Iodine is a neat application but it requires so much time (and patience) to actually use it.

 

+to add the iodined as a service, edit /etc/init.d/iodined and adjust DAEMON_ARGS as per your needs.

Leave a Reply

Your email address will not be published. Required fields are marked *