Audio calls via I2P. Mumble

Mumble - This is an application for organizing voice chat. The project is free, the source code of official clients and servers is open. All major operating systems are supported: Linux, MacOS and Windows, as well as iOS and Android. Has good popularity Mumble web client, which allows you to use voice chat through a web browser.

Mumble has excellent audio transmission characteristics and from year to year is gaining a customer base that is moving away from proprietary projects in favor of a lightweight and efficient analogue with a completely open ecosystem.

In this article we will look at the configuration of our own Mumble server operating through a hidden network I2P. The server will use Debian as the operating system and i2pd as an I2P router. The client connection will also be demonstrated on a Debian machine. In practice, differences in client or server operating systems do not change the essence, because the applications used are cross-platform and their configuration looks the same everywhere (including on everyone’s favorite Windows).

server

The voice chat server application is distributed through the standard Debian repositories, so its installation will be limited to a single command: sudo apt install mumble-server. The official Mumble server is called Murmur, but for some reason they decided to call it differently in the Debian repository.

After installation, the configuration file is located in /etc/mumble-server.ini. Open it and first of all specify in the parameter host local address: host=127.0.0.1. An I2P server tunnel will be connected to this address, but the server will not be accessible via the regular Internet. The default port does not need to be changed. We are also interested in the parameter bandwidth, which defines the maximum channel width occupied by one user. After several experiments, the optimal value seems to be bandwidth=48000. The last significant parameter is allowping=true. If suddenly you are in a position false, correct, otherwise it will be impossible to see the delay from the client to the server. For the changes to take effect, restart mumble-server.

Now the most interesting part is the configuration of the I2P tunnels. Mumble uses UDP for streaming audio and TCP for control commands, but can work without it in case of problems with the UDP connection. True, this mode of operation is noticeably more uncomfortable due to delays. Let's create two server tunnels: one for UDP, the other for TCP.

If you still have not installed i2pd, do it according to the official instructions, or get a suitable deb package from git repository. Good stuff for movie lovers video with installation.

In order not to clog the main tunnel configuration file, let's create a new config in the directory /etc/i2pd/tunnels.conf.d/. The file name can be anything, but must end with ".conf". I created a file /etc/i2pd/tunnels.conf.d/mumble-server.conf. As agreed, there are two tunnels in the config:

[mumble-server-tcp]
type = server
host = 127.0.0.1
port = 64738
inport = 64738
inbound.length = 1
outbound.length = 1
i2p.streaming.initialAckDelay = 20
crypto.ratchet.inboundTags = 500
keys = mumble.dat

[mumble-server-udp]
type = udpserver
host = 127.0.0.1
address = 127.0.0.1
port = 64738
inport = 64738
keys = mumble.dat

In general, the parameters of the tunnels are trivial, but you can familiarize yourself with each individually in documentation. Please note that some parameters are not specified in the second tunnel. This is because i2pd applies the tunnel parameters to the key, so after one detailed configuration, the following tunnels with the same key (in the example the key is called mumble.dat) implicitly have the same parameters. If you do not have a key with the specified name, it will be created automatically.

Restart i2pd and go to the web console at http://127.0.0.1:7070. If you are configuring a remote server, you can easily connect to the server's localhost by forwarding the SOCKS port via ssh: $ ssh -D 8888 user@server, where four eights is the port number. By registering a SOCKS proxy in the browser 127.0.0.1:8888, you will be taken to a remote server and can open its local addresses.

In the "I2P tunnels" tab we see the intranet addresses of the created tunnels. They are the same since the same key is used.

Client

You can find a client for the desired operating system on the official downloads page, or in your smartphone's app store. In Debian, installing the client is as easy as installing the server: sudo apt install mumble. i2pd is installed similarly to the server solution.

Time to create client tunnels! Open the file on the client machine /etc/i2pd/tunnels.conf.d/mumble-client.conf and enter the following contents (enter your address):

[mumble-client-tcp]
type = client
address = 127.0.0.1
port = 64738
destination = plpu63ftpi5wdr42ew7thndoyaclrjqmcmngu2az4tahfqtfjoxa.b32.i2p
destinationport = 64738
inbound.length = 1
outbound.length = 1
i2p.streaming.initialAckDelay = 20
crypto.ratchet.inboundTags = 500
keys = transient-mumble

[mumble-client-udp]
type = udpclient
address = 127.0.0.1
port = 64738
destination = plpu63ftpi5wdr42ew7thndoyaclrjqmcmngu2az4tahfqtfjoxa.b32.i2p
destinationport = 64738
keys = transient-mumble

In general, client tunnels are a mirror image of server tunnels. You may have noticed the parameters with the word "length". The server and client tunnels consist of only one transit node. In total, when connecting between the server and the client, there are only two transit servers versus the usual six (three on each side). This compromise is necessary to ensure acceptable voice quality.

When connecting to the server, specify the local address and port specified in the client tunnel (127.0.0.1, 64738). Once the I2P router starts up, it takes a bit of time to create tunnels, so be prepared to wait a minute.

If everything is done correctly, you will see a ping in the list of servers opposite the new server. The screenshot shows two connections to one server: one via Yggdrasil, other via I2P. The difference is several times, but even with a delay of 300-600 milliseconds, Mumble provides a comfortable dialogue.

The most important thing in this configuration, of course, is voice communication, within which the physical location of all interlocutors and the server remains secret. For a test connection, you can use the above client config.