Using the GNU Name System (GNS) requires two different configuration steps. First of all, GNS needs to be integrated with the operating system. Most of this section is about the operating system level integration.
Additionally, each individual user who wants to use the system must also initialize his GNS zones. This can be done by running (after starting GNUnet)
after the local GNUnet peer has been started. Note that the namestore (in particular the namestore database backend) should not be reconfigured afterwards (as records are not automatically migrated between backends).
The remainder of this chapter will detail the various methods for configuring the use of GNS with your operating system.
At this point in time you have different options depending on your OS:
- Use the gnunet-gns-proxy
- This approach works for all operating systems and is likely the easiest. However, it enables GNS only for browsers, not for other applications that might be using DNS, such as SSH. Still, using the proxy is required for using HTTP with GNS and is thus recommended for all users. To do this, you simply have to run the gnunet-gns-proxy-setup-ca script as the user who will run the browser (this will create a GNS certificate authority (CA) on your system and import its key into your browser), then start gnunet-gns-proxy and inform your browser to use the Socks5 proxy which gnunet-gns-proxy makes available by default on port 7777.
- Use a nsswitch plugin (recommended on GNU systems)
- This approach has the advantage of offering fully personalized resolution even on multi-user systems. A potential disadvantage is that some applications might be able to bypass GNS.
- Use a W32 resolver plugin (recommended on W32)
- This is currently the only option on W32 systems.
- Use system-wide DNS packet interception
- This approach is recommended for the GNUnet VPN. It can be used to handle GNS at the same time; however, if you only use this method, you will only get one root zone per machine (not so great for multi-user systems).
You can combine system-wide DNS packet interception with the nsswitch plugin.
The setup of the system-wide DNS interception is described here. All of the other GNS-specific configuration steps are described in the following sections.