Skip to content
Switch branches/tags

Latest commit


Git stats


Failed to load latest commit information.
Latest commit message
Commit time

Bitcoin-seeder is a crawler for the Bitcoin network, which exposes a list
of reliable nodes via a built-in DNS server.

* regularly revisits known nodes to check their availability
* bans nodes after enough failures, or bad behaviour
* accepts nodes down to v0.3.19 to request new IP addresses from,
  but only reports good post-v0.3.24 nodes.
* keeps statistics over (exponential) windows of 2 hours, 8 hours,
  1 day and 1 week, to base decisions on.
* very low memory (a few tens of megabytes) and cpu requirements.
* crawlers run in parallel (by default 24 threads simultaneously).


$ sudo apt-get install build-essential libboost-all-dev libssl-dev


Assuming you want to run a dns seed on, you will
need an authorative NS record in's domain record, pointing
to for example

$ dig -t NS

;; ANSWER SECTION   86400    IN      NS

On the system, you can now run dnsseed:

./dnsseed -h -n

If you want the DNS server to report SOA records, please provide an
e-mail address (with the @ part replaced by .) using -m.


Compiling will require boost and ssl.  On debian systems, these are provided
by `libboost-dev` and `libssl-dev` respectively.

$ make

This will produce the `dnsseed` binary.


It's sometimes useful to test `dnsseed` locally to ensure it's giving good
output (either as part of development or sanity checking). You can inspect
`dnsseed.dump` to inspect all nodes being tracked for crawling, or you can
issue DNS requests directly. Example:

$ dig @:: -p 15353
       ^       ^    ^
       |       |    |__ Should match the host (-h) argument supplied to dnsseed
       |       |
       |       |_______ Port number (example uses the user space port; see below)
       |_______________ Explicitly call the DNS server on localhost


Typically, you'll need root privileges to listen to port 53 (name service).

One solution is using an iptables rule (Linux only) to redirect it to
a non-privileged port:

$ iptables -t nat -A PREROUTING -p udp --dport 53 -j REDIRECT --to-port 15353

If properly configured, this will allow you to run dnsseed in userspace, using
the -p 15353 option.

Another solution is allowing a binary to bind to ports < 1024 with setcap (IPv6 access-safe)

$ setcap 'cap_net_bind_service=+ep' /path/to/dnsseed