Using nstx, you can (mis-)use the mostly free DNS resolution of many commercial Hotspots to gather internet for free.

To run a NSTX service, you need:

• to own a domain
• to have control over the authoritative nameserver
• another host (or at least IP) to serve nstx via it's port 53

Create a dedicated subdomain of your domain using a Glue-Record, e.g.:

$ORIGIN nstx.example.com.
@           IN  NS      ns
ns          IN  A       1.2.3.4

where 1.2.3.4 is the IP nstxd is listening on.

Make sure the kernel of the system you want to run nstxd at provides tun/tap support.

After installing nstx, the daemon has to be run like so:

nstxd -i <IP> <DOMAIN>

where <IP> in this case is 1.2.3.4 and <DOMAIN> is nstx.example.com.

The running daemon creates a device named tun0 which has to be configured appropriately. Further steps of configuration may have to be done to allow routing between tunnel and internet.

The NSTX Client Daemon is the client-side counterpart to nstxd and therefore has to be run on the Hotspot client.

Consider the situation where you have local network access, including DNS. Having a kernel with support for the tun/tap device, all you need to do is run nstxcd with the correct options:

nstxcd <DOMAIN> <IP>

where <DOMAIN> in this case is nstx.example.com and <IP> the IP of the local nameserver.

The created tun0 device has to be configured accordingly. For full internet access, a default route via the tunnel endpoints IP has to be used.

• Setting a tunnel MTU of 500 may prevent connectivity problems, especially when using SSH.
• When the local nameserver is reachable via routing only, setting the new default route is problematic. In this case a host route is necessary to prevent routing DNS requests via the tunnel.

NSTX Howto