Our main server rotation is chat.freenode.net. Pointers to freenode currently include irc.ghostscript.com, irc.gnu.org, irc.handhelds.org, and irc.kde.org. Please see our acknowledgements page for the generous groups and organizations who have helped us to provide this service.
NOTE:The network needs servers. We are in particular need of servers on the Pacific Rim and in the Americas. If you think you might be able to help our community in this way, please take a look at the server hosting page and email us at hosting at freenode dot net. Thanks!
The following table lists freenode client servers, server names indicated in strikethrough are currently NOT linked to the production network. Apologies for any inconvenience this may cause. Servers with "Yes" in the IPv6 column listen for IPv6 connections and can be connected to via the same hostname as for IPv4. chat.freenode.net has AAAA records for those servers with IPv6 capability, so simply telling your client to connect to chat.freenode.net by IPv6 should work. Please note that due to the low number of IPv6 servers currently in service, we do not provide regional IPv6 rotations.
All freenode servers listen on ports 6665, 6666, 6667, 6697 (SSL only), 7000 (SSL only), 7070 (SSL only), 8000, 8001 and 8002. Please be aware that the below list is at no time authoritative, and as such our advice is to connect using chat.freenode.net.
Accessing freenode Via SSL
freenode provides SSL client access on all servers. If your client is not configured to verify SSL certificates, then you can simply connect, with SSL enabled, on port 6697, 7000 or 7070. Users connecting over SSL will be given user mode +Z, and is using a secure connection will appear in WHOIS (a 671 numeric). Webchat users will not appear with +Z or the 671 numeric, even if they connect to webchat via SSL.
If you wish to verify the server certificates on connection, some additional work may be required. First, ensure that your system has an up-to-date set of root CA certificates. On most linux distributions this will be in a package named something like ca-certificates. Many systems install these by default, but some do not (such as FreeBSD, on which the package you wish to install is ca_root_nss, and the cafile to use would be /usr/local/share/certs/ca-root-nss.crt). For most clients this should be sufficient. If not, you can download the required intermediate cert from Gandi and the root cert from InstantSSL.
Those of you using irssi will find that it has some oddities in SSL certificate verification, and will not find the root certificates on its own. To work around this, use
/connect -ssl_verify -ssl_capath /etc/ssl/certs chat.freenode.net 6697
or on FreeBSD
/connect -ssl_cafile /usr/local/share/certs/ca-root-nss.crt chat.freenode.net 6697
Once you tell irssi where to find the root certificates, it should be able to verify the certificate correctly.
Client SSL certificates are also supported, and may be used for identification to services via CertFP. If you have connected with a client certificate, has client certificate fingerprint f1ecf46714198533cda14cccc76e5d7114be4195 (showing your certificate's SHA1 fingerprint in place of f1ecf46...) will appear in WHOIS (a 276 numeric).
Accessing freenode Via Tor
The current Tor hidden service address for freenode is p4fsi4ockecnea7l.onion. This service can be used by any user with a registered NickServ account. No further setup steps are necessary beyond that, besides configuring your client. Information on how to register a nick can be found on our FAQ page. The Tor hidden service uses SASL for authentication, which may require the use of additional scripts in your client to provide support. A collection of scripts and instructions for use can be found here. Tor's wiki also has a page on configuring IRC clients to use Tor.
Latencies are improving all the time and can be quite reasonable. You can always find a pointer to our Tor hidden service in freenode.net DNS, in an unresolved CNAME record, irc.tor.freenode.net, which can be retrieved, for example, via the *nix shell command:
dig +short irc.tor.freenode.net cname
If your IRC client can handle socks5 with remote dns, you can just connect to the .onion address directly. Otherwise, use Tor's "mapaddress" feature to fake it. (We do not recommend that you use Privoxy with irssi. It's unnecessary. Just use the 'mapaddress' approach and torify irssi to start it up.) Add a line to your torrc, as in this example:
mapaddress 10.40.40.40 p4fsi4ockecnea7l.onion
Be sure to HUP (reload) Tor if you change your torrc. After you've made the change, just connect your torified IRC client to the IP you specified in your mapaddress statement for the freenode service. Tor will do the conversion for you internally and you'll connect to freenode. In addition to providing location privacy, the Tor hidden service gives you end-to-end encryption, providing benefits similar to those of ircs / irc-ssl.
That's all it takes. We appreciate your accessing freenode via the Tor hidden service. If you'd like to help us maintain quality access, please consider providing "middleman" bandwidth to the Tor network. Just set your host up as a Tor relay and specify how much bandwidth you want to provide. You don't have to be an exit node—you can set your exit policy to "reject *:*" and still help us make up for the bandwith we use for freenode's hidden service.