Mainline DHT unspecified entry in bencoded dictionary

Question

I have found an entry in a bencoded dictionary in DHT traffic, generated by BitTorrent, which I do not understand, nor can find anything about in the DHT specification at http://bittorrent.org/beps/bep_0005.html.

Example of packet query and response with wireshark:

query = {"a":{"id":".=...4...R..%..s~..;"}, "q":"ping", "t":"..oo", "v":"UThK", "y":"q"}
response = {"r":{"id":"..=..x......o....w/%"}, "t":"..oo", "v":"UT..", "y":"r"}

full hex dump can be found here: http://pastebin.com/SMB4f8LR.

The entry in this example is the "v":"UThK" in the query and "v":"UT.." in the response. What is its purpose?

Answer 1

The v field is optional and indicates which client and version is running the DHT node.

The ones that start with "UT" is uTorrent, followed by one byte indicating the major version and another byte for minor version.

Other possible values are:

• "Az" - Azureus (or Vuze)
• "LT" - libtorrent (rasterbar)
• "MP" - MooPolice
• "GR" - GetRight
• "MO" - Monotorrent