Bitcoin Forum

I’m running a full Bitcoin node from my bsement on an Ubuntu Server and I’m trying to help support the Bitcoin network by opening port 8333 for inbound connections. However, I'm using Starlink as my internet provider, and I’ve encountered some challenges with port forwarding due to Starlink's use of CGNAT (Carrier-Grade NAT).

Has anyone here successfully opened port 8333 on a Starlink network for a Bitcoin node? If so, could you share your approach or any advice on how to bypass CGNAT or configure port forwarding on Starlink?

Here are a few specific questions I have:

Is it possible to get a static IP or public IP with Starlink to make port forwarding work?
Has anyone used VPN or tunneling solutions to work around this limitation with Starlink? If so, which one worked best?
I’d appreciate any tips or guidance from anyone with experience running a Bitcoin node on Starlink!

Thanks in advance!

I can't answer your question, but you may be able to use Tor to accept inbound connections without port forwarding:

Hi OP.

Just follow Loyce's suggestion for the following reason:

1. you need permission from your ISP to do port-forwarding. I am sure with Starlink it's the same, or even more difficult.
2. you need permission from your ISP to setup a static IP. I am sure with Starlink it's the same, or even more difficult.
3. it's much easier to set up TOR hidden services than to mess with Router configuration.
4. even if you don't understand it, it's safer to use TOR, than to open a port on your router.

Looking on thread Start9 Node not Reachable by Network. TP-Link AX1500 Router problem? (https://bitcointalk.org/index.php?topic=5525519.0), it seems you need additional router (which have port forwarding feature) and certain Starlink plan which doesn't use CGNAT.


No, but these days there aren't many VPN provider that have port forwarding feature.

Would that work if you install a VPN on your own VPS? For $11.29/year (https://lowendtalk.com/discussion/201141/spanking-new-deals-happy-new-year-w-premium-giveaways-freebies-galore-by-racknerd/p1) you get 2 TB bandwidth and your own IP address.

I have StarLink in one of my properties that doesn't have better options for internet.  They do offer a business service that has a static dedicated IP, but last time I looked into it the cost was not justifiable.

There are alternatives.  As LyceV mentioned, there's TOR.  I can confirm that TOR will allow you to connect your Bitcoin Core node to the p2p network, and if the privileges are set correctly, you can even open it up for RPC calls.  The safer thing to do is keep your RPC port closed via firewall, and set up an Electrum SPV server, and connect that through TOR as well.  In fact, you can use it to reach your local mempool.space instance also.  Look into "creating hidden services" in regards to TOR for details on how to set up your torrc (TOR configuration) file to create hidden services.

Other alternatives require either fees, significant networking skills, using a centralized service, or a combination of the aforementioned.  For example, you can set up your own VPN server on a cloud VM.  Some hosting services have single click deployment of private VPN.  Those aren't free, but far cheaper than StarLink's fee for a dedicated static IP.

One centralized service I've used in the past and can confirm will also work behind StarLink's CGNAT is Tailscale.  They offer a free tier, and it's open source and encrypted.  The bandwidth of their free service is limiting, but plenty fast enough for bitcoin, an SPV server, and mempool.  There are risks and downsides to relying on a centralized service, but Tailscale is super easy to set up and will get you through the learning curve of using TOR.

---

That's a smoking deal!  I've never tried to deploy a VPN with only one core, do you think it'll work?


Even $60 a year for their higher end one is a pretty good deal:

I've only tried OpenVPN on a VPS with lower specs. 128 MB was a bit tight, 256 MB worked fine. I don't think it requires much CPU power, it's basically just pushing around a few bits :P
If you want to try, I have a VPS (768 MB) that will expire in 4 months. I can install a fresh OS on it. I've never tried to run Bitcoin Core through my own VPN, so it would be nice to see results.
I've used a few of Racknerds offers on Lowendtalk, and so far I'm happy with them.

I run this site (http://addresses.loyce.club/) on one of their servers.

Thanks for the offer, but my servers are currently in a location where I have a dedicated IP accessible to the internet, and my VPN is running locally.  These days I'm only using my VPN to access my local file server, i.e. my own "cloud" storage.


I've saved the link, I'll have to keep them in mind next time I want to run a VPS.

Regardless of whether you have limited VPS resource, WireGuard is better choice these days if you use device which support it. WireGuard usually have faster connection, with less CPU and RAM usage (on both server and client side).