KanoPool since 2014 🐈 - PPLNS and Solo 0.5% fee - Worldwide - 2438 blocks

[daemondazz]

Since the firewall you use only works with IP addresses in the rules, maybe allow your miners to 8.8.8.8 and 8.8.4.4 port 53 for DNS?  Set your miners DNS to those 2 IP's, then you wouldn't have to worry next time an IP changes.  Just throwing out options for you..

That won't work for him either. The shortcoming (not going to say problem) is that the firewall would need to do the DNS lookup at the time it boots (and maybe periodically to refresh) to determine what firewall rule to put in place and it doesn't support that.

The "fix" would be to allow all outbound traffic to TCP port 3333, but that would open him to up his miners being able to connect to pools he doesn't want them to (which I would assume is what is trying to be prevented).

[clgrissom3]

Block by buzzsport!  Welcome to the Acclaim Board with your 1st Kano block!    This is our 1st of the day! 

[bit2255]

Nice job Buzz.. someday I too will be on "the board"!

[dance191]

Since the firewall you use only works with IP addresses in the rules, maybe allow your miners to 8.8.8.8 and 8.8.4.4 port 53 for DNS?  Set your miners DNS to those 2 IP's, then you wouldn't have to worry next time an IP changes.  Just throwing out options for you..

That won't work for him either. The shortcoming (not going to say problem) is that the firewall would need to do the DNS lookup at the time it boots (and maybe periodically to refresh) to determine what firewall rule to put in place and it doesn't support that.

The "fix" would be to allow all outbound traffic to TCP port 3333, but that would open him to up his miners being able to connect to pools he doesn't want them to (which I would assume is what is trying to be prevented).

Yep, that is 100% the problem.  The problem isn't name resolution, it is I want to control what outbound connections the machines on my network connect to.  With tons of machines running all types of god knows what on them (I am not talking about cgminer , I don't want it to be a free-for-all.  Basically, I trust them to make outbound connections to any server Kano sets up (and to a few other places), but not to anywhere else.  Thus, the need to use the IP address of the pool server as it can not be done by name (stratum.kano.is).  As I said before, I like to lock everything down as much as possible!  It makes some things more of a pain, but I like to sleep at night

Thanks for the input guys!

[-EOS-]

Since the firewall you use only works with IP addresses in the rules, maybe allow your miners to 8.8.8.8 and 8.8.4.4 port 53 for DNS?  Set your miners DNS to those 2 IP's, then you wouldn't have to worry next time an IP changes.  Just throwing out options for you..

That won't work for him either. The shortcoming (not going to say problem) is that the firewall would need to do the DNS lookup at the time it boots (and maybe periodically to refresh) to determine what firewall rule to put in place and it doesn't support that.

The "fix" would be to allow all outbound traffic to TCP port 3333, but that would open him to up his miners being able to connect to pools he doesn't want them to (which I would assume is what is trying to be prevented).

Yep, that is 100% the problem.  I want to control what outbound connections the machines on my network connect to.  With tons of machines running all types of god knows what on them (I am not talking about cgminer , I don't want it to be a free-for-all.  Basically, I trust them to make outbound connections to any server Kano sets up (and to a few other places), but not to anywhere else.  Thus, the need to use the IP address of the pool server as it can not be done by name (stratum.kano.is).  As I said before, I like to lock everything down as much as possible!

Thanks for the input guys!

Now you have me curious..   What kind of firewall is it?

[kano]

Since the firewall you use only works with IP addresses in the rules, maybe allow your miners to 8.8.8.8 and 8.8.4.4 port 53 for DNS?  Set your miners DNS to those 2 IP's, then you wouldn't have to worry next time an IP changes.  Just throwing out options for you..

That won't work for him either. The shortcoming (not going to say problem) is that the firewall would need to do the DNS lookup at the time it boots (and maybe periodically to refresh) to determine what firewall rule to put in place and it doesn't support that.

The "fix" would be to allow all outbound traffic to TCP port 3333, but that would open him to up his miners being able to connect to pools he doesn't want them to (which I would assume is what is trying to be prevented).

Yep, that is 100% the problem.  The problem isn't name resolution, it is I want to control what outbound connections the machines on my network connect to.  With tons of machines running all types of god knows what on them (I am not talking about cgminer , I don't want it to be a free-for-all.  Basically, I trust them to make outbound connections to any server Kano sets up (and to a few other places), but not to anywhere else.  Thus, the need to use the IP address of the pool server as it can not be done by name (stratum.kano.is).  As I said before, I like to lock everything down as much as possible!  It makes some things more of a pain, but I like to sleep at night

Thanks for the input guys!

If you add one of my DNS servers it will only resolve domains I manage - and thus the only domains that have anything to do with mining being kano.is/kano.space
I have 3 DNS servers for those domains (a 4th one soon in china when I get around to setting it up)
I run my DNS servers - and mail servers and web servers and ... everything

However, if you're concern is MITM DNS redirection, then as I mentioned before, using proxies means that if you do need to change where they point, you only need to change the proxies you are running (and the firewall), not all the miners, since the miners would all point to the few proxies and the proxies would decide where they are mining. Of course that could all still be IP address based as you're currently doing, and the proxies would of course be in there with the miners, not outside somewhere.

Edit: you could then make your firewall rules even more specific, only allowing the proxies to talk to the pool/pools

[kano]

...

Now you have me curious..   What kind of firewall is it?

Not attempting to answer his question, but, on linux a firewall is just a set of iptables commands (and other optional stuff like tc and ipset)

Most people on linux tend to believe that there's some magic to that and allow standard packages to decide those rules, but in general it's quite straight forward to add your own iptables rules to an existing one, or even do your own one from scratch.

While routers do usually let you decide the rules in them also, I'm not one to trust a router to decide the actual rules in an environment I'd want secured, since you need to spend a lot of money on a standard router if you want to have something that's reliable in that area ... e.g. my home configuration is a linux box as a router (12G ram, raid1 SSD, old i5) that talks bridge mode to the internet connection and of course the firewall is scripted by me

[kano]

Block by buzzsport!  Welcome to the Acclaim Board with your 1st Kano block!    This is our 1st of the day!  

No idea what that miner was, quite an old cgminer version
But awsesome luck - an ~660GHs long term miner

[clgrissom3]

Block by buzzsport!  Welcome to the Acclaim Board with your 1st Kano block!    This is our 1st of the day!  

No idea what that miner was, quite an old cgminer version
But awsesome luck - an ~660GHs long term miner

That is cool!  When I saw the 660, my brain saw TH/s instead of GH/s.  That block hit was impressive!

[kano]

If you look at my K.Workers on the web site, you'll see I've fired up a 741 A7v2 at home now (removing the A6 due to power limits of course)

It'll be running for about the next hour or so until it's miner-off time for all my miners (as the K.Graph shows I do regularly)
Then back on again later as usual when I turn my miners back on after the peak electricity is over.

Provided by Canaan

[kano]

What should I use as my minimum difficulty for my s7s and s9s?

There's no actual reason to set it at all unless there's a problem with your miner.
The pool will set it to a reasonable value.
The minimum difficulty wont affect your expected reward other than variance, which can be up or down, but is random.

Older Bitmain miners would show wrong stats if the diff was a power of 2.
I think they may have fixed that particular problem some time ago.

Why is the invalid% for only one of my s7s like 1.5% compared to another s7 which is 0%?

Click on the "Show Details for Invalids:" checkbox to find out why.

Looking at your stats, it's random.
You need to mine for a while before paying too close attention to small variations - in this case they've already both changed if you look again.

[philipma1957]

also, my s7s were running 4.8 TH/s when i first started using this pool but have somehow gone down to 3.8 TH/s after like 30 minutes. Why is this? This never happened on slushpool. Sorry for the nooby questions, as I am a noob. I've noticed that my share rate has also now become higher than my hash rate?

dont micro manage.  give it 3-5 days

[VRobb]

also, my s7s were running 4.8 TH/s when i first started using this pool but have somehow gone down to 3.8 TH/s after like 30 minutes. Why is this? This never happened on slushpool. Sorry for the nooby questions, as I am a noob. I've noticed that my share rate has also now become higher than my hash rate?

dont micro manage.  give it 3-5 days

Indeed phil is right. You're looking too closely at the variance, which will always be there. Long term averages matter on a 5ND timescale.
You've come to the right pool.  Set and forget is my motto! 
Mine on!

[beltsniffer]

Block by cryptifi!

[kano]

Block by cryptifi!

S9v1 - but probably an R4?

[VRobb]

Block by cryptifi!

Nice, first block by cryptify on the acclaim board! That's cripticalifragilistic!!  
See, set and forget!
Mine on!

[Make-A-Buck]

Block by cryptifi!

S9v1 - but probably an R4?

YES! Judging by the name anyhow... (cryptifi.AntminerR4-1)
Confirmed Block Found by an R4!
Hope my R4B2 finds a block for us soon.

[usukan]

To be perfectly honest - this lower hashrate has been kind to us.

[kano]

Over the next hour I'm switching the web over to the new server - it's now separate from the main server.

Since it's just a DNS change, you'll be using the new one after your DNS you use updates.
Both will keep working until I do the final back end switch, so if your DNS provider is slow or breaks the rules (which is not rare) it'll be ok anyway.

I've still got more testing to do on the new back end server, so I'll post again once that's complete and then will say when the 5 minute outage will be.

[usukan]

Over the next hour I'm switching the web over to the new server - it's now separate from the main server.

Since it's just a DNS change, you'll be using the new one after your DNS you use updates.
Both will keep working until I do the final back end switch, so if your DNS provider is slow or breaks the rules (which is not rare) it'll be ok anyway.

I've still got more testing to do on the new back end server, so I'll post again once that's complete and then will say when the 5 minute outage will be.

the website is dead - is this related?