Running a full node with PrivateInternetAccess

[e4xit]

Has anyone been able to run a full node (ports open) using Private Internet Access? I would like to run one but am having trouble getting the ports forwarded. If anyone has done this successfully I would appreciate any help in the way of the steps involved.

OS X
Core 0.10.0
PIA client
EE Brightbox 2 via ethernet

I can easily open ports on my router, but PIA 'assign' a random forwarded port number to me (see PIA Forum or pfsense forum to see how "easy" it is to do), which I don't think you can configure Core to use, or can you>?



Thanks.

[1715646004]

1715646004

[Cryptowatch.com]

I assume that by Private Internet Access you mean you're running your internet connection through a VPN. Furthermore I understand that you want to run a full node on your local machine through this VPN connection.

Now, I don't have any experience with PIA in particular, but if you're able to make a ssh tunnel/forward through the VPN connection, you could simply use that. It's possible to get a VPS quite cheaply, and you could use that as the public facing ip for the node while in reality it just is a forwarder to your local machine.

PC node <-> VPN <-> VPS proxy <-> Random connecting node

The advantage would be that your ISP cannot easily see that you're running a node, as they only see the connection to the VPN you're connecting to, but not what goes trough it. Now, if PIA is a subdiv of GCHQ, they could probably atleast see all cleartext communication, so adding a ssh tunnel would not be a bad idea.

As for the chance of opening ports on the VPS, you have to consult the PIA docs, however if you're acessing a shared VPN-server (no dedicated ip), then it will probably not be possible for you to have a port opened for you. Maybe it's technically possible, but I doubt PIA would allow it. Now it also depends on what your goal is, if you just want to sync the bitcoin client of yours, it should be possible, however the inbound connections is what's the problem here. However as mentioned initially, if you can get a cheap VPS, then you could just run all traffic trough that, you might have to set up a reverse ssh tunnel for it to work, but it's quite possible.

[grue]

Code:

  -port=<port>           Listen for connections on <port> (default: 8333 or testnet: 18333)

although you'll have to change it every time you reconnect.

[A10010]

Does PIA allows you to port forward?

Usually it is a an extra and you have to pay a bit more for that.

[Cryptowatch.com]

Code:

  -port=<port>           Listen for connections on <port> (default: 8333 or testnet: 18333)

although you'll have to change it every time you reconnect.

It should be possible to write a wrapper script for this.

[grue]

for the record this is terrible if you want to help the network. peers only make 8 outgoing connections, and they choose randomly from a set of ip/port pairs stored in peers.dat. It's very likely that by the time someone wants to connect to you, your ip and/or port has already changed, so no one would be able to connect. Also, non-standard ports have less priority than standard ports, because they only get used if more than 50 connection attempts from peers.dat has failed.