Can my Storage Node's IP be discovered by others?

rm1 · May 26, 2022, 7:07pm

I’m not a fan of exposing my IP through port forwards. I use reverse proxies and Cloudflare proxy DNS for everything else I host on my server. I can’t seem to get QUIC to work through my current setup without turning off Cloudflare’s proxy function. Unfortunately, this exposes my IP.

I’m not a front-end Storj user so I’m unclear what interfaces/APIs are available to the public. Is my IP secure from others? Or is this more like a torrent type thing where by jumping in the pool everyone can see who I am?

Toyoo · May 26, 2022, 8:25pm

Yeah, pretty much this. Well, not “who I am”, but each customer can so far easily map all IPs with nodes that still have free space and recognize their vetting status by just trying to upload to the network enough data.

rm1 · May 26, 2022, 8:55pm

Bummer, that’s a huge turn off. Might have to dig deeper to figure out how to get a regular or reverse proxy to work.

KernelPanick · May 26, 2022, 10:37pm

Proxying this data through the cloud may have the risk of high cost. You could roll your own at a provider that is liberal with data limits.

Cloudflare won’t let you get away with big data on the free tier. I’ve tried with some other projects. Unless i was doing something wrong, it seemed like they’d cut the link if they noticed lots of bandwidth.

rm1 · May 26, 2022, 10:55pm

Yes, considering the VPN route now.

nzdk · May 31, 2022, 5:34pm

Any informed guesses on how much they will tolerate on the free tier? 100GB? 50GB? 500GB? Just curious.

deathlessdd · May 31, 2022, 6:35pm

It doesnt really matter you cant forward TCP/UDP with cloudflare free anyways only http/https and its only a few ports they do it on. And you need enterprise account to be able to forward TCP/UDP ports.

KernelPanick · May 31, 2022, 8:57pm

also, if you consider obfuscating the traffic all into https with a reverse proxy or such, it seems like that also gets shot down really quick. I’m not sure how they capture it, but it’s doing a great job at not allowing larger and consistent transfers, other than the simple web page or two.

Linode in USA is pretty generous with Bandwidth. 1TB on $5/mo plan, 2TB for $10, etc.

arrogantrabbit · November 28, 2022, 4:25am

Old thread but somehow popped up in my feed.

Oracle cloud always free tier comes with 10TB of monthly bandwidth. I intend to rely on this in the “in between ISP use mobile hotspot” situation.

Why though? It all means “someone at this IP hosts a storj node”. What can be done with this information?

Alexey · November 28, 2022, 7:30am

For example, if you publish your dashboard without protection, someone can take your personal information and create relation between NodeID and wallet.

arrogantrabbit · November 28, 2022, 10:26am

Well, this requires actively exposing internal web UI to the internet. And then your ISP issued IP makes no difference: doing so over, say, VPN tunnel still reveals the node id and wallet association just the same. I.e routing via vpn makes no difference in this scenario.

It looks to me that the only valid reason for using a vpn tunnel is to workaround GCNAT. Any other reason I can think of are not legitimate (I.e. working around ISP ToS on hosting services or storj ToS on nodes per /24 segment)

Node IDs are not secrets, wallet IDs are also public, IP is public. So, whats to hide?

What am I missing here? Why should I be protecting these identities?

Alexey · November 29, 2022, 4:08am

It is up on you, I just need to warn people, if they concerned about privacy.

Using Big Data and AI, you can track to the end user, if needed. So less data you expose about you is usually better for privacy if you care.

MattJE96011 · November 30, 2022, 8:03am

Also remember that proxying, however you do it, uses twice the data on the proxy / vpn server since all traffic flows in both directions. Might not be so great in the end…