Nodes uses VPN to bypass /24 rule

I have another “elephant” to ask about. There are a few SNO’s who bypass the /24 limit by using vps systems and forwarding. Doesn’t this bypass the “spirit” of the /24 rule? If that bypass is acceptable to storj, what is the point in retaining the rule?

Who ever said that it is acceptable? The problem is that it is impossible to see if someone is using a VPN.

Running a storagenode behind a VPN adds latency. So will lose mare races against other SNO’s. VPN’s with portforwarding also cost money. So it is not as profitable as you might think.

1 Like

I can think of a couple of ways to raise questions at a minimum. If 200+ TB were tied to one wallet address would be one query for a start…

That would in large part be up to the auditor to determine I guess. Technologically speaking I would agree. But I can imagine this kind of new approach isn’t exactly part of their normal procedures. And they may be extra cautious certifying something like this.

It is… And unfortunately that last sentence is very true for these EU laws. They are in large part written in court cases and precedents, because they are often written with broad language and open to interpretation.

But being a test case for these laws is a very expensive thing… Question is whether Storj Labs would want to take on those legal costs.

But how would you exclude people who legitimately have access to multiple IP ranges?

2 Likes

Hence the "raise questions ". I didn’t say ban them immediately.

1 Like

It is possible to have multiple addresses, so it would just make Storj pay more transaction fees.

Also, how does someone prove they are not using a VPN? Or how does Storj prove that someone is using a VPN? I have two internet connections, I could run two nodes on the same hardware (separate VMs) and there would be no way to prove that.

i believe this is also technically in breach of the rules currently.

Clearly it is possible to prove someone is using a commercial vpn provider like Nordvpn since many other companies detect and block accounts using commercial vpn providers. I assume most likely the initial detection is via ip block allocation. Build your own solutions like Openvpn are a bit harder.

I also have two isp links here.

But this is getting away from my point. We have a rule, which some in the community are obviously breaking or at least breaking the spirit of but there are no ramifications for doing so.

What is the point of the rule then?

1 Like

I know of at least one instance where it is being done to a significant degree.

I think so, yes.

Like the previous one - how can you enforce it? Even if someone uses the commercial VPN providers with known IP ranges. Using them is not against the rules (for example if you are behind CGNAT), as least as far as I know.

So, let’s say someone has two nodes in different physical locations, but behind CGNAT. Using VPNs in this case would probably be OK.
The problem is that this is indistinguishable from someone using VPNs for two nodes on the same hardware.

Using multiple wallet addresses - again, while it may be against the rules, if two nodes have separate IPs and separate wallet addresses, it is indistinguishable from two nodes run by two separate people.

How much time and effort should Storj spend trying to track down whether the two wallet addresses belong to the same person or not?
Similarly, it may be possible to use statistics to figure out if two nodes are running on the same hardware and internet connection (because they would be offline at the same time), but to avoid that someone could randomly take one or the other node offline, so that the “common downtime” look more like a coincidence.

If it cannot be enforced, what is the point of it?

Why enforce it? The rule is clear, all nodes under the same /24 are threaded as one. Someone can read it as a limit per IP, but it’s up to your interpretation.

The rule as is, does not prohibit the use of VPNs. Also, the vpn bypass is not so great, the majority of providers are not economically viable and the cheapers are unstable and unreliable.

Operators who use such things are primarily driven by a mix of greed, stupidity, and ignorance. If their nodes actually started using the bandwidth, they would soon be disqualified by the audit system because their network will collapse. In my opinion, vpn are not a sustainable option for the long term.

If nodes were to use the bandwidth, not only those with VPNs but also the “legitimate” nodes with 100TB would be disqualified :sweat_smile:

So the real problem here are not the VPNs themselves, but the fact that some operators are overexpanding their operation more than they actually can manage (with or without vpn) because there are no heavy bandwidth usages.

1 Like

If it happened overnight, probably. However, if it happened gradually, my 24TB node would get nvme read cache, maybe more RAM and maybe bigger CPUs (depending on where the bottlenecks were).
Maximum egress my node has ever seen is 22mbps in 2020 and it handled that well. 100mbps may be a problem, depending on the access pattern (lots of files accessed once would be bad, a small subset of files being accessed a lot would be possible to cache). Right now egress is low, so there is no reason to wear out an SSD by using it as L2ARC (I use SLOG though).

I wonder how much egress a raspberry with a single drive can sustain :slight_smile: I remember raspberry nodes having problems with performance during the heavy tests (though it could have been SMR drives, less optimized node software etc).

By the way, you only need VPN (or rather, extra IPs) while the node is empty. When it fills up, you can put it behind the same IP as anothe node and egress will remain the same (since nobody will take the pieces away from the node, unless it fails audits).

In one of the AMA question after Town Hall I asked @jtolio about how many external IPs can we have, hi answered that we can have lot of them and if it will be a problem, Storj will deal with it. unfortunately it was long ago, and i don’t find this conversation anymore.

1 Like

Two business links into my basement, with a grand total of 7 IP addresses, each in separate /24s. For about $5/month I could add another 5 and with a bit of shuffling I could almost definitely get them into separate subnets too.

Not running any nodes, but thinking about it as I’ve got a couple of old 4U servers with room for plenty of drives, the boxes are virtually idle at the moment but need to be online.

I’m wondering if I’d be “allowed” to run 1 or 2? Shared power, but all other hardware and connectivity would be independent.

One power surge due to lightning strike somewhere relatively close (or fire, or flood, or burglary) is all it takes to take out all your nodes at once. That’s too much correlation.

The separate /24 subnets rule is a “good-enough” shorthand for “nodes not in the same place”. This works most of the time, except in rare cases, like yours. While you will not be violating the letter of the rule, you will be going against its spirit, degrading the network reliability. I would not do that.

2 Likes

But if that is a problem for a distinct node operator then it is a problem for the network as a whole already because it doesn’t matter who owns the node. What if 10-20 separate persons within a neighborhood or even city create storage nodes and then the same thing happens?

Or worse yet, a fair sized ISP in a city has router issues and takes down 20 nodes? Now this will eventually be fixed, but it could take hours.

It’s not going to be a problem for the network until it is massive scale. On Friday there was a power outage in the Netherlands that likely took down hundreds of nodes for 40 minutes. But I’m certain nobody even noticed. The network is built to deal with such things.

2 Likes

I have made some calculations and I come to the same conclusion, the network is safe from this.

Out of 16k nodes, the probability of selecting 80 of them in such a way that say 40 of them end up in the same neighborhood is really, really, really small.

Which means that if a group of people can run hundreds of nodes in a city, then a single person can run hundreds of nodes in a building and we’re good (more or less - the building can be permanently destroyed, but unfortunately so can a city)

Well, yes and no. This would be a compounding risk. They aren’t separate. But in my opinion, 5 or 10 IP ranges are not an issue.