I am exploring the concept of using Cloudflare Tunnels in relation to masternodes. As an alternative to a monthly VPS obligation, or several VPS monthly obligations, I want to explore the idea of using 8+ MiniPCs to host 8+ masternodes in the homes of family and friends.
I am not sure how to frame the question I want to ask, but …
Given that: a.) I would like to self-host masternodes that only use one specific TCP port, b.) that I have purchased one domain through cloudflare, c.) the MiniPCs will be scattered across the United States in the homes of friends and family, what would be the best course of action to take when it comes to Tunnels?
Must I purchase a unique domain name for each MiniPC, or will I be able to use sub-domains to distinguish them? Each of the MiniPCs will have a unique IP address (because each will be hosted in a different location), so is using tunnels to achieve communication between the node and the larger network even possible in the first place?
If your goal is to hide/protect/bypass NAT with by using the tunnel to expose a specific TCP Port, that won’t work if other nodes would want to connect without installing software.
Cloudflare Tunnels use Cloudflare’s normal proxy, which only supports HTTP Traffic.
If you wanted to expose non-http apps from your tunnel, the connecting client has to install some software. Either you can use
cloudflared: Arbitrary TCP · Cloudflare Zero Trust docs, or WARP Private Networking: Connect private networks · Cloudflare Zero Trust docs
Otherwise, if you just want to use tunnels to expose ssh or some service privately, or a web server, then they might work for you.
You can use subdomains for them, ex (home-pc-1.example.com)
Cloudflare has WARP to WARP, which would require using WARP alongside (or instead of) tunnels: Create private networks with WARP-to-WARP · Cloudflare Zero Trust docs
Each node could then communicate with another on a private network. The setup is a bit messy though on machines without CLI, and WARP to WARP, or Private Networking with WARP, etc, are all more meant for Client to Site (i.e someone VPNing into a private network in a datacenter) then Site to Site
Yes; the intended goal was to hide the 8+ distinct IP address associated with family and friends running the masternode from their home and instead broadcast the domain name in lieu of their numerical IP address.
I cannot imagine that clients (who in case are other users on the cryptocurrency network) will install any additional software, even though I, as the host would have things installed on my end.
Like I mentioned, I am in the brainstorming phase and will continue to scour the internet and/or wait for a superbrain to point out something missed or not yet considered.
Yea, that won’t work. Cloudflare does have products that can proxy arbitrary tcp/udp, called Cloudflare Specturm or Magic Transit, but you would need Enterprise for that use, and there’s no special integration with tunnels.
Outside of the scope of this forum, but you could potentially look into just having a single VPS and basically using it as a VPN for all of those nodes to connect back out through (Wireguard/GRE Tunnel). I’m not sure of the exact requirements of a cryptocurrency node though.
This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.