Do I need a public IP to have a pool?

Do I need a public ipv4 ip to have a pool ??
The dynamic ip that my internet provider provides serves ???
Do I need to configure something over IP?
I’m doing the first tests by virtualbox, will it work or do I need to configure something related to IP?

I believe you might be able to get away with a dyn-dns type resolution, but yes ultimately the other nodes in the network need to be able to REACH you. So it’s not just your dynamic IP that is the problem, it’s also firewall ports and the like.

Testing inside virtual box should work fine, but depending on your network bandwidth and host speed, this could be slow like you can’t believe.

I don’t generally want to crap on dreams, but it’s not for the faint of heart and a “good” setup for nodes is typically 2 relays and 1 producer - none on the same box and the producer locked down with no public accessible address… given the questions above I don’t think you need to worry about that for now. Just learn and move forward with the work you are doing and then come back once you have it running on mainnet :slight_smile:

If you need help locking your host or server down, I’ve been writing tips up for this here:
https://rkalla.me/tutorials/secure-linux-setup/

1 Like

And isn’t it so that the producer server needs a public IP adress, but the relay can get away with a private IP adres as long as the public one also has an interface in that private IP space?

I’m also trying to get a grasp on this specific topology ideal.

Oh no no, otherway around. You want to protect the producer like it’s a bank account. Ideally your producer is on it’s own server, completely locked down AND even better, accessible via only a local IP.

Then you’ll have on another server your Relay - your relay MUST be publicly accessible because other relays need to talk to it.

Then you connect your relay to your Producer… on the Producer, configure it to ONLY allow income connections, on the local interface, from the Relay.

I’m in the midst of writing a guide up on this and I’ll share it when ready, but the downside to running a stake pool is that there are about 200 ways to hang yourself on the security side ONLY because there are so many moving parts to keep secure.

Then you throw in 10 different sets of keys into this and it can be hard to grok in any one sitting.

Admittedly many many of the pools setup and hosting don’t follow these best practices and are “running just fine” - but I’d argue they just haven’t been hacked yet.

Reading the post from the Korean gentleman that had 1million ADA stolen (he posted his writeup here in the forums) should scare you straight.

1 Like

Thanks for the answer Riyad_kalla

@Riyad_Kalla - Hi Riyad, for POCing Cardano Stake Pool, I am thinking of running 1 BP + 1 Relay node on a single Cloud VPS. I was checking Contabo VPS spec as suggested in some other post in the forum.

However while ordering this VPS, Contabo asks for selecting an option for ipv4 addresses to be attached (1 is free, extras are paid).

So now I am wondering, How many minimum ipv4 addresses the VPS should have for running both BP & Relay Nodes on same VPS ?