Two servers needed now?

From what I understand, you now need at least two servers:

  • block producing node
  • a relay node

Source : https://github.com/input-output-hk/cardano-tutorials/blob/master/node-setup/topology.md

Which means that the minimal hardware requirement has doubled ? Am I right ?

Yes, thank you for trying to help me …
I perfectly know how to build a single node …

But I think they do expect us to run at least two servers for security reasons:

I am wondering if it make sense for an individual to run a pool ? Isn’t Cardano stacking pool system aimed at average server farms ?

1 Like

Your right, my apologies I should stay clear of subjects that I have no business being in :metal:

I’m no expert either, but you’ve been waiting a while so until one comes along, my opinion FWIW: you should be able to run two (maybe more) nodes on one machine, reqd specs might be higher but probably not doubled. (This is from general IT experience, not specific Cardano knowledge.)

Stricto sensu you can run a single node and connect it to others on the network. However, this has the disadvantage to publicize your server and the core node within it.

The proposed architecture is to run a core node that allows connections only to one or more relays nodes that you control. In such a setup, your core node will firewall everything except the relays connections. This hardens substantially your security and only relays could fall to DDoS attacks and penetration attacks.

Also, note that the core node would only carry “hot” secrets that can be revoked anytime through the use of “cold” keys. These cold keys should never be on a connected machine - ever.

1 Like

I got that already, the question would rather be, is that mandatory or strongly suggested if we want to get elected to produce any new block ? Didn’t find any info about that …

block election is irrelevant here, as it is based only on controlled stake and not your network specificity :slight_smile:

So making the network more secure is not rewarded, that is strange …
I guess then, it’s for my own interest to make it more secure then … so I do not loose my pledge …I think I get it finally …

your pledge is never at risk, as delegated ada. As long as the private keys for spending are safe, no one can access them. Even after penetrating your server.
The incentive for you is to keep your node running 24/7, otherwise delegators will simply go away. That is your incentive to run it with some security baked in.

As 2 servers are now needed, do we need to have 2 physically separated servers or 2 VM are allowed ?

I’m investigating to use Proxmox that seems very interesting to have several VM, 2 for Cardano and 1 for a small personal website and 1 for a bot.
I wonder if the security that seems pretty good of Proxmox has been assessed by someone already.

And don’t forget the people who stake with you.
I’d like to think that pools not employing recommended best practices would become naturally marginalized by the community and investors alike, in terms of their share in the network.

I presume that these considerations would make enforcement on the protocol redundant.

I think they should’ve make it slightly more complex and don’t publish any guides at all. Keep the knowledge for those who worthy :slight_smile:

I have my pool on ff up and running smashin’ blocks along with the 200ish other pools.
We don’t need more competition. I see sky, I see bcsh and other old timers. We will also be the very first to make our pools on the mainnet. Our poolz will be already 1 click away from setup an hour before Shelley mainnet launches.

I think noobs have no chance to set their pool up even if there are step by step guides because they don’t understand simple basic things like port forwarding. That guide published would never work if you bind your relay nodes to localhost and no external peers can connect to them but I mean you need at least a tiny brain to figure that out.

Aione, you obviously understand nothing about the philosophy of this technology and ironically seem to intimate that you share the same mentality of those who perverted western economics enough to foment alternatives like Cardano in the firstplace. If you have a mirror at home you might want to take a long stare in it and pontificate your purpose in this world.

4 Likes

Welcome @what_username!
At first I was like, this guy’s first post, and already so negative :confused: .
I believe we should strive to explain ourselves, rather than banish outsiders, or those who think differently. The bulk of the future network when adopted will not be ideological.

But then I saw

And I was like, sure, go right on ahead.
Stay positive folks!

1 Like

I know of only three to four persons who would be able to run a pool without any documentation at all. Being dismissive is clearly not in the list of things that comes to mind if I had to describe them.

For the people by the people :fist:

To reply to my own question 2 links :
https://www.google.fr/amp/busy.org/@evopdx/installing-linux-server-on-proxmox-cardano-shelley-test-node-for-staking/amp

In fact one same info ! The 2 links refer to the same post presented differently

I think is not mandatory to have two server.
I’ve two cardano-node running on the same server on HTN, one producer and one relay, on different ports, and the firewall expose only the relay node port.
Plus the producer is binded on the 127.0.0.1 addr so is not accessible from outside.
I’ve Forged few blocks.
A good guide could be https://cardano-community.github.io/guild-operators/Home.html
Once synced they use very few CPU.

3 Likes

While it does not directly affect block production (and not mandatory like you said), it is against best practice and decreases security.

From a security perspective, it does not make much sense to have a relay and a core node on the same machine even if you allow only connections from localhost, because the core node exposes already your ports and IP address and a for example a denial of service attack would always hit the performance all nodes on that machine.

The only advantage I see would be if you could change the core nodes depending on the tip, similar to the Rust Testnet. But I’m not sure if this function is also available in the Haskell testnet or if this is even needed on the Haskell side.

1 Like

Are you sure about this? Cause I would imagine a decentralized network would benefit more from high availability servers with low stakes then low availability servers with high stakes