Notes on running a full Bitcoin node
I started running a full Bitcoin node this morning, as a trial.
Since I already have an always-on home server, "Why?" is more of a "Why not?" I can make the network a little more resistant to a "51% attack" where a group (probably a mining pool) becomes large enough to threaten the consensus-based trust system.
Setup
My home server is beefy enough to host several services. Isolation is accomplished with containers which are bridged onto the home network. The router forwards the TCP port to the container.
The container was created with lxc's template system. One thing I
like about the Gentoo template (lxc-gentoo
) is that it
automatically mounts the host's portage directory into the container,
eliminating duplication of files and syncing effort. Here are the
advanced options provided by the template:
The -B lvm --fssize 100G
specifies that the root
filesystem is created with a logical volume as backing store. This
places hard boundaries on the container disk size.
I disabled the wallet
use flag, so the daemon runs with
no wallet. If the server or container are compromised, there's nothing
to steal.
Also the upnp
use flag is disabled. It's not clear
from web searches what behavior the flag enables. I think it causes
the daemon to advertise its service on the local network. However,
some folks think it signals the home router to automatically open its
firewall port 8333, so that I don't have to manually configure the
port forwarding on the router. This last thing seems certainly wrong,
but either way it's a feature I don't need.
Status
Eight connections are the daemon connecting out to receive data, and so the remaining 26 are me dishing out data to the network.
I will cease to host the node if I encouter any adverse effects. I have been streaming Netflix and Pandora, however, and haven't noticed any kind of latency or breaks in the stream. So far, so good.