Okay Guys and Gals, if you care about privacy and you’re running a local home node, I wanted to share a VPN setup that I have been using and testing for some time with my Validator. It seems to work well. It costs me about $5.50/mo; well worth it in my opinion. Okay, here we go:
Set up an account at mullvad.net (your choice if you want to do a reoccuring plan or pay monthly (you can even use crypto if you so choose)).
Install the CLI version of the Mullvad client on Ubuntu by following these directions: https://mullvad.net/en/help/install-mullvad-app-linux/
Specify your account, Select a location, and Select a specific WireGuard server by following these instructions: https://mullvad.net/en/help/how-use-mullvad-cli/
Turn on WireGuard by typing:
mullvad relay set tunnel-protocol wireguard(as specified in the following instructions: https://mullvad.net/en/help/cli-command-wg/ )
Go into your mullvad.net account and assign your automatically created key a port forward to the same country and city that you assigned to your Validator above (as specified in the following instructions in the Adding a Port section: https://mullvad.net/en/help/port-forwarding-and-mullvad/ )
Go into your Avalanchego service startup file (
sudo nano /etc/systemd/system/avalanchego.service) and update your startup to include
--public-ip=xxx.xxx.xxx.xxx --staking-port=xxxxx. Your IP address for Avalanchgo will be the address after running this command: ‘curl https://am.i.mullvad.net/connected’ and the new port will be the one that mullvad.net assigned to you, which is the numerical digits in the Active Ports section in your account. (Please note: The curl command above may only work when Mullvad is running. I haven’t yet tested if it works works when Mullvad isn’t running). (Be sure to
sudo systemctl daemon-reloadwhen done updating) Alternatively, if you do not start Avalanchego with a service, be sure to add the previous parameters when we restart Avalanchego later. I noticed that the
--dynamic-public-ipparameter does NOT work in this setup once Mullvad is running. It breaks the startup of Avalanchego. It looks like the lookup to opendns doesn’t work/breaks so it won’t let Avalanchego start.
Important–before connecting the VPN! Enable LAN access for Mullvad if you’re remoting into your validator using Putty or something similar, otherwise you’ll be locked out and can only access your machine via the physical terminal, by following the instructions here: https://mullvad.net/en/help/how-use-mullvad-cli/
Type the Connect command for Mullvad (
Restart your Avalanchego service, or if you’re not running as a service, restart Avalanchego with the new paramaters above. Again, don’t use the
--dynamic-public-ipparameter otherwise it won’t start.
Check everything out to be sure it is all working. You can check Mullvad by typing
mullvad statusper the following instructions: https://mullvad.net/en/help/how-use-mullvad-cli/ . Check that other Validators can see and is talking to your Validator (which they should be able to assuming the port parameter matches what is being port forwarded to you from Mullvad, and the public ip paramaters matches the printout of this command:
If you’re happy with the setup, go ahead and set up the Mullvad Auto-connect on start-up by typing
mullvad auto-connect set onper the following instructions: https://mullvad.net/en/help/how-use-mullvad-cli/
For those of you who run a local home node, and were looking for somthing like this, I hope you found this small How-To helpful! Good luck =)
***Edited to update what your node’s IP address should be.