In the previous article we saw how to setup a Near protocol full RPC node. The node will sync only if you are not behind a firewall or behind a network like a CGNAT (the TCP P2P port has to be exposed). In this article we are going to see how to have Near protocol node synchronized behind Starlink (I.E. behind a CGNAT).

We are going to use a tiny VPS that will act as proxy TCP proxy (or P2P tunnel).

Local Node (Starlink)
        |
        |  TCP P2P to VPS
        v
VPS Relay (1 Go RAM, Public IP)
        |
        |  TCP P2P to Mainnet NEAR nodes
        v
     NEAR Mainnet

VPS setup

The VPS listen to 24567 and redirect to the local node via a SSH reverse tunnel

sudo apt update && sudo apt install socat -y

socat TCP-LISTEN:24567,fork TCP:localhost:24567

Local Node

ssh -R 24567:localhost:24567 [email protected]

Near node config

Edit vim ~/.near/config.json and change:

"boot_nodes": [
  "v2.near.org:24567"   // your public VPS IP + TCP port
]

autossh

To keep the ssh connection always open you can use autossh.

sudo apt update
sudo apt install autossh -y
autossh -M 0 -f -N -o "ServerAliveInterval=30" -o "ServerAliveCountMax=3" -R 24567:localhost:24567 user@VPS_IP

or use a service via sudo vim /etc/systemd/system/near-tunnel.service

[Unit]
Description=NEAR reverse SSH tunnel
After=network.target

[Service]
User=olivier
ExecStart=/usr/bin/autossh -M 0 -N -o "ServerAliveInterval=30" -o "ServerAliveCountMax=3" -R 24567:localhost:24567 user@VPS_IP
Restart=always
RestartSec=10

[Install]
WantedBy=multi-user.target

sudo systemctl daemon-reload
sudo systemctl enable near-tunnel.service
sudo systemctl start near-tunnel.service
sudo systemctl status near-tunnel.service