Re: [25+PH] Kano CKPool kano.is 0.9% PPLNS US,DE,SG,JP,NL,NYA
Since the firewall you use only works with IP addresses in the rules, maybe allow your miners to 8.8.8.8 and 8.8.4.4 port 53 for DNS? Set your miners DNS to those 2 IP's, then you wouldn't have to worry next time an IP changes. Just throwing out options for you..
That won't work for him either. The shortcoming (not going to say problem) is that the firewall would need to do the DNS lookup at the time it boots (and maybe periodically to refresh) to determine what firewall rule to put in place and it doesn't support that.
The "fix" would be to allow all outbound traffic to TCP port 3333, but that would open him to up his miners being able to connect to pools he doesn't want them to (which I would assume is what is trying to be prevented).
Yep, that is 100% the problem. The problem isn't name resolution, it is I want to control what outbound connections the machines on my network connect to. With tons of machines running all types of god knows what on them (I am not talking about cgminer
, I don't want it to be a free-for-all. Basically, I trust them to make outbound connections to any server Kano sets up (and to a few other places), but not to anywhere else. Thus, the need to use the IP address of the pool server as it can not be done by name (stratum.kano.is). As I said before, I like to lock everything down as much as possible! It makes some things more of a pain, but I like to sleep at night Thanks for the input guys!