Page cover image

Adapting to Russian Regulations

The Problem

A significant portion of the machines on CLORE.AI are located in Russia, primarily due to the availability of affordable energy.

Different services, even connections to general purpose virtual/dedicated servers in other countries might get blocked from some Russian ISPs, CLORE.AI is distributed permissionless network having many hosts, that are using residential/business internel connections in Russia, which depending on the Internet Provider might be restricting access to non standard protocols like

  • stratum+tcp / stratum+ssl

  • websockets

  • or even any TCP/UDP connection from some hosting providers

Mainly because of automated firewall, that tries to prevent connections to VPN services and non standard protocols/general purpose server might be flaged as such

In some cases even the domain might play a role for https traffic shown for example in post probably because of SNI header mentioning non-ru domain on the request (in TLS under version v1.3)

The reality is very specific depending on many factors, that are not fully publically known, this article can provide you with help mitigating false positives in blocking your connections

Good to know

In GigaSPOT snapshots, the country code is specified in ISO 3166-1 alpha-2

Solutions

Connections to public mining pools

When using public mining pools, try to use stratum hosted in Russia for connections on machines located in Russia, which can be determined by country code shown for each machine in GigaSPOT market in ISO 3166-1 alpha-2 format. Important to say, some machines in russia lately have been having Kazachstan "KZ" IP address, so they are reported as KZ, it's generarly safe to assume all KZ as RU and use same configuration for both

Connections to my websocket / http / https service

For example you might have your own host for serving scripts and files for deployments on GigaSPOT, protecularly useful for running workloads from Ubuntu Base Image

In such cases i might recommend to put your host under cloudflare proxy, which is generarly accesible. We have seen cases, where websocket API for example under cloudflare got restricted access from some Russian Internet Providers, it's not likely to happen, but obtaining .ru domain helped

Also you can try setting up the host in Russia, great option might be https://pq.hosting/ which accepts cryptocurrency payments.

Checks inside container

You can setup checks and have separate endpoints for machines in Russia and outside world and start your workload acordingly depending which endpoint it can reach, here it's impossible to give a guide, as implementation might be very different for different workloads.

Rules when deploying

You can make your bot deploy 2 variants of your workload, that can be adjusted maybe by ENV, different image, entrypoint... To differentiate Russia and outside world. As mentioned previously some Russian machines show up as Kazachstan "KZ", it's safe to assume Kazachstan as Russia for this purpose.

Final word

While at the moment majority of machines in Russia don't have such issues with restricted connections, it isn't rare to happen and it's better to be prepared to prevent financial losses.

Ideally use some of the mentioned tricks or you can try to sustain blacklist of machines, hosts that fail to work properly, which can be cause by these restrictions

PreviousDeploying on GigaSPOTNextTeam

Last updated