I accidentally executed topologyupdater on the core node somehow and the core node is connected to not only my relay node but also other nodes…
Does anyone know how to fix this???
reference Guide: How to build a Cardano Stake Pool - CoinCashew
I accidentally executed topologyupdater on the core node somehow and the core node is connected to not only my relay node but also other nodes…
Does anyone know how to fix this???
reference Guide: How to build a Cardano Stake Pool - CoinCashew
You can simply overwrite the mainnet-topology.json with what it was before.
Hi thank you for your reply.
My topology file on the core node has only my relay addresses.
Is there any other file to look up???
This should be read regularily by the node. You could also restart the node when the topology file is fixed
The firewall on the block producer should also only be allowing your relay nodes to connect to it - filter by IP.
Can you show me how to filter the firewall on the command line? or it is already filtered? Sorry for the stupid question.
Hi!
After some time, the database of the topologyUpdater wont include your node IP address, so no one will connect to it…
Actually it is not a problem to have more relays connect to your BP along with your relay…
The problem is that BP port is accessible for anybody… not just for relays… so a security concern…
so, no it shows that you have two in connections… right now I dont know what undetermined means - maybe the bp node can not ping it, but that is not relevant now
So what you need to do is to create a firewall rule to just allow only IPs which corresponding to your relays…
https://docs.cardano.org/projects/cardano-node/en/latest/stake-pool-operations/node_keys.html#basic-block-producing-node-firewall-configuration
Hi @laplasz I need your help again…
I am really messed up this time.
I think I am locked out from the core node after I enable the firewall ufw [--dry-run] enable
… I cant ssh core node anymore.
Do you have any idea to solve this probelm?
Btw I am using GCP for cloud.
Thank you always
If you enabled ufw before adding the rules then you are locked out. Best would be to reboot in recovery mode. Check the guides of your host as there might be slight variation on how to boot depending on the host.
I recommended to read manual of ufw. It is really “uncomplicated”
Do you think it is possible to exchange my locked out core node to a new core node by using keys and certs used in my locked out one?
I think by registering a new BP I am running my stake pool successfully.
Yes you can do that but why not try to first recover the server ? It is a good exercise.
Also depending on your host you can connect to a console to make the changes on the server without using ssh and thus recovery boot is not needed.
Check your host for that.