Hey everyone. Working to setup a new unregistered relay for DDos protection. Used the CoinCashew guide. However, I currently have 38 outgoing peers & 0 incoming. My block producer now went from 1 in 1 out, to 1 in 2 out.
My goal is to of course have the 2nd relay show incoming peers and have the block producer show 2 in 2 out. I have not registered the relay or updated the pool.cert in any way, I want the IP to remain hidden. Any suggestions?
check if the cnode set on startRelay script match with the cnode port which is set inside env file (default is 6000)
then check if you opened the port in firewall to accept connections from any
You either run topology script or register in blockchain your relay or hopefully both. If you did none of this, then nobody will know about your relay existence and nobody will connect.
For hidden relays you need to run topology script, if you are running that, then you need to make sure that port is open to outside world. Check your topology updater logs too.
Hey Alex, telnet Relay_IP 6001 gave an error message when input on my BP. I changed all the ports back to 6000 in the env, relay topology, mainnet topology, and startrelay files. Still no incomings. I am sure this PC is port forwarded for both external and internal on port 6001.
My BP’s topology is aimed at my other relay’s IPv4 at port 6000 and this relay’s IPv4 at port 6001. GLiveView on the producer shows port 6000
Yes I have let it fully sync with each test and port 6001 registers as open. However, on gliveview the relay port still shows as 6000 even at full sync (when it should be 6001 since my first relay is using 6000).
The relay I am attempting to setup is on 1.33.0 whereas my BP and 1st relay are on 1.31.0 still, i wonder if that could be the issue
I don’t understand the reasoning, here. It’s a second relay on another machine with another IP, isn’t it? Then, it can use the same port. They would only be conflicting if on the same machine.
But it would still be visible to all the other nodes that you want incoming connections from, wouldn’t it? They obviously can’t connect to your relay if they don’t know your IP.
This worked partially. I now have 1 incoming connection on the relay and 2 out 2 in on the BP. I did this by switching the 2nd relay’s ports to 6000 as well, then closing the 6001 port as it is no longer being used.
My router allows ports to be opened only for specific machines and I had already opened 6000 for my 1st relay. Naturally I assumed a 2nd port would need to be opened for a 2nd relay. I guess this is not the case (unless the relay is outside of network?)
I’m going to continue working with it to try to get those incoming connections up, any suggestions would be appreciated. Thanks.
Then, you’re right that they need different ports on the router. On the router, you can configure to forward that other port to port 6000 on your relay.
But, then this whole endeavour seems to make no sense, anyway. Both (it’s both relays or the block producer and the second relay or even all three?) will have the same public IP (the one of the router). A DDOS will hit your router and the second relay behind that router will give you next to nothing.
My goal is to build the 2nd relay (get it all ready) on my home network then bring it to a friend’s house 20 minutes away. I’ll pop open his port forward and register that IP for the stake pool. This way, my local BP and relay node IP address will remain anonymous and any DDOS attack would hit non-local relay, while my 1st relay and BP would remain unaffected. Is this possible? I may be approaching this the wrong way…
PS: love your shirt in profile picture lol. TNG is the best