I wanted to figure out once and for all what works on a home BP and an AWS relay.
So I got rid of all connected devices to my LAN except my BP and my router so I could just focus on the communication between them.
Home router has IPv4 enabled, IPv6 disabled, no firewall for IPv4, just port forwarding available for IPv4 to set up to allow my router to forward packets from external IP of relay to internal IP of my BP on port 3000.
AWS relay instance uses firewall (AWS calls it ‘security group’) where the only relevant traffic allowed in is from my home’s external IP in which the subnet mask must be included. In other words, when I choose “My IP” from AWS’s drop-down menu, AWS sees only my public IP address in the form p.p.p.p/24, which is basically my public IP plus the /24 indicating which IP addresses are reserved for use for my devices on my home network/LAN.
Anyway, I’m running Ubuntu Desktop 20.04 LTS.
I disabled the ufw firewall on my BP for this test so it wouldn’t interfere with the experiment.
AWS relay uses cardano-node version 1.19.0, and home BP uses 1.18.0
AWS relay runs on AMI Linux or simply Amazon Linux - don’t recall which version.
I have a 3rd-party (non-ISP) ASUS router - don’t recall model.
All testnet-topology files used for this test were left unchanged, using external IP’s only.
No changes needed to be made to the AWS firewall nor my home router’s port-forwarding because AWS only sees my IP in one particular way and my BP works fine with its internal forwarded, so I left the internal port forwarding IP as is for the duration of the test.
The only changes made during this test were to the start-up commands for the nodes, changing the host address in the start-up command of the BP and relay to one of the three of the following options:
e = external IP, i = internal IP, and 0 = 0.0.0.0 address
So the following table indicates that out of the 9 possible configurations, 4 of them worked! The working configurations are indicated by WW.
So, for example, if you look at the first column, second row, this is the configuration:
BP using external IP, and relay using internal IP corresponds to the cell WS which means the BP node works fine, but the relay node has a subscription issue (the relay can’t receive info from the BP node).
The best outcome is WW where both nodes work (run and receive info from one another).
That happens in 4 of 9 configurations: BP and relay both using internal IPs; BP and relay both using address 0.0.0.0.0; BP using internal IP, relay using 0.0.0.0; and finally BP using 0.0.0.0 address, and relay using internal IP.
Now things get strange. If you disable port-forwarding on the ASUS router at home, you get the following map where things work better now than before. You get 6 working instances:
AWS relay only has firewall enabled, but installing port-fowarding on AWS instance requires a significant amount of work : https://aws.amazon.com/blogs/mt/amazon-ec2-instance-port-forwarding-with-aws-systems-manager/
Enabling port forwarding on AWS relay might give you a worst outcome than the following two maps, so I won’t try to speculated as to which nodes would work under these ciruclstance.
Whether you can get configurations to work might also depend on the capabilities of your home router or maybe even depends on your ISP not blocking certain services if you are configuring a router they provide to you. I really don’t know.
EDIT NOTE: One of my 6 node launching scripts was bad causing BP node to fail whenever the address was supposed to be 0.0.0.0, so I updated the first table in this edit to reflect the corrections on the third row for the BP.