BP not connecting to Peers in on private VPC;

I have 3 droplets (BP+2 relays) on DigitalOcean VPC,

Relays have BP private adress in config
BP have private relays IP in config
All 3 droplets are on the same subnet (VPC)
I can telnet BP to relays and vice versa on private IP
But somehow BP expecting public IP’s for Peers In
Peers Out are connected on private
BP is not processing tx rn
I concluded there is no NATing:
iptables -t nat -L -n -v

did u opened the ports in fw (for BP you will need to accept the Relays IPs on BP port - 6000 by default)
for relays you must have the port opened for any

Yes, private relays IP on node port

can u share the glive output from BP?

Peers in not connecting, Peers out connected, tx not processing,
Peers in connected only after I add relays public IP to ufw incoming rules.

I dont understand why BP expect public relay IP if I set private IP in topology.json

no, should work via Private IP as well

try from BP
telnet Relay_private_IP Relay_port

and from Relays
telnet BP_private_IP BP_port

do you see connected?

@DenisHR1 Do you have your relay bound to IP which means to listen on all IP addresses?

When starting the node there is the --host-addr parameter. When that is than it listens on all addresses. What’s your setting?

ie: cardano-node run .... --host-addr

…you can also check with ps auxf | grep cardano

Yes, BP and the relays can connect telnet on node port
In all directions

ok, question… when did u started the nodes did u used the public IP or address?

Not sure, I know I had public relays IP in ufw in the begginning…
But now I want only private connection between BP and the relays.

Pls see my question above as well, it has an example where to look for…

Also let us know what sudo ufw status numbered shows… Please mask the IP addresses.

Yes, I have --host-addr in the run,
and ufw status is giving me 2 active rules:
user@server:/opt/cardano/cnode/scripts$ sudo ufw status verbose
Status: active
Logging: off
Default: deny (incoming), allow (outgoing), disabled (routed)
New profiles: skip

To Action From

node-port/tcp ALLOW IN relay-1-private-IP
node-port/tcp ALLOW IN relay-2-private-IP

ok, then go to BP topology file and add the Relays IP address

should be like this

  "Producers": [
      "addr": "192.168.1.x",
      "port": 6000,
      "valency": 1
      "addr": "192.168.1.x",
      "port": 6000,
      "valency": 1

save the file and restart the node

for Relays go inside the relay-topology_pull.sh

and add the BP private IP


save the file, run it and restart the Relays

Now, check on BP glive if you see any peers to OUT/IN

question: the NODES are 100% synced?

Relay 1 have:
Relay 2 have:
exactly the same
BP have:
“Producers”: [
“addr”: “Relay-1-private-IP”,
“port”: port,
“valency”: 1
“addr”: “Relay-2-private-IP”,
“port”: port,
“valency”: 1


u are using cntools? or coincashew guide?

I use Cntools

should be like this

So instead of : I put , ?

1 Like