I have 3 droplets (BP+2 relays) on DigitalOcean VPC,
Relays have BP private adress in config
BP have private relays IP in config
All 3 droplets are on the same subnet (VPC)
I can telnet BP to relays and vice versa on private IP
But somehow BP expecting public IP’s for Peers In
Peers Out are connected on private
BP is not processing tx rn
I concluded there is no NATing:
iptables -t nat -L -n -v
did u opened the ports in fw (for BP you will need to accept the Relays IPs on BP port - 6000 by default)
for relays you must have the port opened for any
Yes, private relays IP on node port
can u share the glive output from BP?
Peers in not connecting, Peers out connected, tx not processing,
Peers in connected only after I add relays public IP to ufw incoming rules.
I dont understand why BP expect public relay IP if I set private IP in topology.json
no, should work via Private IP as well
try from BP
telnet Relay_private_IP Relay_port
and from Relays
telnet BP_private_IP BP_port
do you see connected?
@DenisHR1 Do you have your relay bound to IP 0.0.0.0 which means to listen on all IP addresses?
When starting the node there is the --host-addr parameter. When that is 0.0.0.0 than it listens on all addresses. What’s your setting?
ie: cardano-node run .... --host-addr 0.0.0.0
…you can also check with ps auxf | grep cardano
Yes, BP and the relays can connect telnet on node port
In all directions
ok, question… when did u started the nodes did u used the public IP or 0.0.0.0 address?
Not sure, I know I had public relays IP in ufw in the begginning…
But now I want only private connection between BP and the relays.
Pls see my question above as well, it has an example where to look for…
Also let us know what sudo ufw status numbered shows… Please mask the IP addresses.
Yes, I have --host-addr 0.0.0.0 in the run,
and ufw status is giving me 2 active rules:
user@server:/opt/cardano/cnode/scripts$ sudo ufw status verbose
Status: active
Logging: off
Default: deny (incoming), allow (outgoing), disabled (routed)
New profiles: skip
To Action From
node-port/tcp ALLOW IN relay-1-private-IP
node-port/tcp ALLOW IN relay-2-private-IP
ok, then go to BP topology file and add the Relays IP address
should be like this
{
"Producers": [
{
"addr": "192.168.1.x",
"port": 6000,
"valency": 1
},
{
"addr": "192.168.1.x",
"port": 6000,
"valency": 1
}
]
}
save the file and restart the node
for Relays go inside the relay-topology_pull.sh
and add the BP private IP
BLOCKPRODUCING_IP=192.168.1.x
BLOCKPRODUCING_PORT=6000
save the file, run it and restart the Relays
Now, check on BP glive if you see any peers to OUT/IN
question: the NODES are 100% synced?
Relay 1 have:
CUSTOM_PEERS=“BP-private-IP:port|relays-new.cardano-mainnet.iohk.io:3001:2”
Relay 2 have:
exactly the same
BP have:
{
“Producers”: [
{
“addr”: “Relay-1-private-IP”,
“port”: port,
“valency”: 1
},
{
“addr”: “Relay-2-private-IP”,
“port”: port,
“valency”: 1
}
]
}
u are using cntools? or coincashew guide?
I use Cntools
should be like this
CUSTOM_PEERS="192.168.1.x,6000"
So instead of : I put , ?