No incoming connections on BP and 1 relay node

I have 1 relay node that shows 2 incoming connections, 1 from my BP and 1 from a relay. On my 2nd relay, I have 0 incoming connections, same with my BP.

Relay1 - 2 incoming, 22 outgoing
Relay 2 - 0 incoming, 22 outgoing
BP - 0 incoming, 1 outgoing

I have verified the topology files are correct on all 3. On the relays, they are exactly the same, I have the BP IP, and a mix of iohk and community realys. On the BP, I have both of my relays as the producers.

I have also verified the firewall rules on all 3.
Relays -
[ 1] ssh ALLOW IN 50.x.x.x
[ 2] ssh ALLOW IN 50.x.x.x
[ 3] 123/udp ALLOW IN Anywhere
[ 4] 6000/tcp ALLOW IN Anywhere
[ 5] 6000 (v6) ALLOW IN Anywhere (v6)
[ 6] 123/udp (v6) ALLOW IN Anywhere (v6)
[ 7] 6000/tcp (v6) ALLOW IN Anywhere (v6)

BP-
ssh ALLOW 50.x.x.x
ssh ALLOW 50.x.x.x
123/udp ALLOW Anywhere
6000/tcp ALLOW (relay ips)
123/udp (v6) ALLOW Anywhere (v6)
6000/tcp (v6) ALLOW Anywhere (v6)

Any idea why I would have 0 incoming on Relay 2 and why I only have 1 outgoing and 0 incoming on the BP?

Hi,

The nodes are up and runnig? Also 100% synced?
For relays u must use topologyUpdater script
can u test the connecticity,

• from BP
  telnet Relay_IP 6000 (if u started the nodes with port 6000)
• from Relays
  telnet BP_IP 6000

U should see connected, if not check the FW rules, perhaps u have another FW on ur servers management browser

Cheers,

sidenote: for the BP i see you are restricting port 6000 for v4 relay IPs which is good, but the v6 are widely open

Well, thank you again my friend. I’m in the process of migrating to IONOS. They have an external firewall that cannot be disabled by default. I was hoping to use UFW, but I cannot remove the default fw policy from IONOS. I added the rules to the default fw policy and it’s working! 2 incoming, 2 outgoing!

FW from IONOS (dedicated device) should be better than UFW… so use that one