Ubuntu Docker AirVPN port forward not working

Node Operators troubleshooting
, ,
1

Hello all

I am trying to run new node with ubuntu docker, and because I have no fixed IP I want to run with VPN.

I am using docker, airVPN and gluetun image in front.

Here is my docker compose file:

Docker-compose
Docker-compose1445×1401 155 KB

… with the interesting points:

  • Port openings have been made on the gluetun container, and not the storagenode container, as per the gluetun documentation.
  • The Address part in storagenode is the exit IP I get from the VPN. As far as I know, this is static, as long as I keep the same server (which I have done by only adding that specific server to the configuration)
  • If I run the port open tool, with the commands below, I can see that the port opening is indeed working:
docker exec -it gluetun /bin/sh
wget -qO port-checker https://github.com/qdm12/port-checker/releases/download/v0.3.0/port-checker_0.3.0_linux_amd64
chmod +x port-checker
./port-checker -port 46446

However I keep getting no contact to the storagenode, with alerts like the ones below:

storagenode_01  | 2024-11-11T17:01:28Z  ERROR   contact:service ping satellite failed   {"Process": "storagenode", "Satellite ID": "12L9ZFwhzVpuEKMUNUqkaTLGzwY9G24tbiigLiXpmZWKwmcNDDs", "attempts": 4, "error": "ping satellite: check-in ratelimit: node rate limited by id", "errorVerbose": "ping satellite: check-in ratelimit: node rate limited by id\n\tstorj.io/storj/storagenode/contact.(*Service).pingSatelliteOnce:203\n\tstorj.io/storj/storagenode/contact.(*Service).pingSatellite:157\n\tstorj.io/storj/storagenode/contact.(*Chore).updateCycles.func1:87\n\tstorj.io/common/sync2.(*Cycle).Run:102\n\tstorj.io/common/sync2.(*Cycle).Start.func1:77\n\tgolang.org/x/sync/errgroup.(*Group).Go.func1:78"}
storagenode_01  | 2024-11-11T17:01:29Z  ERROR   contact:service ping satellite failed   {"Process": "storagenode", "Satellite ID": "12EayRS2V1kEsWESU9QMRseFhdxYxKicsiFmxrsLZHeLUtdps3S", "attempts": 4, "error": "ping satellite: failed to ping storage node, your node indicated error code: 0, rpc: tcp connector failed: rpc: dial tcp 82.102.27.171:46446: connect: connection refused", "errorVerbose": "ping satellite: failed to ping storage node, your node indicated error code: 0, rpc: tcp connector failed: rpc: dial tcp 82.102.27.171:46446: connect: connection refused\n\tstorj.io/storj/storagenode/contact.(*Service).pingSatelliteOnce:209\n\tstorj.io/storj/storagenode/contact.(*Service).pingSatellite:157\n\tstorj.io/storj/storagenode/contact.(*Chore).updateCycles.func1:87\n\tstorj.io/common/sync2.(*Cycle).Run:102\n\tstorj.io/common/sync2.(*Cycle).Start.func1:77\n\tgolang.org/x/sync/errgroup.(*Group).Go.func1:78"}
storagenode_01  | 2024-11-11T17:01:30Z  ERROR   contact:service ping satellite failed   {"Process": "storagenode", "Satellite ID": "1wFTAgs9DP5RSnCqKV1eLf6N9wtk4EAtmN5DpSxcs8EjT69tGE", "attempts": 4, "error": "ping satellite: failed to ping storage node, your node indicated error code: 0, rpc: tcp connector failed: rpc: dial tcp 82.102.27.171:46446: connect: connection refused", "errorVerbose": "ping satellite: failed to ping storage node, your node indicated error code: 0, rpc: tcp connector failed: rpc: dial tcp 82.102.27.171:46446: connect: connection refused\n\tstorj.io/storj/storagenode/contact.(*Service).pingSatelliteOnce:209\n\tstorj.io/storj/storagenode/contact.(*Service).pingSatellite:157\n\tstorj.io/storj/storagenode/contact.(*Chore).updateCycles.func1:87\n\tstorj.io/common/sync2.(*Cycle).Run:102\n\tstorj.io/common/sync2.(*Cycle).Start.func1:77\n\tgolang.org/x/sync/errgroup.(*Group).Go.func1:78"}
storagenode_01  | 2024-11-11T17:01:30Z  ERROR   contact:service ping satellite failed   {"Process": "storagenode", "Satellite ID": "121RTSDpyNZVcEU84Ticf2L1ntiuUimbWgfATz21tuvgk3vzoA6", "attempts": 4, "error": "ping satellite: check-in ratelimit: node rate limited by id", "errorVerbose": "ping satellite: check-in ratelimit: node rate limited by id\n\tstorj.io/storj/storagenode/contact.(*Service).pingSatelliteOnce:203\n\tstorj.io/storj/storagenode/contact.(*Service).pingSatellite:157\n\tstorj.io/storj/storagenode/contact.(*Chore).updateCycles.func1:87\n\tstorj.io/common/sync2.(*Cycle).Run:102\n\tstorj.io/common/sync2.(*Cycle).Start.func1:77\n\tgolang.org/x/sync/errgroup.(*Group).Go.func1:78"}

I have found an old post, where a user suggests setting address to 0.0.0.0:[port] but I get an “IP not allowed” error when doing that.

Any idea on how to go forward?

2

This is not a valid reason to use VPN. Configure DDNS with a reputable service like dyn or CloudFlare instead.

If you did not have the public IP on the other hand, vpn would be valid to use. But I would not introduce 3 new containers for that. Instead, create your own image based on storagenode image with AirVPN wireguard config added. It will be much easier to make work and keep working.

You cannot rely on that, configure DDNS anyway.

1 Like
3

You do not need to use a VPN for that, see

Please always try to avoid VPNs, they likely would add a latency and probability to a have neighbor nodes in the same /24 subnet of public IPs.
Please also note, the implemented rule choice of n will select nodes with better success rate, so VPN nodes are selected less often than nodes running directly on public IPs in the same location.