VPN issue with port forwarding?

21grammes · July 3, 2023, 4:16pm

Hello,
I’ve multiple (windows) nodes behind CGNat so they were running via Mullvad VPN, they recently removed port forwarding so i’ve switched to ProtonVPN but i’m having troubles getting the nodes back up online.

node dashboard shows “Offline + QUIC misconfig” when behind NO-IP
and if i manually input the VPN IP to config.yaml (so, not using NO-IP anymore), the dashboard then shows: “Online but QUIC still misconfig”

here’s the result of Pingdom with NO-IP:

started

via: St.Petersburg, Russia

TCP: couldn’t connect to node: rpc: dial tcp 146.70.119.62:49302: i/o timeout

QUIC: couldn’t connect to node: rpc: quic: context deadline exceeded

via: France (proxy, no QUIC)

TCP: couldn’t connect to node: rpc: socks connect tcp 37.59.37.96:2080->xxxxx.ddns.net:49302: read tcp 85.143.219.169:58614->37.59.37.96:2080: i/o timeout

done.

and here’s the result when i manually input the VPN IP in config.yaml:

started

via: St.Petersburg, Russia

TCP: dialed node in 139ms

QUIC: couldn’t connect to node: rpc: quic: context deadline exceeded

via: France (proxy, no QUIC)

TCP: dialed node in 310ms

done.

here’s some logs when i’m running NO-IP:

2023-07-03T17:58:14.578+0200	ERROR	contact:service	ping satellite failed 	{"Satellite ID": "12rfG3sh9NCWiX3ivPjq2HtdLmbqCrvHVEzJubnzFzosMuawymB", "attempts": 1, "error": "ping satellite: context canceled", "errorVerbose": "ping satellite: context canceled\n\tstorj.io/storj/storagenode/contact.(*Service).pingSatelliteOnce:143\n\tstorj.io/storj/storagenode/contact.(*Service).pingSatellite:102\n\tstorj.io/storj/storagenode/contact.(*Chore).updateCycles.func1:87\n\tstorj.io/common/sync2.(*Cycle).Run:99\n\tstorj.io/common/sync2.(*Cycle).Start.func1:77\n\tgolang.org/x/sync/errgroup.(*Group).Go.func1:75"}
2023-07-03T17:58:14.578+0200	INFO	contact:service	context cancelled	{"Satellite ID": "12rfG3sh9NCWiX3ivPjq2HtdLmbqCrvHVEzJubnzFzosMuawymB"}
2023-07-03T17:58:14.578+0200	ERROR	contact:service	ping satellite failed 	{"Satellite ID": "12L9ZFwhzVpuEKMUNUqkaTLGzwY9G24tbiigLiXpmZWKwmcNDDs", "attempts": 1, "error": "ping satellite: context canceled", "errorVerbose": "ping satellite: context canceled\n\tstorj.io/storj/storagenode/contact.(*Service).pingSatelliteOnce:143\n\tstorj.io/storj/storagenode/contact.(*Service).pingSatellite:102\n\tstorj.io/storj/storagenode/contact.(*Chore).updateCycles.func1:87\n\tstorj.io/common/sync2.(*Cycle).Run:99\n\tstorj.io/common/sync2.(*Cycle).Start.func1:77\n\tgolang.org/x/sync/errgroup.(*Group).Go.func1:75"}
2023-07-03T17:58:14.578+0200	INFO	contact:service	context cancelled	{"Satellite ID": "12L9ZFwhzVpuEKMUNUqkaTLGzwY9G24tbiigLiXpmZWKwmcNDDs"}
2023-07-03T17:58:14.578+0200	ERROR	contact:service	ping satellite failed 	{"Satellite ID": "12tRQrMTWUWwzwGh18i7Fqs67kmdhH9t6aToeiwbo5mfS2rUmo", "attempts": 1, "error": "ping satellite: context canceled", "errorVerbose": "ping satellite: context canceled\n\tstorj.io/storj/storagenode/contact.(*Service).pingSatelliteOnce:143\n\tstorj.io/storj/storagenode/contact.(*Service).pingSatellite:102\n\tstorj.io/storj/storagenode/contact.(*Chore).updateCycles.func1:87\n\tstorj.io/common/sync2.(*Cycle).Run:99\n\tstorj.io/common/sync2.(*Cycle).Start.func1:77\n\tgolang.org/x/sync/errgroup.(*Group).Go.func1:75"}
2023-07-03T17:58:14.578+0200	INFO	contact:service	context cancelled	{"Satellite ID": "12tRQrMTWUWwzwGh18i7Fqs67kmdhH9t6aToeiwbo5mfS2rUmo"}
2023-07-03T17:58:14.579+0200	ERROR	contact:service	ping satellite failed 	{"Satellite ID": "12EayRS2V1kEsWESU9QMRseFhdxYxKicsiFmxrsLZHeLUtdps3S", "attempts": 1, "error": "ping satellite: context canceled", "errorVerbose": "ping satellite: context canceled\n\tstorj.io/storj/storagenode/contact.(*Service).pingSatelliteOnce:143\n\tstorj.io/storj/storagenode/contact.(*Service).pingSatellite:102\n\tstorj.io/storj/storagenode/contact.(*Chore).updateCycles.func1:87\n\tstorj.io/common/sync2.(*Cycle).Run:99\n\tstorj.io/common/sync2.(*Cycle).Start.func1:77\n\tgolang.org/x/sync/errgroup.(*Group).Go.func1:75"}
2023-07-03T17:58:14.579+0200	INFO	contact:service	context cancelled	{"Satellite ID": "12EayRS2V1kEsWESU9QMRseFhdxYxKicsiFmxrsLZHeLUtdps3S"}
2023-07-03T17:58:14.579+0200	ERROR	contact:service	ping satellite failed 	{"Satellite ID": "121RTSDpyNZVcEU84Ticf2L1ntiuUimbWgfATz21tuvgk3vzoA6", "attempts": 1, "error": "ping satellite: context canceled", "errorVerbose": "ping satellite: context canceled\n\tstorj.io/storj/storagenode/contact.(*Service).pingSatelliteOnce:143\n\tstorj.io/storj/storagenode/contact.(*Service).pingSatellite:102\n\tstorj.io/storj/storagenode/contact.(*Chore).updateCycles.func1:87\n\tstorj.io/common/sync2.(*Cycle).Run:99\n\tstorj.io/common/sync2.(*Cycle).Start.func1:77\n\tgolang.org/x/sync/errgroup.(*Group).Go.func1:75"}
2023-07-03T17:58:14.579+0200	INFO	contact:service	context cancelled	{"Satellite ID": "121RTSDpyNZVcEU84Ticf2L1ntiuUimbWgfATz21tuvgk3vzoA6"}
2023-07-03T17:58:14.579+0200	ERROR	contact:service	ping satellite failed 	{"Satellite ID": "1wFTAgs9DP5RSnCqKV1eLf6N9wtk4EAtmN5DpSxcs8EjT69tGE", "attempts": 2, "error": "ping satellite: context canceled", "errorVerbose": "ping satellite: context canceled\n\tstorj.io/storj/storagenode/contact.(*Service).pingSatelliteOnce:143\n\tstorj.io/storj/storagenode/contact.(*Service).pingSatellite:102\n\tstorj.io/storj/storagenode/contact.(*Chore).updateCycles.func1:87\n\tstorj.io/common/sync2.(*Cycle).Run:99\n\tstorj.io/common/sync2.(*Cycle).Start.func1:77\n\tgolang.org/x/sync/errgroup.(*Group).Go.func1:75"}
2023-07-03T17:58:14.579+0200	INFO	contact:service	context cancelled	{"Satellite ID": "1wFTAgs9DP5RSnCqKV1eLf6N9wtk4EAtmN5DpSxcs8EjT69tGE"}
2023-07-03T17:58:14.584+0200	ERROR	piecestore:cache	error getting current used space: 	{"error": "filewalker: context canceled; filewalker: context canceled; filewalker: context canceled; filewalker: context canceled", "errorVerbose": "group:\n--- filewalker: context canceled\n\tstorj.io/storj/storagenode/pieces.(*FileWalker).WalkSatellitePieces:69\n\tstorj.io/storj/storagenode/pieces.(*FileWalker).WalkAndComputeSpaceUsedBySatellite:74\n\tstorj.io/storj/storagenode/pieces.(*Store).SpaceUsedTotalAndBySatellite:718\n\tstorj.io/storj/storagenode/pieces.(*CacheService).Run:57\n\tstorj.io/storj/private/lifecycle.(*Group).Run.func2.1:87\n\truntime/pprof.Do:44\n\tstorj.io/storj/private/lifecycle.(*Group).Run.func2:86\n\tgolang.org/x/sync/errgroup.(*Group).Go.func1:75\n--- filewalker: context canceled\n\tstorj.io/storj/storagenode/pieces.(*FileWalker).WalkSatellitePieces:69\n\tstorj.io/storj/storagenode/pieces.(*FileWalker).WalkAndComputeSpaceUsedBySatellite:74\n\tstorj.io/storj/storagenode/pieces.(*Store).SpaceUsedTotalAndBySatellite:718\n\tstorj.io/storj/storagenode/pieces.(*CacheService).Run:57\n\tstorj.io/storj/private/lifecycle.(*Group).Run.func2.1:87\n\truntime/pprof.Do:44\n\tstorj.io/storj/private/lifecycle.(*Group).Run.func2:86\n\tgolang.org/x/sync/errgroup.(*Group).Go.func1:75\n--- filewalker: context canceled\n\tstorj.io/storj/storagenode/pieces.(*FileWalker).WalkSatellitePieces:69\n\tstorj.io/storj/storagenode/pieces.(*FileWalker).WalkAndComputeSpaceUsedBySatellite:74\n\tstorj.io/storj/storagenode/pieces.(*Store).SpaceUsedTotalAndBySatellite:718\n\tstorj.io/storj/storagenode/pieces.(*CacheService).Run:57\n\tstorj.io/storj/private/lifecycle.(*Group).Run.func2.1:87\n\truntime/pprof.Do:44\n\tstorj.io/storj/private/lifecycle.(*Group).Run.func2:86\n\tgolang.org/x/sync/errgroup.(*Group).Go.func1:75\n--- filewalker: context canceled\n\tstorj.io/storj/storagenode/pieces.(*FileWalker).WalkSatellitePieces:69\n\tstorj.io/storj/storagenode/pieces.(*FileWalker).WalkAndComputeSpaceUsedBySatellite:74\n\tstorj.io/storj/storagenode/pieces.(*Store).SpaceUsedTotalAndBySatellite:718\n\tstorj.io/storj/storagenode/pieces.(*CacheService).Run:57\n\tstorj.io/storj/private/lifecycle.(*Group).Run.func2.1:87\n\truntime/pprof.Do:44\n\tstorj.io/storj/private/lifecycle.(*Group).Run.func2:86\n\tgolang.org/x/sync/errgroup.(*Group).Go.func1:75"}
2023-07-03T17:58:26.800+0200	INFO	Configuration loaded	{"Location": "C:\\Program Files\\Storj\\Storage Node\\config.yaml"}

no firewall, ddos protection or whatever, everything worked with the previous VPN provider so i don’t really get it, is ProtonVPN’s port forwarding feature not usable for SNO?

Stob · July 3, 2023, 5:45pm

Are any of these IP’s correct?

If they don’t match the one you’re typing in config.yaml (when it works) then it’s a DNS cache/update issue.

21grammes · July 3, 2023, 6:07pm

Indeed, it doesn’t match the IP that the VPN displays/the one i’m typing in the config file.

then it’s a DNS cache/update issue.

sorry if this sounds dumb but this is out of my understanding, what i am supposed to do try to fix it?
i already tried to setup a custom dns server thru the VPN’s app, didn’t change a thing.

Stob · July 3, 2023, 7:06pm

If the VPN IP address in the config.yaml works why do you need to use a ddns.net address? Just keep the working IP address.

CutieePie · July 3, 2023, 7:29pm

(post deleted by author)

21grammes · July 3, 2023, 7:50pm

it’s not working in both case.
that’s why i’m having trouble understanding where’s the problem.

21grammes · July 3, 2023, 7:55pm

I mean, i wanted to get my nodes back up asap, ProtonVPN was the first one that came to my mind.

the inbound ports are rotated to prevent this sort of abuse.

There’s nothing on their ToS or FAQ/Support page that define hosting a storj node (or any other usage of their port forwading function) as “abuse” so… ;
I’m planning on buying AirVPN if i don’t get this sorted out but feel free to share one.

Ruskiem · July 3, 2023, 9:30pm

Was on mullvad too, moved to some private dedicated solution.
Couldnt find good VPN tho. Not so much good port forwarding VPNs out there.
AirVpn is high in ranks so i guess its must be populated by ndoes already, but You have to try.
And if You are seraching for a VPN, i can recommand this website:
https://storjnet.info/neighbors
If You find some vpn, first try it, or pay for 1 month, to see if after connection, ip You are getting is free from storj nodes already. The website will show You if the VPN ip’s is occupied by a node already or not. Will show You number of nodes on a given ip You type in. Thats useful, because In Your best intrest is to choose such ip, that storjnet.info shows “0” nodes in last 24h.
Because the more nodes on same ip /24 class (like 192.168.1.1 - 192.168.1.255, so just this first numbers are enough 192.168.1.xxx) the worst Your income will be, coz node filling up will be “X” times slower, divided on all the nodes that occupies this ip /24 class, where the “X” is a number of nodes out there already.

21grammes · July 3, 2023, 11:45pm

yup, i was already doing weekly checks via Neighbors with mullvad, but thanks for the input though!

so, since i’m running out of ideas about what to try:
can anyone else confirm that ProtonVPN’s port forwarding feature is not suitable for SNOs?
i’ve seen some people talking about ProtonVPN working for storage nodes in other threads, so i guess that they changed something since then.

arrogantrabbit · July 4, 2023, 2:50am

Instead of paying for vpn rent a VPS and run up tables/vpn yourself. Will be likely cheaper and less likely to be an neighbour with another SNO.

JWvdV · July 8, 2023, 6:13am

Or just just free resources from Oracle Cloud.

arrogantrabbit · July 8, 2023, 6:37am

Yep. That’s what I’m using myself — their free tier compute instances are insanely generous — such as 24GB 4-core Arm instances and include 10TB of monthly traffic. Just did not want to advertise specific services :). A tiny wireguard + iptables config and bam — your node connects from anywhere; no need for public, let alone static, ip or keeping track of ddns, etc. power up box — it just works.

JWvdV · July 8, 2023, 9:10am

Even a very well functioning install script at GitHub - angristan/wireguard-install: WireGuard VPN installer for Linux servers

Then only routing still necessary, which you can peek from Hosting services, like Storj, behind firewall/GNAT, using Wireguard on a VPS and DNAT (Port Forwarding) with iptables. · GitHub

Only easier to remove all constraints on outbound traffic and make all inbound traffic stateless.

21grammes · July 8, 2023, 3:11pm

many thanks for sharing these resources!

21grammes · July 8, 2023, 3:12pm

in case anyone gets to this thread in the future,
here’s the “official” answer from ProtonVPN’s support:

We are sorry to inform you that your case scenario is not officially supported.

Namely, our Port Forwarding implementation is primarily for users who download and share files using P2P protocols such as BitTorrent, although it can also improve performance for online gamers.

Luis · July 9, 2023, 8:31am

I also always have with protonvpn.

Online but QUIC still misconfig

there is nothing to do

Alexey · July 9, 2023, 9:35am

most of VPN providers with port-forwarding feature supports only TCP.
To support UDP you need to create another connection for the same port number but UDP protocol, if that VPN provider supports it.

21grammes · July 9, 2023, 8:37pm

That’s what i was thinking.
Thanks for clarifying!

Knowledge · July 9, 2023, 10:10pm

I use PIA VPN, and there are no issues with QUIC or UDP. Everything works fine. However, the port number can change when the node restarts (Not always, but sometimes), so it does take some interaction to update the port number when that happens.

21grammes · July 9, 2023, 10:23pm

Wow, i knew PIA by name but never checked their website before, can’t believe that they offer a dedicated IP + unlimited devices for that price, thanks for the share!