Problem connecting to RPC endpoint

[GLCNI]

Problems connecting to exposed RPC endpoint

Similar problems reported here Post on forum: https://discourse.dappnode.io/t/problem-connecting-to-dappnode-eth-rpc-endpoint/1950 Older Post with no resolution: https://discourse.dappnode.io/t/rpc-connection-problem/1264/5

Description trying to open Ethereum RPC endpoint, I want to connect to an ETH node externally, also tried with other nodes (synced), such as Goerli Ethereum

GETH is synced and no errors, and connected to a consensus client, with normal Logs

what's been done Exposed the URL under system/network/HTTPs Portal > expose Geth Port forwarded from my router 8545 to local IP of dappnode device

Result: I can’t connect to the endpoint

• trying with other node (that need L1 endpoint) This has been tested with nodes that require Ethereum L1 endpoints such as Arbitrum one, the configuration is fine on the side of the L2 node as it works with other endpoints but not connecting to dappnode.
• with metamask, I can’t connect either Error: could not fetch chain ID. is your RPC URL correct

[alexpeterson91]

One big problem is exposing the 8545 endpoint totally unprotected to the open internet by forwarding that port in your router. that's a security risk, nor does it help anything. Please close that in your router manually. The HTTPS portal needs port 443 open to function properly. It also does everything you need to do to expose a port. For geth or goerli geth are you adding a port like :8545 to the endpoint? Because that could be the cause. It needs to be 443 and doesn't even need a port specified in many cases since HTTPS is on 443. The portal creates a subdomain of your node that directs the traffic to and from the port you want to expose for example Geth's HTTP RPC API port just click the enable toggle in the https portal page and it will create a route from Geth's 8545 RPC HTTP port to this newly generated subdomain on port 443. So make sure 443 is mapped to your node properly and 8545 is not. Even as it's open now it still would never give access to geths API. Our security model makes it not possible without advanced editing to access internal ports like that from outside the dappnode. Not just the open internet, but still shouldn't be open. Its only exposed in our internal docker network with its own dns resolver etc. You join this network when you open a VPN connection to your node or join its Wi-Fi hotspot. But for things that need a constant connection you just select the endpoint needed. Make sure it's the right endpoint (I.e. HTTPS RPC API or WSS RPC API) needed for your project.

[alexpeterson91]

Arbitrum one nitro also runs great on dappnode it's a publicly maintained package so our team doesn't maintain or publish it but i needed it for our Pokt package so i made a couple little tweaks and it's working great. I Just need to ping the author of the package and have him merge and publish my changes that make it both safe and work properly. If you're interested I could get you a link for a working version.

[DanieleSalatti]

@alexpeterson91 quick question related to this issue :)

In @GLCNI's screenshot the Optimism JSON RPC Endpoint starts with optimism-optimism-public. which is not correct.

The correct endpoint should be: https://optimism.{redacted}.dyndns.dappnode.io

I assume this is a misconfiguration in my package (I'm the maintainer of the Optimism node package).

Do you know what setting do I need to tweak or can you reference any docs? I don't seem to be able to find it.

---

Edit: the Network tab for the package itself shows both endpoints:

---

Edit 2: looks like I expose port 9991 here. Will need to switch to 8545 and figure out how to make the endpoint show up as https://optimism.{redacted}.dyndns.dappnode.io...

[GLCNI]

@alexpeterson91 Thanks, will close the port I am not adding anything to the url provided in the dappnode settings

“So make sure 443 is mapped to your node properly and 8545 is not.” right, is it the case that I need to change anything in the configuration of the node?

“You join this network when you open a VPN connection to your node or join its Wi-Fi hotspot.” so what I am trying to do is access externally, I wish to access endpoint anywhere and have it open for rpc provision. These are non-validating nodes. What do I need to do for this with dappnode?

Regards to Arbitrum, I am absolutely interested in this, thanks

[acyberduck]

I am having the same issues as @GLCNI . Just spinned up the Optimism node, all synced. Can't connect to the RPC. Using https://optimism-optimism-public.{redacted}.dyndns.dappnode.io/ as the RPC endpoint.

[dsimog01]

@alexpeterson91 quick question related to this issue :)

In @GLCNI's screenshot the Optimism JSON RPC Endpoint starts with optimism-optimism-public. which is not correct.

The correct endpoint should be: https://optimism.{redacted}.dyndns.dappnode.io

I assume this is a misconfiguration in my package (I'm the maintainer of the Optimism node package).

Do you know what setting do I need to tweak or can you reference any docs? I don't seem to be able to find it.

Edit: the Network tab for the package itself shows both endpoints:

Edit 2: looks like I expose port 9991 here. Will need to switch to 8545 and figure out how to make the endpoint show up as https://optimism.{redacted}.dyndns.dappnode.io...

@3alpha Can you give us light on this?

[dsimog01]

@alexpeterson91 Thanks, will close the port I am not adding anything to the url provided in the dappnode settings

“So make sure 443 is mapped to your node properly and 8545 is not.” right, is it the case that I need to change anything in the configuration of the node?

“You join this network when you open a VPN connection to your node or join its Wi-Fi hotspot.” so what I am trying to do is access externally, I wish to access endpoint anywhere and have it open for rpc provision. These are non-validating nodes. What do I need to do for this with dappnode?

Regards to Arbitrum, I am absolutely interested in this, thanks

In short, the port 8545 of the Geth container is being mapped to the port 443 of geth.XXXXX.dyndns.dappnode.io, which equals saying that it is mapped to https://geth.XXXXX.dyndns.dappnode.io , as 443 is the well-known port for HTTPS. You need to open this port in your router.

[stale[bot]]

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions!

[stale[bot]]

This issue or pull request has been automatically been closed due to inactivity.