Closed andreykanevskoi closed 1 year ago
For some users helped next list of firewall rules https://github.com/ledgerwatch/erigon#default-ports-and-protocols--firewalls We don't know what exactly means by "port scanning activity" (erigon has many moving parts - we don't know which exactly causing problem).
For some users helped next list of firewall rules https://github.com/ledgerwatch/erigon#default-ports-and-protocols--firewalls We don't know what exactly means by "port scanning activity" (erigon has many moving parts - we don't know which exactly causing problem).
Provider's pinned this (I've put XX instead of server's IP):
##########################################################################
# Netscan detected from host XX.XXX.XX.XXX #
##########################################################################
time protocol src_ip src_port dest_ip dest_port
---------------------------------------------------------------------------
Sat Apr 1 08:16:58 2023 TCP XX.XXX.XX.XXX 48340 => 172.19.0.3 15000
Sat Apr 1 08:10:25 2023 TCP XX.XXX.XX.XXX 40640 => 172.18.0.3 8000
Sat Apr 1 07:53:08 2023 TCP XX.XXX.XX.XXX 58540 => 172.21.0.2 10000
Sat Apr 1 08:09:15 2023 TCP XX.XXX.XX.XXX 48284 => 172.18.0.2 9007
Sat Apr 1 08:02:32 2023 TCP XX.XXX.XX.XXX 50436 => 172.20.0.2 9007
Sat Apr 1 08:02:40 2023 TCP XX.XXX.XX.XXX 54712 => 172.20.0.2 9007
Sat Apr 1 08:05:13 2023 TCP XX.XXX.XX.XXX 35212 => 172.20.0.2 9007
Sat Apr 1 08:05:27 2023 TCP XX.XXX.XX.XXX 48840 => 172.20.0.2 9007
Sat Apr 1 08:06:08 2023 TCP XX.XXX.XX.XXX 36278 => 172.20.0.2 9007
Sat Apr 1 08:09:23 2023 TCP XX.XXX.XX.XXX 37720 => 172.20.0.2 9007
Sat Apr 1 08:14:42 2023 TCP XX.XXX.XX.XXX 60502 => 172.20.0.2 9007
Sat Apr 1 08:02:02 2023 TCP XX.XXX.XX.XXX 54218 => 172.23.0.2 9007
Sat Apr 1 07:54:59 2023 TCP XX.XXX.XX.XXX 45470 => 172.24.0.2 9007
I have started downloading the Ethereum Mainnet blocks on the server using torrent (as indicated in your documentation). I think it's something like protecting hosting from using their servers in various network attacks.
Finally, I've found the flag "--maxpeers" to decrease the max number of peers to 5 (default = 100). Should help...
After starting erigon In an e-mail message we've got something like this:
Unfortunately, we have had to lock the IP address(es) below due to network issues. The IP address(es) was/were used to perform scans on other servers. This has placed a strain on network resources and has negatively affected part of our network.
Can we limit the number of outcoming connections? I really appreciate any help you can provide.