IP address shown in red even though IP / port is reachable from the outside

[rytisbitcoin]

I have forwarded ports 8333, 9735 and 10009 on my router. On the screen it says I have 20 connections (so my node is clearly accepting incoming connections), yet the IP address (and the LN node address) are shown in red.

[vmavromatis]

Stupid question - is it actually red or orange? Mine was red, then I forwarded the ports 8333, 9735 and 10009 to 192.168.1.41 (local IP for raspi) and rebooted. After the reboot the address is orange but I have 5 peers, so I guess my node is open..? BTW, I couldn't find my node in 1ML.com so maybe I'm doing something wrong (using DynDNS).

[rytisbitcoin]

It is actually red.

[vmavromatis]

OK then I'm telling you the steps that worked for me in case it helps: forward those 3 ports to local IP, enable uPnP and reboot raspiblitz.

[rytisbitcoin]

I have already forwarded the ports and uPnP is enabled in my router, unless you mean I have to enable uPnP in my node?

[vmavromatis]

No I meant in the router - can't help more than that I'm afraid. Maybe someone else can.

[rootzoll]

@rytisbitcoin the detection is not perfect yet .. see the FAQ topics on that: https://github.com/rootzoll/raspiblitz/blob/master/FAQ.md#why-is-my-bitcoin-ip-on-the-display-red

The code on the detection can be found in /home/admin/00infoBlitz.sh - its that part thats dicides on the color:

   public_check=$(nc -z -w6 ${public_ip} 9735 2>/dev/null; echo $?)
  if [ $public_check = "0" ]; then
    # only set yellow/normal because netcat can only say that the port is open - not that it points to this device for sure
    ln_publicColor="${color_yellow}"
  else
    ln_publicColor="${color_red}"
  fi

So you can try on the terminal for example with your public ip nc -z -w6 91.65.34.69 9735; echo $? ... it will return the exit code of netcat. If anybody has an idea how to improve this, let me know.

[rytisbitcoin]

The example you mentioned is related to the LN node IP, but the color is also red for Bitcoin node IP (i.e. where is says "Public xxx.xxx.xxx.xxx:yyyy zz connections", so using the IP in your example it shows "Public 91.65.34.69:8333 20 connections". The words "Public" and "connections" are white, "20" is purple, "91.65.34.69:8333" is red. Because it has 20 connections, it is clearly reachable from the outside, so it should be green?

[rytisbitcoin]

I have done some more testing.

Using the IP from your example (91.65.34.69), the command nc -z -w6 91.65.34.69 9735; echo $? returns "0" (i.e. the port shows as open), but using my own IP instead nc -z -w6 xxx.xxx.xxx.xxx 9735; echo $? it returns "1". However, when testing via a service like canyouseeme.org, all the relevant ports on my IP (8333, 9735, 10009) are shown as open. It seems that this is the issue with using netcat specifically to test if the ports are open, however I was not able to find a working alternative, and therefore do not have a solution for this issue.

[rootzoll]

@rytisbitcoin much thanks for your research so far.

If there is any working alternative showing up or an idea ... maybe another unix command that can be installed with apt-get, etc ... please add to this issue.

[rytisbitcoin]

Did not solve the issue, but some more information to add. After adding the -v (verbose) flag to the nc command, when trying nc -z -w6 xxx.xxx.xxx.xxx 9735; echo $? directly from the node itself, it returns a "connection refused" message immediately. When trying it from my computer (on the same network/IP), it returns a "timed out" message after timing out.

[rootzoll]

I added this issue to the v1.1 milestone to at least take some time in the comming weeks to see/research if there can be found a better solution to this.

[CommanderPoe]

Having the complete oposite situation here... admin ip (internal) is green Public ip (external) yellow Uri is yellow as well

But when i go to bitnodes and type my external ip it prints that my node is unreachable, however according to the pi info im getting 8 connections. Any ideas what could be the reason for that?

I opened the ports 8333 and 9735 on my router.

[rootzoll]

TODO: Also check for correct port. When the port of LND in the config is set to 9736 ... the displaystill seems to check for 9735.

[sirenak2]

Sorry to chime in on this but i'm having the exact same issue as Rytisbitcoin. Both bitcoin node and Lightning node are red. Bitcoin node has 23 connections, all ports are open using http://canyouseeme.org . I have inbound peers on RTL showing as true. nc -z -w6 xxx.xxx.xxx.xxx 9735; echo $? returns "1" . Thought i'd reply rather than make a new thread. Been holding off putting a photo on twitter of my completed Raspiblitz as I'm not sure it's all finished yet lol. I can't find my node using https://explorer.acinq.co/ . Anyyway, I love everything so far and hope I can get this last issue sorted soon!

[rootzoll]

@sirenak2 if you know your ports are open and you dont want it red on the display you can simply hack the displayscript and set it green yourself:

Edit /home/admin/00infoBlitz.sh - and repalce this code ...

   public_check=$(nc -z -w6 ${public_ip} 9735 2>/dev/null; echo $?)
  if [ $public_check = "0" ]; then
    # only set yellow/normal because netcat can only say that the port is open - not that it points to this device for sure
    ln_publicColor="${color_yellow}"
  else
    ln_publicColor="${color_red}"
  fi

with

    ln_publicColor="${color_green}"

until we find a better solution ;)

[sirenak2]

Haha, sorted. Thanks :)

[sirenak2]

It took over 24 hours for mine to show on 1ml.com and a little longer for it to show on https://explorer.acinq.co.

[fluidvoice]

This issue OP is not about 1ML. Open a new issue if you have other questions.

[jay653]

my issue is also not about 1ML, i just used 1ML to check if my node is reachable from the outside (which is the OP's issue).

thx @sirenak2 for clearing this up. you guys can consider my issue solved.

[justinsane]

Am I good to go per my screenshot? 1ML doesn't find anything but https://canyouseeme.org/ does show port 8333 open. I manually set port forwarding on my router open for 8333, 9735, and 10009.

Thanks in advance!

[rootzoll]

@justinsane your address is shown in "yellow" not "red" - so verything looks good here.

TODO reminder to myself for future release: Also check for correct port. When the port of LND in the config is set to 9736 ... the displaystill seems to check for 9735.

[rootzoll]

LND port is know shown correct on the LCD from v1.2 on.

TODO for later release: write a python port scanner to check of the correct/reachble service is running on that port.

[rytisbitcoin]

Another suggestion on how to fix this (at least for Bitcoin node IP address and port): if the number of Bitcoin node connections is >=9, then show it in green, because this can only happen if the IP and port are reachable from outside (this can be in addition to the current method for choosing color, and act as a failsafe).

[intorid]

Начиная с версии 1.2, порт LND отображается правильно на ЖК-дисплее.

TODO для более поздней версии: напишите сканер портов Python, чтобы проверить, работает ли на этом порту правильный / доступный сервис.

I think I found out the reason for the wrong definition shown in red. I would like to know which ports Netcat checks for status colors. I used the command nc -z -w6 xxx.xxx.xxx.xxx PORT; echo $? for ports 8333 and 9735 what other ports are needed for status 0

The problem is related to the lack of support for the NAT function Loopback / Hairpin NAT

[rootzoll]

sorry because of time issue - moving back to future release

[odudex]

I'm on V1.4, forwarded ports and I am able to create channels and use them, but only from outside my local network. Address is red, and running nc -z -w6 xxx.xxx.xxx.xxx 9735 from pi returns 1. Running a wallet in my phone, I can use the channel from my node only with 4G and other's wifi. Once connected to my local network wifi channel goes offline. Is there something I can do about it? Some configuration in my router?

[radar24]

so is yellow good?? mine also shows yellow. all the ports are open and mine is reachable on bitnodes.io but yellow. I'd like to have it green though. Should I just manually replce the codes?

[rootzoll]

yellow means - should work - see: https://github.com/rootzoll/raspiblitz/blob/master/FAQ.md#why-is-my-node-address-on-the-display-yellow-not-green

[odudex]

For those with same problem I showed above: Red address, can connect from outside LAN, but can't connect from within, this is due to lack of "Hairpinning" feature on router: https://en.wikipedia.org/wiki/Hairpinning

[rootzoll]

@odudex thanks - added the info about haqirpinning to the FAQ

In general I think the port forwarding will get more and more less important when we move the RaspiBlitz to TOR by default (TOR does not need any port forwarding).

[NilByte]

I have a Thomson DOCSIS 3.0 cable modem from ISP that actually also have some some port forwarding and port triggering functionality. Connected to the cable modem I have a Linksys router and opening ports on the Linksys router didn't work as expected.

Figured out that setting the Linksys router ip as DMZ host in cable modem made all the port forwarding in Linksys router work as expected and made both port 8333 and 9735 reachable.

So I finally set up port forwarding in the cable modem (8333, 9735, 10009, 8080) to Linksys router ip and also opened these ports in Linksys router. Then turned DMZ host off in cable modem again.

Lessons learned for me is to check if the cable modem is causing the trouble on node not being reachable in spite all port have been opened in the router connected to the cable modem.