[BUG] Failed: Error on FluxOs response - Running application Kadena4 on ports [31350,31351,31352] is not reachable from outside!

[coinblockers]

Describe the bug The issue is with the FluxOS adding a public IP as /32 to eth0, causing the communication to dApp ports to fail and resulting in the bench failing. The problem occurs when there is already a dedicated /24 IP configured for eth0. Another error is caused by the upnp logic attempting to add upnp rules via 192.168.201.1 using eth1, even when upnp is not configured or disabled. This two facts is causing the Fluxnode to go down repeatedly.

To Reproduce Steps to reproduce the behavior:

1. Configure a Public IP with /24 or /22 subnet and gateway for eth0.
2. Configure a internal IP for eth1.
3. FluxOS adds the same public IP already configured as a second instance with /32 subnet to eth0.
4. The upnp logic attempts and tries to add upnp rules via internal IP using eth1.
5. Due the configured duplicate /32 Public IP, the dApp is not reachable by it's ports: 31350,31351,31352 anymore.

Expected behavior The communication to dApp ports should not fail and the bench should not fail. The nodes should not go down repeatedly. It should not execute Upnp logic at all if we have a dedicated Public IP and have not enabled upnp multiport setup!

Actual Result: The communication to dApp ports fails and the bench fails. The nodes go down repeatedly. If i remove the wrongly added /32 Public IP from interface eth0, the dApp Ports are reachable again till FluxOS readds it to eth0.

Screenshots

2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
    link/ether aa:xx:f8:25:fd:xx brd ff:ff:ff:ff:ff:ff
    altname enp0s18
    inet 103.214.4.1x brd 103.214.7.255 scope global eth0 <----- my public IP
       valid_lft forever preferred_lft forever
    inet 103.214.4.1x/32 scope global eth0                <----- same Public IP but with /32 subnet, this is wrong and breaks it
       valid_lft forever preferred_lft forever
    inet6 fe80::a88b:f8ff:fe25:fd96/64 scope link 
       valid_lft forever preferred_lft forever
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
    link/ether xx:ab:bb:2d:63:xx brd ff:ff:ff:ff:ff:ff
    altname enp0s19
    inet 192.168.201.x/24 brd 192.168.201.255 scope global eth1 <--- seing upnp register attempts but upnp is not configured/enabled
       valid_lft forever preferred_lft forever
    inet6 fe80::68ab:bbff:fe2d:63f7/64 scope link 
       valid_lft forever preferred_lft forever

If i allow it to add upnp rules, it's trying to do so (but hey: upnp is disabled!):

 9 TCP 31350->192.168.201.xxx:31350 'Flux_App_Kadena4123xyz' '' 0
13 UDP 31350->192.168.201.xxx:31350 'Flux_App_Kadena4123xyz' '' 0

Environment(please complete the following information):

• OS: Debian 11
• Browser any
• Version any
• Daemon any
• Benchmark latest

Additional context The error seems to be related to the upnp setup and the multiport setup acting as if it were behind a upnp2 gateway regardless if it has an dedicated public IP.

Impact: The issue is causing the nodes to go down repeatedly, which is affecting the functionality of the system.

[XK4MiLX]

u can change device using option 10 and manual config for ip rotation or remove it ( multitoolbox )

[loganavalari]

Since the newest update i have the same issue, multitool also says upnp is disabled, how to disable it manually in the config files?

VerifyUPNPsupport - Failed get public ip it seems i got this error but it has maybe no effect and the reachability for some apps is a different bug

[coinblockers]

u can change device using option 10 and manual config for ip rotation or remove it ( multitoolbox )

you mean by removing the ip_check in crontab. Okay, but that doesn't solve the upnp logic?

Btw, this is not gonna work: https://github.com/RunOnFlux/fluxnode-multitool/blame/4fea89419f2f567f5ea38a93b47f2b10f621c2e5/flux_common.sh#L2359 since the route command requires root privileges.

[XK4MiLX]

for me working normal, did u used it and got error?

[coinblockers]

for me working normal, did u used it and got error?

list is empty and on exit it shows me that command is not found, due missing sudo in front.

[XK4MiLX]

"command is not found" is when route is not installed ... i have a lot of vps and dedicate and non of it need sudo... anyway i added it

[coinblockers]

as stated, with sudo its executing, so surely it's installed. It simply is a root command since it's located in /usr/sbin on debian. It simply doesn't load env for /usr/sbin. So these are the options:

flux@flux-stratus:~$ route
-bash: route: command not found
flux@flux-stratus:~$ 

flux@flux-stratus:~$ /usr/sbin/route 
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
default         103.xxx.xx.1     0.0.0.0         UG    0      0        0 eth0
103.xxx.xx.0     0.0.0.0         255.255.252.0   U     0      0        0 eth0
172.15.0.0      0.0.0.0         255.255.0.0     U     0      0        0 br-10d704065a32
172.17.0.0      0.0.0.0         255.255.0.0     U     0      0        0 docker0
172.52.0.0      0.0.0.0         255.255.0.0     U     0      0        0 br-a6391072174f

flux@flux-stratus:~$ sudo route
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
default         103.xxx.xx.1     0.0.0.0         UG    0      0        0 eth0
103.xxx.xx.0     0.0.0.0         255.255.252.0   U     0      0        0 eth0
172.15.0.0      0.0.0.0         255.255.0.0     U     0      0        0 br-10d704065a32
172.17.0.0      0.0.0.0         255.255.0.0     U     0      0        0 docker0
172.52.0.0      0.0.0.0         255.255.0.0     U     0      0        0 br-a6391072174f