Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update documentation for docker #1694

Closed
chompomonim opened this issue Feb 12, 2020 · 6 comments
Closed

Update documentation for docker #1694

chompomonim opened this issue Feb 12, 2020 · 6 comments
Assignees
@ignasbernotas @etherunit
Labels
documentation

Comments

@chompomonim
Copy link
Contributor

In docker related documentation we should describe how to specify a range of ports which we can map and use for NAT pinging. This should fix most of the cases of #1599.

Also mention in the documentation that docker support in a local network is experimental and may not work in all cases.
@chompomonim chompomonim created this issue from a note in Engineering (Todo) Feb 12, 2020
@chompomonim chompomonim removed this from Todo in Engineering Feb 20, 2020
@Waldz Waldz self-assigned this Feb 28, 2020
@Waldz
Copy link
Member

Waldz commented Mar 4, 2020
edited by zolia

  1. Start node with
  • turn off automapping port mapping
  • turn off port nat hole punching
  • map container ports manually
docker run --cap-add NET_ADMIN -p 24000:24000/udp -p 4449:4449 \
           -v ~/.mysterium/keystore:/var/lib/mysterium-node \
           --name myst \
           --rm mysteriumnetwork/myst \
           --experiment-natpunching=false \
           --nat-port-mapping=false service \
           --agreed-terms-and-conditions \
           --openvpn.port=24000
  1. In router map virtual server manually: from router 88.119.191.24 -> you local network machine 10.0.88.153 on your chosen very custom port
  2. Debugging:
# Don't forget to start you container with TCP protocol `--openvpn.proto=tcp`
telnet localhost 24000
telent 10.0.88.153 24000
telnet 88.119.191.24 24000

@etherunit
Copy link
Collaborator

etherunit commented Mar 9, 2020
edited

published article https://help.mysterium.network/en/articles/3777670-running-your-node-on-a-docker

@chompomonim
Copy link
Contributor Author

Cool!

Can we also mention wireguard setup? Or wireguard is not supported in our docker images ATM?

@zolia
Copy link
Contributor

zolia commented Mar 13, 2020

Don't forget to start you container with TCP protocol --openvpn.proto=tcp

this should be needed only if you want to test whether your port mapping configuration works. Service itself and port mapping should be run on UDP protocol thus for production
--openvpn.proto=tcp should not be needed.

@zolia
Copy link
Contributor

zolia commented Mar 13, 2020

Also, with recent NAT changes there should be no need to run such port mapping configuration at all. Documentation should clearly state that such configuration should only be used if client has strict firewall configuration rules and wants to control all access through firewall.

@chompomonim chompomonim assigned etherunit and ignasbernotas and unassigned Waldz Mar 13, 2020
@ignasbernotas
Copy link
Contributor

Instructions added for static port. Will update once another solution is possible.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@ignasbernotas ignasbernotas

@etherunit etherunit

Labels
documentation
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@chompomonim @ignasbernotas @Waldz @zolia @etherunit