Cannot make P2P connection in IPFS work in real but isolated network(Currently Internet cutoff in Iran) even with custom bootstrap node

Help
1

Hi currently in Iran government did cutoff international internet and Iranian can only access iranian IPs.

I’m trying to setup IPFS bootstrap node so others can join the a private IPFS network(I call it private because it’s only accessable in Iran because as non of nodes have international internet access this network would not be visible to the world. my purpose is allow iranian peaple to send files to each other safely). obviously now official bootstrap node not work so i did:

  • setup `kubo` on my server and did open port in firewall(both 4001 tcp and udp). i did removed all bootstrap nodes using ipfs bootstrap rm --all and ran the server using server profile.
  • in my laptop i removed all bootstrap nodes and added my server to bootstrap node list
  • in my friend laptop i did the same(i did confirm the i can connect to my server and it’s working) and created a file using echo "hello IPFS" | ipfs add -q --cid-version 1
  • tried to fetch the file in my friend laptop using ipfs cat <the_output_of_above_command> and the result was nothing. it freezes and do not show anything
  • i tried fetching the file in the bootstrap server and it worked and ipfs cat result was “hello IPFS”(this means direct server->myLaptop and myLaptop->server works)
  • then i tried the return the same command in my friend laptop and it worked!(which means direct server->myFriendLaptop and myFriendLaptop->server also works)
  • i did the same precedure again with another text message and i get the same result as before(ipfs cat freezes and do not output anything). This means myLaptop ↔ myFriendLaptop connection does not work

I also tried these

  • adding GOLOG_LOG_LEVEL=error,provider=debug,dht/provider=debug to kubo docker container did not helped(i now get some extra logs but not much)
  • confirm that i’m connected to bootstrap node as ipfs swarm connect /dnsaddr/... results was success.
  • i’m sure that UDP port is open. although ISP maybe is blocking it(i will check it today using ncat -u)
  • both three nodes are running the same ipfs/kubo:master-latest image in docker and have volume setuped for persistant config(i did confirm that any change in ipfs config is persistant after container rerun)
2

But are you connected to your friend?

  • You need to be connected to your friend to fetch content from them
  • Autodiscovery of your friend means they need to have a public IP and WAN-DHT working (ipfs id should show "/ipfs/kad/1.0.0", among the protocols). Once that exists they should be announcing their content to the DHT and to you (in a small network like that everyone would be connected to everyone).
  • There is AutoNAT and hole-punching to obtain public IPs, but perhaps in a 3 people network this is not working well or UDP is blocked as you said.