Private Swarm with WSS Bootstrap: Child Nodes Cannot Discover or Connect to Each Other

Dharmesh · March 29, 2026, 4:54am

I am running a private IPFS network using a shared swarm.key. My bootstrap node is exposed over WSS on port 443 through a reverse proxy, and it announces its WSS address correctly. Child nodes are able to connect to the bootstrap node successfully, but child nodes never discover or connect to each other.

ipfs swarm peers on all child nodes remains empty except for (occasionally) the bootstrap node.

So the issue is specifically:

Child → Bootstrap = works
Child → Child = does NOT work

Kubo version: 0.36.0 / 0.40.0

Here is the **Bootstrap node config
**
{
“API”: {
“HTTPHeaders”: {}
},
“Addresses”: {
“API”: “/ip4/127.0.0.1/tcp/5001”,
“Announce”: [
“/dns4//tcp/443/wss”
],
“AppendAnnounce”: [
“/dns4//tcp/443/wss”
],
“Gateway”: “/ip4/0.0.0.0/tcp/8080”,
“NoAnnounce”: ,
“Swarm”: [
“/ip4/0.0.0.0/tcp/4001/ws”,
“/ip6/::/tcp/4001”
]
},
“AutoConf”: {
“Enabled”: false
},
“AutoNAT”: {
“Enabled”: true,
“ServiceMode”: “enabled”,
“Throttle”: {
“GlobalLimit”: 30,
“Interval”: “1m0s”,
“PeerLimit”: 3
}
},
“AutoTLS”: {
“Enabled”: false
},
“Bitswap”: {},
“Bootstrap”: [
“/dns4//tcp/443/wss/p2p/”
],
“ConnMgr”: {},
“DNS”: {
“Resolvers”: {}
},
“Datastore”: {
“BlockKeyCacheSize”: null,
“BloomFilterSize”: 0,
“GCPeriod”: “1h”,
“HashOnRead”: false,
“Spec”: {
“mounts”: [
{
“mountpoint”: “/blocks”,
“path”: “blocks”,
“prefix”: “flatfs.datastore”,
“shardFunc”: “/repo/flatfs/shard/v1/next-to-last/2”,
“sync”: false,
“type”: “flatfs”
},
{
“compression”: “none”,
“mountpoint”: “/”,
“path”: “datastore”,
“prefix”: “leveldb.datastore”,
“type”: “levelds”
}
],
“type”: “mount”
},
“StorageGCWatermark”: 90,
“StorageMax”: “10GB”
},
“Discovery”: {
“MDNS”: {
“Enabled”: false
}
},
“Experimental”: {
“FilestoreEnabled”: false,
“GraphsyncEnabled”: false,
“Libp2pStreamMounting”: false,
“OptimisticProvide”: true,
“OptimisticProvideJobsPoolSize”: 256,
“P2pHttpProxy”: false,
“StrategicProviding”: false,
“UrlstoreEnabled”: false
},
“Gateway”: {
“APICommands”: null,
“DeserializedResponses”: null,
“DisableHTMLErrors”: null,
“ExposeRoutingAPI”: null,
“HTTPHeaders”: {},
“NoDNSLink”: false,
“NoFetch”: false,
“PathPrefixes”: null,
“PublicGateways”: null,
“RootRedirect”: “”
},
“HTTPRetrieval”: {},
“Identity”: {
“PeerID”: “”,
“PrivKey”: “”
},
“Import”: {
“BatchMaxNodes”: null,
“BatchMaxSize”: null,
“CidVersion”: null,
“HashFunction”: null,
“UnixFSChunker”: null,
“UnixFSDirectoryMaxLinks”: null,
“UnixFSFileMaxLinks”: null,
“UnixFSHAMTDirectoryMaxFanout”: null,
“UnixFSHAMTDirectorySizeEstimation”: null,
“UnixFSHAMTDirectorySizeThreshold”: null,
“UnixFSRawLeaves”: null
},
“Internal”: {
“Libp2pForceReachability”: “public”
},
“Ipns”: {
“RecordLifetime”: “”,
“RepublishPeriod”: “”,
“ResolveCacheSize”: 128
},
“Migration”: {
“DownloadSources”: ,
“Keep”: “”
},
“Mounts”: {
“FuseAllowOther”: false,
“IPFS”: “/ipfs”,
“IPNS”: “/ipns”,
“MFS”: “/mfs”
},
“Peering”: {
“Peers”:
},
“Pinning”: {
“RemoteServices”: {}
},
“Plugins”: {
“Plugins”: null
},
“Provide”: {
“DHT”: {}
},
“Pubsub”: {
“DisableSigning”: false,
“Router”: “gossipsub”
},
“Routing”: {
“AcceleratedDHTClient”: false,
“Methods”: null,
“Routers”: null,
“Type”: “dht”
},
“Swarm”: {
“AddrFilters”: null,
“ConnMgr”: {},
“DisableBandwidthMetrics”: false,
“DisableNatPortMap”: false,
“EnableAutoRelay”: null,
“EnableHolePunching”: false,
“EnableRelayHop”: false,
“RelayClient”: {
“Enabled”: false,
“StaticRelays”:
},
“RelayService”: {
“Enabled”: true,
“Resources”: {
“BufferSize”: 16384,
“Limit”: {
“Data”: 104857600,
“Duration”: “10m”
},
“MaxCircuits”: 512,
“MaxReservations”: 1024,
“ReservationTTL”: “4h”
}
},
“ResourceMgr”: {},
“Transports”: {
“Multiplexers”: {},
“Network”: {
“Relay”: true,
“TCP”: true,
“Websocket”: true
},
“Security”: {}
}
},
“Version”: {}
}

Below is my child node config

{
“API”: {
“HTTPHeaders”: {}
},
“Addresses”: {
“API”: “/ip4/127.0.0.1/tcp/5001”,
“Announce”: ,
“AppendAnnounce”: ,
“Gateway”: “/ip4/0.0.0.0/tcp/8080”,
“NoAnnounce”: ,
“Swarm”: [
“/ip4/0.0.0.0/tcp/4001/ws”,
“/ip6/::/tcp/4001”,
“/ip4/0.0.0.0/udp/4001/quic-v1”,
“/ip6/::/udp/4001/quic-v1”
]
},
“AutoNAT”: {
“Enabled”: true,
“ServiceMode”: “enabled”,
“Throttle”: {
“GlobalLimit”: 30,
“Interval”: “1m0s”,
“PeerLimit”: 3
}
},
“AutoTLS”: {
“Enabled”: false
},
“Bitswap”: {},
“Bootstrap”: [
“/dns4//tcp/443/wss/p2p/”
],
“ConnMgr”: {},
“DNS”: {
“Resolvers”: {}
},
“Datastore”: {
“BlockKeyCacheSize”: null,
“BloomFilterSize”: 0,
“GCPeriod”: “1h”,
“HashOnRead”: false,
“Spec”: {
“mounts”: [
{
“mountpoint”: “/blocks”,
“path”: “blocks”,
“prefix”: “flatfs.datastore”,
“shardFunc”: “/repo/flatfs/shard/v1/next-to-last/2”,
“sync”: false,
“type”: “flatfs”
},
{
“compression”: “none”,
“mountpoint”: “/”,
“path”: “datastore”,
“prefix”: “leveldb.datastore”,
“type”: “levelds”
}
],
“type”: “mount”
},
“StorageGCWatermark”: 90,
“StorageMax”: “10GB”
},
“Discovery”: {
“MDNS”: {
“Enabled”: false
}
},
“Experimental”: {
“FilestoreEnabled”: false,
“GraphsyncEnabled”: false,
“Libp2pStreamMounting”: false,
“OptimisticProvide”: true,
“OptimisticProvideJobsPoolSize”: 256,
“P2pHttpProxy”: false,
“StrategicProviding”: false,
“UrlstoreEnabled”: false
},
“Gateway”: {
“APICommands”: null,
“DeserializedResponses”: null,
“DisableHTMLErrors”: null,
“ExposeRoutingAPI”: null,
“HTTPHeaders”: {},
“NoDNSLink”: false,
“NoFetch”: false,
“PathPrefixes”: null,
“PublicGateways”: null,
“RootRedirect”: “”
},
“HTTPRetrieval”: {},
“Identity”: {
“PeerID”: “”,
“PrivKey”: “”
},
“Import”: {},
“Internal”: {},
“Ipns”: {
“RecordLifetime”: “”,
“RepublishPeriod”: “”,
“ResolveCacheSize”: 128
},
“Migration”: {
“DownloadSources”: ,
“Keep”: “”
},
“Mounts”: {
“FuseAllowOther”: false,
“IPFS”: “/ipfs”,
“IPNS”: “/ipns”,
“MFS”: “/mfs”
},
“Peering”: {
“Peers”: [
{
“ID”: “”,
“Addrs”: [
“/dns4//tcp/443/wss”
]
},
{
“ID”: “”,
“Addrs”:
}
]
},
“Pinning”: {
“RemoteServices”: {}
},
“Plugins”: {
“Plugins”: null
},
“Provider”: {
“Strategy”: “”
},
“Pubsub”: {
“DisableSigning”: false,
“Router”: “gossipsub”
},
“RelayClient”: {
“Enabled”: true,
“StaticRelays”: [
“/dns4//tcp/443/wss/p2p/”
]
},
“Reprovider”: {},
“Routing”: {
“AcceleratedDHTClient”: false,
“Type”: “dht”
},
“Swarm”: {
“AddrFilters”: null,
“ConnMgr”: {},
“DisableBandwidthMetrics”: false,
“DisableNatPortMap”: false,
“EnableAutoRelay”: true,
“EnableHolePunching”: true,
“EnableRelayHop”: false,
“RelayClient”: null,
“RelayService”: {
“Enabled”: false,
“Resources”: {
“BufferSize”: 2048,
“Limit”: {
“Data”: 131072,
“Duration”: “2m”
},
“MaxCircuits”: 256,
“MaxReservations”: 512,
“ReservationTTL”: “2h”
}
},
“ResourceMgr”: {},
“Transports”: {
“Multiplexers”: {},
“Network”: {
“Websocket”: true,
“quic”: false,
“webtransport”: false
},
“Security”: {}
}
},
“Version”: {}
}

Topic		Replies	Views
Need Help, while creating private ipfs network, nodes are unable to automatically discover each other Help go-ipfs	7	1151	June 14, 2019
Set up private ipfs Help	21	5009	July 19, 2022
We are setting up our IPFS private network Help	1	350	March 30, 2022
IPFS Private Network local peers discovery issue Help go-ipfs	2	467	December 28, 2022
Swarm peers not discovering electron, orbit -> node env Help js-ipfs	6	804	July 15, 2020

Private Swarm with WSS Bootstrap: Child Nodes Cannot Discover or Connect to Each Other

Related topics