When trying to connect to a Kubo node using WebTransport, I discovered that my Kubo node is advertising the public mutiaddrs without the WebTransport certificate hash which means a browser cannot connect.
Weirdly, the Node’s private IPs have the certhash embedded in them.
For example, the following public IP multiaddr doesn’t have the certhash:
"/ip4/149.248.221.175/udp/4001/quic-v1/webtransport/p2p/12D3KooW9snnuzHgfzpBKWtZxU9tpPDqB7SG4qM9tGLA9eQgYpQh",
I suspect this is because the public IPv4 of the node is configured through AppendAnnounce in the config. Because the public IP is not “detectable” or known from the perspective of the Kubo container.
Is there a way to configure Kubo to announce the full WebTransport multiaddr for IPs provided through AppendAnnounce?
{
"ID": "12D3KooW9snnuzHgfzpBKWtZxU9tpPDqB7SG4qM9tGLA9eQgYpQh",
"PublicKey": "CAESIADglZ4MsCxjqM+GMrJ2Ofa7UOT2SFM8ejJfiIVIYY7i",
"Addresses": [
"/ip4/127.0.0.1/tcp/4001/p2p/12D3KooW9snnuzHgfzpBKWtZxU9tpPDqB7SG4qM9tGLA9eQgYpQh",
"/ip4/127.0.0.1/tcp/4002/ws/p2p/12D3KooW9snnuzHgfzpBKWtZxU9tpPDqB7SG4qM9tGLA9eQgYpQh",
"/ip4/127.0.0.1/udp/4001/quic-v1/p2p/12D3KooW9snnuzHgfzpBKWtZxU9tpPDqB7SG4qM9tGLA9eQgYpQh",
"/ip4/127.0.0.1/udp/4001/quic-v1/webtransport/certhash/uEiAKE86Eh0_yTbno_ir8HjjtlrGzSA72pY9P27HwfWOGmQ/certhash/uEiCw0HNHBC7bFagFL1yjD77RZkSvzs7PbkEkNfcU1-rfFg/p2p/12D3KooW9snnuzHgfzpBKWtZxU9tpPDqB7SG4qM9tGLA9eQgYpQh",
"/ip4/127.0.0.1/udp/4001/quic/p2p/12D3KooW9snnuzHgfzpBKWtZxU9tpPDqB7SG4qM9tGLA9eQgYpQh",
"/ip4/145.40.93.179/tcp/4001/p2p/12D3KooW9snnuzHgfzpBKWtZxU9tpPDqB7SG4qM9tGLA9eQgYpQh",
"/ip4/145.40.93.179/udp/4001/quic-v1/p2p/12D3KooW9snnuzHgfzpBKWtZxU9tpPDqB7SG4qM9tGLA9eQgYpQh",
"/ip4/145.40.93.179/udp/4001/quic/p2p/12D3KooW9snnuzHgfzpBKWtZxU9tpPDqB7SG4qM9tGLA9eQgYpQh",
"/ip4/149.248.221.175/tcp/4001/p2p/12D3KooW9snnuzHgfzpBKWtZxU9tpPDqB7SG4qM9tGLA9eQgYpQh",
"/ip4/149.248.221.175/udp/4001/quic-v1/p2p/12D3KooW9snnuzHgfzpBKWtZxU9tpPDqB7SG4qM9tGLA9eQgYpQh",
"/ip4/149.248.221.175/udp/4001/quic-v1/p2p/12D3KooW9snnuzHgfzpBKWtZxU9tpPDqB7SG4qM9tGLA9eQgYpQh",
"/ip4/149.248.221.175/udp/4001/quic-v1/webtransport/p2p/12D3KooW9snnuzHgfzpBKWtZxU9tpPDqB7SG4qM9tGLA9eQgYpQh",
"/ip4/149.248.221.175/udp/4001/quic/p2p/12D3KooW9snnuzHgfzpBKWtZxU9tpPDqB7SG4qM9tGLA9eQgYpQh",
"/ip4/149.248.221.175/udp/4001/quic/p2p/12D3KooW9snnuzHgfzpBKWtZxU9tpPDqB7SG4qM9tGLA9eQgYpQh",
"/ip6/2604:1380:4091:360c:0:4:48a9:3/tcp/4001/p2p/12D3KooW9snnuzHgfzpBKWtZxU9tpPDqB7SG4qM9tGLA9eQgYpQh",
"/ip6/2604:1380:4091:360c:0:4:48a9:3/udp/4001/quic-v1/p2p/12D3KooW9snnuzHgfzpBKWtZxU9tpPDqB7SG4qM9tGLA9eQgYpQh",
"/ip6/::1/tcp/4001/p2p/12D3KooW9snnuzHgfzpBKWtZxU9tpPDqB7SG4qM9tGLA9eQgYpQh",
"/ip6/::1/tcp/4002/ws/p2p/12D3KooW9snnuzHgfzpBKWtZxU9tpPDqB7SG4qM9tGLA9eQgYpQh",
"/ip6/::1/udp/4001/quic-v1/p2p/12D3KooW9snnuzHgfzpBKWtZxU9tpPDqB7SG4qM9tGLA9eQgYpQh",
"/ip6/::1/udp/4001/quic-v1/webtransport/certhash/uEiAKE86Eh0_yTbno_ir8HjjtlrGzSA72pY9P27HwfWOGmQ/certhash/uEiCw0HNHBC7bFagFL1yjD77RZkSvzs7PbkEkNfcU1-rfFg/p2p/12D3KooW9snnuzHgfzpBKWtZxU9tpPDqB7SG4qM9tGLA9eQgYpQh"
],
"AgentVersion": "kubo/0.18.1/675f8bd/docker",
"ProtocolVersion": "ipfs/0.1.0",
"Protocols": [
"/ipfs/bitswap",
"/ipfs/bitswap/1.0.0",
"/ipfs/bitswap/1.1.0",
"/ipfs/bitswap/1.2.0",
"/ipfs/id/1.0.0",
"/ipfs/id/push/1.0.0",
"/ipfs/lan/kad/1.0.0",
"/ipfs/ping/1.0.0",
"/libp2p/circuit/relay/0.1.0",
"/libp2p/circuit/relay/0.2.0/stop",
"/p2p/id/delta/1.0.0",
"/x/"
]
}
The node’s configuration:
{
"API": {
"HTTPHeaders": {}
},
"Addresses": {
"API": [
"/ip4/0.0.0.0/tcp/5001",
"/ip6/::/tcp/5001"
],
"Announce": [],
"AppendAnnounce": [
"/ip4/149.248.221.175/tcp/4001",
"/ip4/149.248.221.175/udp/4001/quic",
"/ip4/149.248.221.175/udp/4001/quic-v1",
"/ip4/149.248.221.175/udp/4001/quic-v1/webtransport"
],
"Gateway": "/ip4/0.0.0.0/tcp/8080",
"NoAnnounce": [
"/ip4/10.0.0.0/ipcidr/8",
"/ip4/100.64.0.0/ipcidr/10",
"/ip4/169.254.0.0/ipcidr/16",
"/ip4/172.16.0.0/ipcidr/12",
"/ip4/192.0.0.0/ipcidr/24",
"/ip4/192.0.2.0/ipcidr/24",
"/ip4/192.168.0.0/ipcidr/16",
"/ip4/198.18.0.0/ipcidr/15",
"/ip4/198.51.100.0/ipcidr/24",
"/ip4/203.0.113.0/ipcidr/24",
"/ip4/240.0.0.0/ipcidr/4",
"/ip6/100::/ipcidr/64",
"/ip6/2001:2::/ipcidr/48",
"/ip6/2001:db8::/ipcidr/32",
"/ip6/fc00::/ipcidr/7",
"/ip6/fe80::/ipcidr/10"
],
"Swarm": [
"/ip4/0.0.0.0/tcp/4001",
"/ip4/0.0.0.0/tcp/4002/ws",
"/ip4/0.0.0.0/udp/4001/quic",
"/ip4/0.0.0.0/udp/4001/quic-v1",
"/ip4/0.0.0.0/udp/4001/quic-v1/webtransport",
"/ip6/::/tcp/4001",
"/ip6/::/tcp/4002/ws",
"/ip6/::/udp/4001/quic-v1/webtransport",
"/ip6/::/udp/4001/quic-v1"
]
},
"AutoNAT": {
"ServiceMode": "disabled"
},
"Bootstrap": [
"/dnsaddr/bootstrap.libp2p.io/p2p/QmNnooDu7bfjPFoTZYxMNLWUQJyrVwtbZg5gBMjTezGAJN",
"/dnsaddr/bootstrap.libp2p.io/p2p/QmQCU2EcMqAqQPR2i9bChDtGNJchTbq5TbXJJ16u19uLTa",
"/dnsaddr/bootstrap.libp2p.io/p2p/QmbLHAnMoJPWSCR5Zhtx6BHJX9KiKNN6tpvbUcqanj75Nb",
"/dnsaddr/bootstrap.libp2p.io/p2p/QmcZf59bWwK5XFi76CZX8cbJ4BhTzzA3gU1ZjYZcYW3dwt",
"/ip4/104.131.131.82/tcp/4001/p2p/QmaCpDMGvV2BGHeYERUEnRQAwe3N8SzbUtfsmvsqQLuvuJ",
"/ip4/104.131.131.82/udp/4001/quic/p2p/QmaCpDMGvV2BGHeYERUEnRQAwe3N8SzbUtfsmvsqQLuvuJ"
],
"DNS": {
"Resolvers": {}
},
"Datastore": {
"BloomFilterSize": 0,
"GCPeriod": "1h",
"HashOnRead": false,
"Spec": {
"mounts": [
{
"child": {
"path": "blocks",
"shardFunc": "/repo/flatfs/shard/v1/next-to-last/2",
"sync": true,
"type": "flatfs"
},
"mountpoint": "/blocks",
"prefix": "flatfs.datastore",
"type": "measure"
},
{
"child": {
"compression": "none",
"path": "datastore",
"type": "levelds"
},
"mountpoint": "/",
"prefix": "leveldb.datastore",
"type": "measure"
}
],
"type": "mount"
},
"StorageGCWatermark": 90,
"StorageMax": "10GB"
},
"Discovery": {
"MDNS": {
"Enabled": false
}
},
"Experimental": {
"AcceleratedDHTClient": false,
"FilestoreEnabled": false,
"GraphsyncEnabled": false,
"Libp2pStreamMounting": false,
"P2pHttpProxy": false,
"StrategicProviding": false,
"UrlstoreEnabled": false
},
"Gateway": {
"APICommands": [],
"HTTPHeaders": {
"Access-Control-Allow-Headers": [
"X-Requested-With",
"Range",
"User-Agent"
],
"Access-Control-Allow-Methods": [
"GET"
],
"Access-Control-Allow-Origin": [
"*"
]
},
"NoDNSLink": false,
"NoFetch": false,
"PathPrefixes": [],
"PublicGateways": null,
"RootRedirect": "",
"Writable": false
},
"Identity": {
"PeerID": "12D3KooW9snnuzHgfzpBKWtZxU9tpPDqB7SG4qM9tGLA9eQgYpQh"
},
"Internal": {},
"Ipns": {
"RecordLifetime": "",
"RepublishPeriod": "",
"ResolveCacheSize": 128
},
"Migration": {
"DownloadSources": [],
"Keep": ""
},
"Mounts": {
"FuseAllowOther": false,
"IPFS": "/ipfs",
"IPNS": "/ipns"
},
"Peering": {
"Peers": null
},
"Pinning": {
"RemoteServices": {}
},
"Plugins": {
"Plugins": null
},
"Provider": {
"Strategy": ""
},
"Pubsub": {
"DisableSigning": false,
"Router": ""
},
"Reprovider": {},
"Routing": {
"Methods": null,
"Routers": null
},
"Swarm": {
"AddrFilters": [
"/ip4/10.0.0.0/ipcidr/8",
"/ip4/100.64.0.0/ipcidr/10",
"/ip4/169.254.0.0/ipcidr/16",
"/ip4/172.16.0.0/ipcidr/12",
"/ip4/192.0.0.0/ipcidr/24",
"/ip4/192.0.2.0/ipcidr/24",
"/ip4/192.168.0.0/ipcidr/16",
"/ip4/198.18.0.0/ipcidr/15",
"/ip4/198.51.100.0/ipcidr/24",
"/ip4/203.0.113.0/ipcidr/24",
"/ip4/240.0.0.0/ipcidr/4",
"/ip6/100::/ipcidr/64",
"/ip6/2001:2::/ipcidr/48",
"/ip6/2001:db8::/ipcidr/32",
"/ip6/fc00::/ipcidr/7",
"/ip6/fe80::/ipcidr/10"
],
"ConnMgr": {},
"DisableBandwidthMetrics": false,
"DisableNatPortMap": true,
"EnableHolePunching": false,
"RelayClient": {
"Enabled": false
},
"RelayService": {},
"ResourceMgr": {
"MaxMemory": "1.8 GB"
},
"Transports": {
"Multiplexers": {},
"Network": {},
"Security": {}
}
}
}