Port forwarding for your NKN node

From NKN Community Wiki
Revision as of 07:49, 23 September 2021 by AL (talk | contribs) (Add config.json location)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

📌 This guide will help you to setup port forwarding for your NKN node.

Make your node accessible

At home

There is a high chance that your node is behind a router and does not have a public IP address itself. By default, nknd will try to detect if your router supports UPnP or NAT-PMP protocol, and if success, it will try to set up port forwarding automatically. You can add --no-nat flag when starting nknd OR add "NAT": false in config.json [1] to disable automatic port forwarding. If your router does not support such protocol, you have to setup port forwarding on your router for port 30001 as well as all other ports specified in config.json (30001-30005 by default), otherwise other nodes cannot establish connections to you but you will not be able to mine token even though your node can still run and sync blocks.

[1] The config.json file is available at different location regarding your installation method

nkn-commercial/services/nkn-node/config.json
 /home/nkn/nkn-commercial/services/nkn-node/config.json (All in one) 
/home/nknx/nkn-commercial/services/nkn-node/config.json (nknx)


When setting up port forwarding, public port needs to be the same as private port mapped to your node. For example, you should map port 30001 on your router's public IP address to port 30001 on your node's internal IP address.


EXTERNAL IP PORT 30001 --> INTERNAL IP PORT 30001

8.8.8.8:30001 -> 192.168.1.1:30001


The specific steps to setup port forwarding depends on your router. But in general, you need to log in to the admin interface of your router (typically in a web browser), then navigate to the port forwarding section, and create several mappings, one for each port. One of the easiest way to find out how to setup port forwarding on your router is to search "how to setup port forwarding" + your router model or name online.

The other solution is to setup a DMZ zone on your router. A DMZ zone is a no-filtered IP within your internal network. You can read more about the DMZ capabilities of your router by searching "how to setup DMZ" + your router model or name online.


In a datacenter

Most of the time datacenter do not offer any specific firewall on VPS. Still, a few providers required specific configurations.