Hey everyone,
I seek some help to troubleshoot my yunohost instance which is not available from outside my network since weeks because of broken port forwarding.
My YunoHost server
Hardware: Old laptop mainboard
YunoHost version: 4.3.4.1 (stable)
I have access to my server : Through SSH | through the webadmin
Are you in a special context or did you perform some particular tweaking on your YunoHost instance ? : no
If yes, please explain:
Description of my issue
I am running a yunohost server with success since a half year. I don’t have a static IP address, so I use the DynDNS service build in to yunohost. A month ago a new router arrived from my provider and since two weeks I can’t reach my server from outside my network.
The diagnosis tool in yunohost showed that no port is accessible from outside the network: https://paste.yunohost.org/raw/urofonapev (sry that it is in german)
But the IP address behind my domain is correctly mapped tot my routers public IP address. I checked that.
In order to solve the issue, in the last week I tried to:
- restart the server
- manually reload the yunohost firewall with sudo yunohost firewall reload with a success message
- deactivate and enable UPnP (the router does recognize the requests in the logs and opened the ports)
- reset the configuration for the server in the router interface and opened the ports manually
All with no success. The router tells me that the ports are opened and also the server opened the ports. I looked it up with ss -tulpn:
admin@server:~$ sudo ss -tulpn
Netid State Recv-Q Send-Q Local Address:Port Peer Address:Port
udp UNCONN 0 0 0.0.0.0:1900 0.0.0.0:* users:(("jellyfin",pid=550,fd=303))
udp UNCONN 0 0 0.0.0.0:53 0.0.0.0:* users:(("dnsmasq",pid=658,fd=4))
udp UNCONN 0 0 0.0.0.0:68 0.0.0.0:* users:(("dhclient",pid=527,fd=7))
udp UNCONN 0 0 192.168.178.65:123 0.0.0.0:* users:(("ntpd",pid=918,fd=19))
udp UNCONN 0 0 172.18.0.1:123 0.0.0.0:* users:(("ntpd",pid=918,fd=27))
udp UNCONN 0 0 127.0.0.1:123 0.0.0.0:* users:(("ntpd",pid=918,fd=18))
udp UNCONN 0 0 0.0.0.0:123 0.0.0.0:* users:(("ntpd",pid=918,fd=17))
udp UNCONN 0 0 0.0.0.0:41087 0.0.0.0:* users:(("jellyfin",pid=550,fd=304))
udp UNCONN 0 0 192.168.178.65:45374 0.0.0.0:* users:(("jellyfin",pid=550,fd=305))
udp UNCONN 0 0 172.17.0.1:45446 0.0.0.0:* users:(("jellyfin",pid=550,fd=306))
udp UNCONN 0 0 0.0.0.0:7359 0.0.0.0:* users:(("jellyfin",pid=550,fd=324))
udp UNCONN 0 0 192.168.178.65:5353 0.0.0.0:* users:(("yunomdns",pid=517,fd=4))
udp UNCONN 0 0 0.0.0.0:5353 0.0.0.0:* users:(("yunomdns",pid=517,fd=3))
udp UNCONN 0 0 172.18.0.1:44466 0.0.0.0:* users:(("jellyfin",pid=550,fd=307))
udp UNCONN 0 0 [::]:53 [::]:* users:(("dnsmasq",pid=658,fd=6))
udp UNCONN 0 0 [fd00::2ad2:44ff:fedf:62be]:123 [::]:* users:(("ntpd",pid=918,fd=26))
udp UNCONN 0 0 [fe80::2ad2:44ff:fedf:62be]%enp0s25:123 [::]:* users:(("ntpd",pid=918,fd=22))
udp UNCONN 0 0 [2a02:810a:11bf:dcbc:2ad2:44ff:fedf:62be]:123 [::]:* users:(("ntpd",pid=918,fd=21))
udp UNCONN 0 0 [fe80::c4e7:e8ff:fe26:413e]%vethd452cde:123 [::]:* users:(("ntpd",pid=918,fd=31))
udp UNCONN 0 0 [fe80::42:ecff:fe51:f81f]%br-ae025d3802ea:123 [::]:* users:(("ntpd",pid=918,fd=29))
udp UNCONN 0 0 [::1]:123 [::]:* users:(("ntpd",pid=918,fd=20))
udp UNCONN 0 0 [::]:123 [::]:* users:(("ntpd",pid=918,fd=16))
tcp LISTEN 0 128 0.0.0.0:8888 0.0.0.0:* users:(("gunicorn",pid=2152,fd=5),("gunicorn",pid=1342,fd=5))
tcp LISTEN 0 128 127.0.0.1:5432 0.0.0.0:* users:(("postgres",pid=902,fd=5))
tcp LISTEN 0 100 0.0.0.0:25 0.0.0.0:* users:(("master",pid=1139,fd=13))
tcp LISTEN 0 128 0.0.0.0:443 0.0.0.0:* users:(("nginx",pid=1327,fd=20),("nginx",pid=1326,fd=20),("nginx",pid=1325,fd=20),("nginx",pid=1323,fd=20),("nginx",pid=1322,fd=20))
tcp LISTEN 0 128 0.0.0.0:636 0.0.0.0:* users:(("slapd",pid=901,fd=9))
tcp LISTEN 0 100 0.0.0.0:4190 0.0.0.0:* users:(("dovecot",pid=1026,fd=15))
tcp LISTEN 0 100 0.0.0.0:993 0.0.0.0:* users:(("dovecot",pid=1026,fd=38))
tcp LISTEN 0 128 127.0.0.1:6787 0.0.0.0:* users:(("yunohost-api",pid=544,fd=6))
tcp LISTEN 0 128 127.0.0.1:11332 0.0.0.0:* users:(("rspamd",pid=1149,fd=8),("rspamd",pid=1148,fd=8),("rspamd",pid=1147,fd=8),("rspamd",pid=1146,fd=8),("rspamd",pid=745,fd=8))
tcp LISTEN 0 128 127.0.0.1:11333 0.0.0.0:* users:(("rspamd",pid=1149,fd=15),("rspamd",pid=1148,fd=15),("rspamd",pid=745,fd=15))
tcp LISTEN 0 128 127.0.0.1:389 0.0.0.0:* users:(("slapd",pid=901,fd=8))
tcp LISTEN 0 128 127.0.0.1:11334 0.0.0.0:* users:(("rspamd",pid=1149,fd=11),("rspamd",pid=1148,fd=11),("rspamd",pid=1147,fd=11),("rspamd",pid=745,fd=11))
tcp LISTEN 0 128 0.0.0.0:5222 0.0.0.0:* users:(("lua5.1",pid=825,fd=19))
tcp LISTEN 0 128 127.0.0.1:9001 0.0.0.0:* users:(("node",pid=560,fd=27))
tcp LISTEN 0 128 127.0.0.1:5290 0.0.0.0:* users:(("lua5.1",pid=825,fd=14))
tcp LISTEN 0 100 0.0.0.0:587 0.0.0.0:* users:(("master",pid=1139,fd=18))
tcp LISTEN 0 128 127.0.0.1:6379 0.0.0.0:* users:(("redis-server",pid=585,fd=6))
tcp LISTEN 0 100 0.0.0.0:143 0.0.0.0:* users:(("dovecot",pid=1026,fd=36))
tcp LISTEN 0 128 0.0.0.0:80 0.0.0.0:* users:(("nginx",pid=1327,fd=18),("nginx",pid=1326,fd=18),("nginx",pid=1325,fd=18),("nginx",pid=1323,fd=18),("nginx",pid=1322,fd=18))
tcp LISTEN 0 128 127.0.0.1:8081 0.0.0.0:* users:(("jupyterhub",pid=538,fd=6))
tcp LISTEN 0 10 127.0.0.1:10001 0.0.0.0:* users:(("postsrsd",pid=479,fd=4))
tcp LISTEN 0 128 127.0.0.1:8082 0.0.0.0:* users:(("node",pid=2123,fd=19))
tcp LISTEN 0 10 127.0.0.1:10002 0.0.0.0:* users:(("postsrsd",pid=479,fd=5))
tcp LISTEN 0 128 0.0.0.0:5269 0.0.0.0:* users:(("lua5.1",pid=825,fd=17))
tcp LISTEN 0 32 0.0.0.0:53 0.0.0.0:* users:(("dnsmasq",pid=658,fd=5))
tcp LISTEN 0 128 0.0.0.0:22 0.0.0.0:* users:(("sshd",pid=641,fd=3))
tcp LISTEN 0 128 [::1]:5432 [::]:* users:(("postgres",pid=902,fd=3))
tcp LISTEN 0 100 [::]:25 [::]:* users:(("master",pid=1139,fd=14))
tcp LISTEN 0 128 [::]:443 [::]:* users:(("nginx",pid=1327,fd=21),("nginx",pid=1326,fd=21),("nginx",pid=1325,fd=21),("nginx",pid=1323,fd=21),("nginx",pid=1322,fd=21))
tcp LISTEN 0 128 [::]:636 [::]:* users:(("slapd",pid=901,fd=10))
tcp LISTEN 0 100 [::]:4190 [::]:* users:(("dovecot",pid=1026,fd=16))
tcp LISTEN 0 128 *:8095 *:* users:(("jellyfin",pid=550,fd=288))
tcp LISTEN 0 100 [::]:993 [::]:* users:(("dovecot",pid=1026,fd=39))
tcp LISTEN 0 128 [::1]:11332 [::]:* users:(("rspamd",pid=1149,fd=9),("rspamd",pid=1148,fd=9),("rspamd",pid=1147,fd=9),("rspamd",pid=1146,fd=9),("rspamd",pid=745,fd=9))
tcp LISTEN 0 128 [::1]:11333 [::]:* users:(("rspamd",pid=1149,fd=17),("rspamd",pid=1148,fd=17),("rspamd",pid=745,fd=17))
tcp LISTEN 0 128 [::1]:11334 [::]:* users:(("rspamd",pid=1149,fd=13),("rspamd",pid=1148,fd=13),("rspamd",pid=1147,fd=13),("rspamd",pid=745,fd=13))
tcp LISTEN 0 128 [::]:5222 [::]:* users:(("lua5.1",pid=825,fd=18))
tcp LISTEN 0 128 *:5001 *:* users:(("node",pid=1573,fd=18))
tcp LISTEN 0 80 *:3306 *:* users:(("mysqld",pid=741,fd=21))
tcp LISTEN 0 128 [::1]:5290 [::]:* users:(("lua5.1",pid=825,fd=15))
tcp LISTEN 0 100 [::]:587 [::]:* users:(("master",pid=1139,fd=19))
tcp LISTEN 0 128 [::1]:6379 [::]:* users:(("redis-server",pid=585,fd=7))
tcp LISTEN 0 100 [::]:143 [::]:* users:(("dovecot",pid=1026,fd=37))
tcp LISTEN 0 128 *:8080 *:* users:(("node",pid=2123,fd=18))
tcp LISTEN 0 128 [::]:80 [::]:* users:(("nginx",pid=1327,fd=19),("nginx",pid=1326,fd=19),("nginx",pid=1325,fd=19),("nginx",pid=1323,fd=19),("nginx",pid=1322,fd=19))
tcp LISTEN 0 128 *:8083 *:* users:(("python3",pid=549,fd=9))
tcp LISTEN 0 128 [::]:5269 [::]:* users:(("lua5.1",pid=825,fd=16))
tcp LISTEN 0 32 [::]:53 [::]:* users:(("dnsmasq",pid=658,fd=7))
tcp LISTEN 0 128 [::]:22 [::]:* users:(("sshd",pid=641,fd=4))
But then what is the problem? Do you have any ideas?
I assumed that maybe the internet provider does not give me a public dynamic IPv4 address after they upgraded the router. But today in the morning all services were magically accessible from outside the network. But only for a short period of time… This is so weird to me.
Thanks for any suggestion!