Hello, everyone!
I am running I2P and would like to have it port-forwarded to help out the network. Even though I have port-forwarded both UDP and TCP, it always indicates “firewalled” or “symmetric NAT.” As far as I am aware, I do not have a symmetric NAT. I run many other port-forwarded services without any issues, some publicly, so I am not sure what the specific issue with I2P is.
EDIT: After some more digging i managed to fix the issue while using docker.
For some reason you need to add the environmental variable EXT_PORT to the compose file like so
services:
i2p:
image: geti2p/i2p:latest
environment:
- EXT_PORT=XXXX <Make this the same port as the public UDP/TCP port>
volumes:
- /XXX/I2P-data/i2pconfig:/i2p/.i2p
- /XXX/I2P-data/i2ptorrents:/i2psnark
ports:
- 4444:4444
- 6668:6668
- 7657:7657
- XXXX:XXXX
- XXXX:XXXX/udp
Is your I2P router running in a container like Docker or
systemd-nspawn? I had some issues with this error back when I ran my router in asystemd-nspawncontainer withVirtualEthernet=yes.But id shutting down the I2P router and running something different on the same port like an HTTP server, and trying to access it from a vpn or tor or something and make sure your ISP isnt doing anything weird on this specific port.
And if you are using i2pd, you can goto the webconsole and go inside “Router Commands” and click “Run peer test” to have it test again. Im not sure how to do this in Java I2P tho.
Yes, I am running I2P in docker with docker compose. I can run other things on this port with a container just fine and access it like a simple nginx page or something no issues their. As far as i can tell i have no blocked or weird things going on with any port.
for reference here is the compose, I redacted some info with XXX.
services: i2p: image: geti2p/i2p:latest volumes: - /XXX/I2P-data/i2pconfig:/i2p/.i2p - /XXX/I2P-data/i2ptorrents:/i2psnark ports: - 4444:4444 - 6668:6668 - 7657:7657 - XXX:XXXX - XXX:XXX/udpI’m not very familliar with Java I2P, but I took a look at the documentation for Docker, and I didnt see anything about this issue, but I did have the same issue with i2pd in a container. I would try installing it manually and running it outside of the container.
If you need the bind mount feature from Docker, and you are on a systemd system, I recommand using systemd’s PrivateMounts feature. It can be added in a dropin file that can be created with the command
systemctl edit i2p.service, thei2p.servicemay be different depending on your distro, but for Java I2P’s package on Arch its justi2p.service, but you can add the following in a dropin file to get the same private mounts just for your I2P router:[Service] PrivateMounts=yes BindPaths=/XXX/i2pconfig:/i2p/.i2p BindPaths=/XXX/I2P-data/i2ptorrents:/i2psnarkYou might have to mess around with file permissions depending on who you run your I2P router as.
Sorry I dont have a better solution, I dont know much about Docker. But I think the developer of the Java I2P router is on r/i2p on reddit, and I think you can find him on http://i2pforum.i2p/, he prolly knows a whole lot more about Java I2P and the Docker image than I do.
I don’t see a use for the
PrivateMountsit over complicates things in this case and doesn’t really add anything. just mounting the volumes shouldn’t cause any issues like this. I did run I2P in a VM instead of a container in the past but it hat the same issue.I will check out http://i2pforum.i2p/. I didn’t go to reddit but lemmy as i don’t like reddit since its downfall last year.
I managed to fix it. Although not obvious from the official docs, You need to add a extra environmental variable even when you have mapped the correct ports. I saw some error about it in the logs for the container then i searched for this variable and Found it listed here: https://github.com/i2p/i2p.i2p/blob/master/Docker.md