How to use circuit relay

We have frequent troubles resolving IPFS links. Most people of our engineering team are behind NATs, sometimes even double NATs. Currently we “solve” this by creating SSH tunnels to a server outside the NAT running ipfs. This works, but is not really decentralised.

[User 1] <-- NAT–> [Node] <-- NAT --> [User 2]

So User 1 adds something, and User 2 is unable to resolve it. Once it is pinned on the central node, resolution works.

So I was checking how to properly solve this problem, and to my surprise I noticed that the circuit relay feature is already implemented https://github.com/ipfs/go-ipfs/blob/master/docs/experimental-features.md#circuit-relay .

So how would I use it? From the description above I have to enable it using Swarm.DisableRelay = true. But then what? Are there some instructions on how to use this feature? I am sure we could figure it out given the info above, but it would be nice to have step by step instructions.

Edit: added some ascii art for clarification

1 Like

That disables it. It’s enabled by default.

I think the basic instructions in your link are pretty straightforward, but in your specific scenario you’d use [Node] as your relay (QmRelay in your linked documentation).

  1. [User 1] connects to relay using ipfs swarm connect /transport/address/ipfs/QmRelay (probably already what is happening now)
  2. [User 2] connects to relay using ipfs swarm connect /transport/address/ipfs/QmRelay (probably already what is happening now)
  3. [User 1] can then connect to [User 2] using the relay [Node]: ipfs swarm connect /ipfs/QmRelay/p2p-circuit/ipfs/QmB

After this, [User 1] and [User 2] should be able to resolve things like normal without them needing to be pinned on the relay node.

When you start up the daemon, the p2p-circuit address for each node should be listed as one of the listening addresses.

1 Like

Check out https://github.com/ipfs/js-ipfs/blob/master/examples/circuit-relaying/README.md, that gives a walk through the process of setting up a circuit-relay.

2 Likes

Yes, sorry about my confusion.

Thanks a lot for the link. I somehow missed this when I first looked.

So now I followed the instructions from @leerspace and was able to use the circuit relay. Two nodes A and B that are connected to a common node C via a NAT and a double NAT can see each others objects.

I tested that by adding random stuff on one node and seeing if I can get it on another node. Basically on A head -c 10 /dev/urandom | ipfs add and on B see if you can resolve it. Works pretty well despite all the NATs.

Now, is it possible to configure a node so that it will always try the circuit relay whenever it tries to resolve something?

2 Likes

I might be misreading this, but I think that this might be a limitation of the current relay implementation. Based on the future work section of libp2p relay spec, it seems like automatic relay node discovery isn’t implemented yet.

1 Like

The two users can connect, but if there is no any other nodes with static IP, the resolving is only done by relay node. And after the resolving, if the user[1] want to get data from user[2], the data must tranlate via the relay node.
So NAT would be a tremendous problem of private network in Asia.

1 Like

I am using ipfs swarm connect to connect two go ipfs nodes version 0.4.23 connected to different networks. The nodes are approximately 24 km apart. But when I type the command
ipfs swarm connect /ip4/external_ip_of_the_node/tcp/4001/ipfs/peer_id_of_the_node
where the external ip of the node has been found from https://whatismyipaddress.com/ this error is displayed:

Error: connect Qm_peer_id failure: failed to
** dial : all dials failed**
** * [/ip4/external_ip/tcp/4001] dial tcp4 0.0.0.0:4001->external_ip:4001:**
i/o timeout
We have added our address in the announce array in ipfs config as suggested in https://stackoverflow.com/questions/49347185/ipfs-swarm-connect-connect-failure-dial-attempt-failed-context-deadline-exc?rq=1 and tried forwarding port 4001 on firewall but the problem was not solved. Telnet with the external ip and port also failed. Can circuit relay be used to solve this?

Your two nodes are unable to talk to each other directly, so it sounds like a relay would be one way to solve this – assuming each of your nodes can talk to a mutual relay.

Thank you for the reply. I have changed my go ipfs configuration for the circuit relay feature. Then I found one relay peer address in ipfs swarm peers. So do we have to check if we can find a common relay peer address among ipfs swarm peers from both nodes or is there any other way of discovering relay peer addresses?

That’s one way to do it. There’s also an AutoRelay feature which allows you to let ipfs try to find suitable relays for you (assuming AutoRelay is enabled in the config).

So from one peer you’d just use

ipfs swarm connect /p2p-circuit/p2p/QmOtherPeerId

Thank you for the answer. The “EnableAutoRelay” feature in our ipfs configuration was disabled previouslu. So I will see if connection can be made using
ipfs swarm connect /p2p-circuit/p2p/QmOtherPeerId from one of the nodes after setting the “EnableAutoRelay” feature to true.

I tried connecting to the other node after enabling the AutoRelay feature. But it didn’t work. After using ipfs swarm connect /p2p-circuit/p2p/QmOtherPeerId,this error was displayed:

Error: connect Qmpeer_id failure: failed to
** dial : all dials failed**
** * [/p2p-circuit] Failed to dial through 2 known relay hosts**
What does this mean?Connection could not be established between these two nodes with or without relay. Is this a common issue?

Is AutoRelay enabled on both ends? Make sure that EnableRelayHop is disabled. Don’t forget to restart the daemons after the config change.

It might be that your nodes need more time to discover relays before being able to connect. Or maybe your nodes are just having trouble connecting to relays.

Thank you so much. After disabling EnableRelayHop,connection was successful using AutoRelay.

1 Like

Hi. What if both nodes had (automatically) discovered the same relay, but still can’t find each other? Please, see my question in Getting auto-relay to work .

Hi,In addition to the two methods of relay and NAT, are there other ways to connect ipfs nodes between two different intranets? If you use a relay, the traffic will pass through the public network ipfs node, which will cause a lot of traffic. If you use NAT, many households in China do not have a public network address and need to use a public network server for mapping, but the traffic still needs to go to the public network machine . Is there any way to transfer traffic directly between two different intranet ipfs nodes?

1 Like