Network
Chapter 48: Network Connectivity Issues
Section titled “Chapter 48: Network Connectivity Issues”Overview
Section titled “Overview”Network connectivity problems are among the most common issues affecting blockchain nodes. Without proper network connectivity, a node cannot discover peers, synchronize with the blockchain, or serve RPC requests. This chapter provides comprehensive troubleshooting guidance for diagnosing and resolving network-related issues in blockchain infrastructure.
48.1 Network Architecture
Section titled “48.1 Network Architecture”Blockchain P2P Network
Section titled “Blockchain P2P Network”┌─────────────────────────────────────────────────────────────┐│ BLOCKCHAIN P2P NETWORK │├─────────────────────────────────────────────────────────────┤│ ││ ┌─────────┐ ┌─────────┐ ┌─────────┐ ┌─────────┐ ││ │ Node A │◄──►│ Node B │◄──►│ Node C │◄──►│ Node D │ ││ │ │ │ │ │ │ │ │ ││ └────┬────┘ └────┬────┘ └────┬────┘ └────┬────┘ ││ │ │ │ │ ││ ▼ ▼ ▼ ▼ ││ ┌─────────────────────────────────────────────────────┐ ││ │ Discovery Protocol │ ││ │ (Discv5 for Ethereum, etc.) │ ││ └─────────────────────────────────────────────────────┘ ││ │ ││ ▼ ││ ┌─────────────────────────────────────────────────────┐ ││ │ Bootstrap Nodes │ ││ │ (Well-known nodes for initial discovery) │ ││ └─────────────────────────────────────────────────────┘ ││ │└─────────────────────────────────────────────────────────────┘Required Ports
Section titled “Required Ports”| Protocol | Port | Direction | Purpose |
|---|---|---|---|
| TCP | 30303 | Both | Ethereum P2P |
| UDP | 30303 | Both | Discovery |
| TCP | 8545 | Inbound | HTTP RPC |
| TCP | 8546 | Inbound | WebSocket RPC |
| TCP | 6060 | Local | Metrics |
48.2 No Peers / Discovery Issues
Section titled “48.2 No Peers / Discovery Issues”Symptoms
Section titled “Symptoms”┌─────────────────────────────────────────┐│ NO PEERS SYMPTOMS │├─────────────────────────────────────────┤│ ││ ✓ Peer count is 0 ││ ✓ Node shows "Looking for peers" ││ ✓ Cannot sync blocks ││ ✓ RPC returns but no data ││ │└─────────────────────────────────────────┘Diagnosis
Section titled “Diagnosis”# 1. Check current peer countcurl -X POST http://localhost:8545 \ -H "Content-Type: application/json" \ -d '{"jsonrpc":"2.0","method":"net_peerCount","params":[],"id":1}'
# Response: {"jsonrpc":"2.0","id":1,"result":"0x0"}
# 2. Check listening statuscurl -X POST http://localhost:8545 \ -H "Content-Type: application/json" \ -d '{"jsonrpc":"2.0","method":"net_listening","params":[],"id":1}'
# 3. Check node infocurl -X POST http://localhost:8545 \ -H "Content-Type: application/json" \ -d '{"jsonrpc":"2.0","method":"admin_nodeInfo","params":[],"id":1}'
# 4. Check logs for discovery issuesjournalctl -u geth | grep -i "discovery"journalctl -u geth | grep -i "dial"journalctl -u geth | grep -i "peer"Solutions
Section titled “Solutions”1. Check Firewall
Section titled “1. Check Firewall”# Check if ports are opensudo ufw status
# Or check iptablessudo iptables -L -n | grep 30303
# Test port connectivitync -zv discovery.ethdisco.net 30303
# Alternative: use telnettelnet discovery.ethdisco.net 303032. Add Bootnodes
Section titled “2. Add Bootnodes”# Ethereum Mainnet bootnodesgeth --bootnodes \ "enr:-KG4QOtcLhT1LioJW5XHmhLGr9jnoJ5XF8J8p TzW7yGrqDzoP3z6E1T5C9LwK3uK8Q6G7F9B2M1K3W8=-BMgBFYHr7tJ3z6E1T5C9LwK3uK8Q6G7F9B2M1K3W8@bootnode1.mainnet.ethdisco.net:30303,\ enr:-Ly4QFn-6sJ8tJ3z6E1T5C9LwK3uK8Q6G7F9B2M1K3W8=-BMgBFYHr7tJ3z6E1T5C9LwK3uK8Q6G7F9B2M1K3W8@bootnode2.mainnet.ethdisco.net:30303,\ enr:-Ku4QO7sJ8tJ3z6E1T5C9LwK3uK8Q6G7F9B2M1K3W8=-BMgBFYHr7tJ3z6E1T5C9LwK3uK8Q6G7F9B2M1K3W8@bootnode3.mainnet.ethdisco.net:30303"
# In config file:# Add to config.toml:# [Node]# Bootnodes = ["enr:..."]3. Enable Discovery
Section titled “3. Enable Discovery”# Enable discovery (default is true)geth --nodiscover=false
# Check if discovery is enabledgeth attach http://localhost:8545> admin.admin.nodeInfo48.3 Peers Dropping
Section titled “48.3 Peers Dropping”Symptoms
Section titled “Symptoms”┌─────────────────────────────────────────┐│ PEERS DROPPING SYMPTOMS │├─────────────────────────────────────────┤│ ││ ✓ Peer count fluctuating ││ ✓ Peers connecting and disconnecting ││ ✓ Sync stalls frequently ││ ✓ High reorg rate ││ │└─────────────────────────────────────────┘Diagnosis
Section titled “Diagnosis”# Check peer connectionsgeth attach http://localhost:8545> admin.peers
# Check peer detailsadmin.peers.forEach(p => console.log(p.id, p.network.remoteAddress))
# Monitor peer eventsgeth attach http://localhost:8545> admin.addPeer("enr:...")> admin.removePeer("enr:...")
# Check logsjournalctl -u geth | grep -i "dropped"journalctl -u geth | grep -i "disconnect"Root Causes
Section titled “Root Causes”| Cause | Description | Probability |
|---|---|---|
| Firewall | Ports blocked, causing timeouts | High |
| NAT | Not properly forwarding ports | Medium |
| IP Ban | Your IP flagged by network | Medium |
| Bandwidth | Insufficient bandwidth | Low |
| Node Bug | Client software issue | Low |
Solutions
Section titled “Solutions”1. Check Network Stability
Section titled “1. Check Network Stability”# Test network latencyping -c 10 discovery.ethdisco.net
# Test bandwidthspeedtest-cli
# Check for packet lossping -c 100 discovery.ethdisco.net | grep "packet loss"2. Increase Dial Timeout
Section titled “2. Increase Dial Timeout”# Configure external IPgeth --nat extip:YOUR_PUBLIC_IP
# Increase dial timeoutgeth --dial.timeout 30s
# Or in config:# [Node]# DialTimeout = 30s3. Check IP Reputation
Section titled “3. Check IP Reputation”# Check if IP is flagged# Visit https://www.bgcheck.co/ or similar# Check with cloud provider if using AWS/GCP
# If banned, you may need to:# - Contact network team# - Use different IP range# - Wait for ban to expire48.4 DNS Issues
Section titled “48.4 DNS Issues”Symptoms
Section titled “Symptoms”┌─────────────────────────────────────────┐│ DNS ISSUES SYMPTOMS │├─────────────────────────────────────────┤│ ││ ✓ Cannot resolve bootnode addresses ││ ✓ Hostnames not resolving ││ ✓ Intermittent connectivity ││ │└─────────────────────────────────────────┘Solutions
Section titled “Solutions”# Use alternative DNS servers# In /etc/resolv.conf:nameserver 8.8.8.8nameserver 8.8.4.4nameserver 1.1.1.1
# Or specify DNS in gethgeth --dns-nameserver 8.8.8.8
# Test DNS resolutionnslookup discovery.ethdisco.netdig discovery.ethdisco.nethost discovery.ethdisco.net
# Use static IPs instead of hostnamesgeth --bootnodes "192.168.1.100:30303"48.5 Port Forwarding
Section titled “48.5 Port Forwarding”For Home/Office Networks
Section titled “For Home/Office Networks”┌─────────────────────────────────────────────────────────────┐│ PORT FORWARDING SETUP │├─────────────────────────────────────────────────────────────┤│ ││ Router Configuration: ││ ┌─────────────────────────────────────────────────────┐ ││ │ External Port: 30303 │ ││ │ Internal Port: 30303 │ ││ │ Protocol: TCP/UDP │ ││ │ Internal IP: 192.168.1.100 │ ││ └─────────────────────────────────────────────────────┘ ││ ││ Firewall (if applicable): ││ sudo ufw allow 30303/tcp ││ sudo ufw allow 30303/udp ││ │└─────────────────────────────────────────────────────────────┘Verify Port Forwarding
Section titled “Verify Port Forwarding”# Check if port is listeningsudo netstat -tulpn | grep 30303
# Or use sssudo ss -tulpn | grep 30303
# Check external connectivity# Visit https://canyouseeme.org/# Enter port 30303 and check48.6 NAT Traversal
Section titled “48.6 NAT Traversal”Understanding NAT Issues
Section titled “Understanding NAT Issues”┌─────────────────────────────────────────────────────────────┐│ NAT SCENARIOS │├─────────────────────────────────────────────────────────────┤│ ││ ┌─────────────┐ ┌─────────────┐ ││ │ Node │ │ External │ ││ │ 192.168.1 │────────►│ Internet │ ││ │ .100:30303│ │ IP: x.x.x.x│ ││ └─────────────┘ └─────────────┘ ││ ││ Issues: ││ • Router may not support NAT traversal ││ • UPnP may be disabled ││ • Carrier-grade NAT (CGNAT) blocks connections ││ │└─────────────────────────────────────────────────────────────┘Solutions
Section titled “Solutions”1. Enable UPnP
Section titled “1. Enable UPnP”# In geth, enable UPnPgeth --upnp.enabled
# Or disable NAT entirely if on proper networkgeth --nat none2. Use NAT Hole Punching
Section titled “2. Use NAT Hole Punching”# Geth handles this automatically with discovery# But ensure ports are properly forwarded3. Cloud Deployment (Avoids NAT)
Section titled “3. Cloud Deployment (Avoids NAT)”# Deploy in cloud with public IP# AWS, GCP, Azure all provide public IPs# Just ensure security groups allow traffic48.7 Network Troubleshooting Commands
Section titled “48.7 Network Troubleshooting Commands”Comprehensive Diagnostics
Section titled “Comprehensive Diagnostics”#!/bin/bashecho "=== Network Diagnostics ==="
echo ""echo "--- Network Interfaces ---"ip addr show
echo ""echo "--- Routing Table ---"ip route
echo ""echo "--- DNS Servers ---"cat /etc/resolv.conf
echo ""echo "--- Listening Ports ---"ss -tulpn | grep -E "30303|8545"
echo ""echo "--- Peer Count ---"curl -s -X POST http://localhost:8545 \ -H "Content-Type: application/json" \ -d '{"jsonrpc":"2.0","method":"net_peerCount","params":[],"id":1}'
echo ""echo "--- External Connectivity ---"ping -c 3 8.8.8.8ping -c 3 discovery.ethdisco.net
echo ""echo "--- Firewall Status ---"sudo ufw status 2>/dev/null || echo "UFW not installed"sudo iptables -L -n 2>/dev/null | head -20
echo ""echo "=== Diagnostics Complete ==="48.8 Advanced Network Config
Section titled “48.8 Advanced Network Config”Static Peers
Section titled “Static Peers”# Add static peers for guaranteed connection# In config.toml:[Node]StaticNodes = [ "enr:AAA@1.2.3.4:30303", "enr:BBB@5.6.7.8:30303"]
# Or via admin APIgeth attach http://localhost:8545> admin.addPeer("enr:AAA@1.2.3.4:30303")Custom Network Configuration
Section titled “Custom Network Configuration”# Create private network# genesis.json with custom network ID{ "config": { "chainId": 99999 }, "networkId": 99999}
# Start with custom networkgeth --networkid 99999 --bootnodes "enr:...@custom:30303"48.9 Load Balancer Configuration
Section titled “48.9 Load Balancer Configuration”RPC Load Balancing
Section titled “RPC Load Balancing”# Nginx load balancer for RPCupstream geth_nodes { server 10.0.0.1:8545; server 10.0.0.2:8545; server 10.0.0.3:8545;}
server { listen 8545;
location / { proxy_pass http://geth_nodes;
# Health check proxy_connect_timeout 5s; proxy_next_upstream error timeout http_502;
# Headers proxy_http_version 1.1; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; }}48.10 Monitoring Network Health
Section titled “48.10 Monitoring Network Health”Prometheus Network Metrics
Section titled “Prometheus Network Metrics”- alert: NoPeers expr: p2p_peers == 0 for: 5m labels: severity: critical
- alert: LowPeerCount expr: p2p_peers < 10 for: 15m labels: severity: warningGrafana Dashboard
Section titled “Grafana Dashboard”# Peer count over timep2p_peers
# Network trafficrate(p2p_bytes_in_total[5m])rate(p2p_bytes_out_total[5m])
# Connection errorsrate(p2p_dial_connections_failed_total[5m])Summary
Section titled “Summary”- Peer count 0 usually indicates firewall or discovery issues
- Port forwarding required for home networks
- Bootnodes provide initial peer discovery
- NAT traversal can be problematic - cloud deployment avoids this
- DNS issues can prevent peer discovery
- Monitor peer count to catch problems early
- Static peers provide guaranteed connections
- Load balance RPC for high availability
Next Chapter
Section titled “Next Chapter”In Chapter 49: Debugging Tools, we’ll explore debugging techniques.
Last Updated: 2026-02-22