Mqtt forwarder set in Kerlink is not communicating when backhaul is GSM but is ok in Ethernet

eferreol · March 26, 2024, 8:21am

Hi,

We have set into a Kerlink IfemtoCell gateway in AS923 Mhz the ChirpStack MQTT Forwarder so that our chirpstack server which is in EU868 Mhz can receive AS923 mqtt frames.
It is working without any trouble when we use Ethernet as backhaul.

When we disconnect the Ethernet cable, the log files shows that the GSM tries to send the data to the MQTT server, but there is a Timeout and it cannot send data.
To be more precise, we see in the log that it receives the PULL_DATA received, but when sending the PULL_ACK, then it cannot reach the mqtt server and get a timeout.

We are using the latest version of Chirpstack.

Is there any specific configuration to do for GSM backhaul when using the ChirpStack MQTT Forwarder ?

brocaar · March 27, 2024, 11:51am

Could you please clarify if the issue is on the UDP or the MQTT connection path? Because the PULL_DATA and PULL_ACK messages are on the UDP connection path and thus on the localhost (assuming the MQTT Forwarder is running on the gateway).

eferreol · March 27, 2024, 1:45pm

The issue is on the MQTT : in the log, when we are on GSM, we see “MQTT error : time out”
Yes, the MQTT Forwarder is running on the gateway.

brocaar · April 11, 2024, 8:03am

Thanks for clarifying. Unfortunately I’m not able to reproduce, but any feedback is welcome. It sounds like MQTT traffic is not allowed when using the GSM backhaul, maybe there are different firewall rules for ethernet vs cellular? Have you tried booting the gateway without ethernet and does the MQTT Forwarder work in that case?

Please let me know if you (or somebody else) has found a solution for this.

rgarmyn · June 14, 2024, 7:12pm

Hi,
I’ve got a similar Issue with kerklink gateways, chirpstack-mqtt-forwarder version (4.8.1) and mqtt forwarder (v4.3.0)
These are the logs from the mqtt-Forwarder

2024-06-14T14:17:11.457082+00:00 klk-wiis-xxxxxx chirpstack-mqtt-forwarder[1046]: PUSH_DATA received, random_token: 9340, remote: 127.0.0.1:40480
2024-06-14T14:17:11.457221+00:00 klk-wiis-xxxxxx chirpstack-mqtt-forwarder[1046]: Sending PUSH_ACK, random_token: 9340 remote: 127.0.0.1:40480
2024-06-14T14:17:11.457650+00:00 klk-wiis-xxxxxx chirpstack-mqtt-forwarder[1046]: Sending uplink event, uplink_id: 2467783203, topic: eu868/gateway/xxxxxxxxxxxxxxxx/event/up
2024-06-14T14:17:12.210967+00:00 klk-wiis-xxxxxx chirpstack-mqtt-forwarder[1046]: MQTT error, error: I/O: Network unreachable (os error 101)
2024-06-14T14:17:13.211538+00:00 klk-wiis-070A51 chirpstack-mqtt-forwarder[1046]: MQTT error, error: I/O: Network unreachable (os error 101)

When using the same sim card with the chirpstack-gateway-bridge installed also on the gateway it works fine.

rgarmyn · June 17, 2024, 9:44pm

Hi Brocaar,
I am not entirely sure what the issue was but it seems to be fixed. I added the rules below to /etc/firewall.d, restarted the firewall and restarted the gateway (without ethernet).

-A INPUT -p tcp --sport 1883 -j ACCEPT
-A OUTPUT -p tcp --dport 1883 -j ACCEPT
-A INPUT -p tcp --sport 8883 -j ACCEPT
-A OUTPUT -p tcp --dport 8883 -j ACCEPT

system · June 24, 2024, 8:22am

This topic was automatically closed after 90 days. New replies are no longer allowed.

brocaar · July 2, 2024, 11:13am

Please note that with that, you essentially disabled your firewall!!! Because you are allowing any incoming TCP packet with --sport 1883. Thus if I want to connect to port 22 (or any other port that is normally protected by your firewall), the only thing I need to make sure is that I use 1883 as source port. This is very easy to achieve.