[Solved] On-Gateway LoRa-Gateway-Bridge Timeout Firewall Issue?

Setup and configuration
1

Hallo,

I have a problem trying to connect the lora-gateway-bridge, which is running on a raspberryp pi, with the MQTT-broker on a remote server. The loraserver and the lora-app-server are both running on the remote server and can connect to the MQTT-broker with passwords. I was following these two topic to figure out the issue:

I am getting a timeout running the bridge:

Mär 26 23:08:34 IoT-Gateway-433Mhz lora-gateway-bridge[473]: time=“2018-03-26T23:08:34+02:00” level=error msg=“could not setup mqtt backend, retry in 2 seconds: Network Error : dial tcp xxx.xx.x.xxx:1883: i/o timeout”

The MQTT-broker remote server is listening on port 1883:

tcp 0 0 127.0.0.1:1883 0.0.0.0:* LISTEN

Because of the timeout I first tried to run it without the TLS with the following command.
/usr/bin/lora-gateway-bridge --mqtt-server “tcp://xxx.xx.x.xxx:1883” --mqtt-username USERNAME --mqtt-password PASSWORD --log-level 5
Is it possible that it is a firewall issue due to the timeout?

2

Is it listening on 127.0.0.1:1883 or on 0.0.0.0:1883 (on all interfaces), in the first case, you will only be able to connect from the same machine.

3

Hi,

Thank you for your answer. Ok, that was one failure. After correcting that issue by binding the mosquitto to 0.0.0.0 instead, the issue remains. I tried the following on the remote:

sudo netstat -plunt | grep mosquitto
TCP 0 0 0.0.0.0:1883 0.0.0.0:* LISTEN 30452/mosquitto

The server is now listening on all interfaces and scanning the open ports of the server from the gateway shows that the port is accessible.

sudo nmap -p 1883 xxx.xx.x.xxx

Starting Nmap 7.40 ( https://nmap.org ) at 2018-03-27 19:40 CEST
Nmap scan report for “srv.example.org” (xxx.xx.x.xxx)
Host is up (0.021s latency).
PORT STATE SERVICE
1883/tcp filtered mqtt

Nmap done: 1 IP address (1 host up) scanned in 1.71 seconds

I still get the error from the gateway saying:

Mär 27 19:39:12 IoT-Gateway-433Mhz lora-gateway-bridge[1092]: time=“2018-03-27T19:39:12+02:00” level=info msg=“backend: connecting to mqtt broker” server=“tcp://xxx.xx.x.xxx:1883”
Mär 27 19:39:42 IoT-Gateway-433Mhz lora-gateway-bridge[1092]: time=“2018-03-27T19:39:42+02:00” level=error msg=“could not setup mqtt backend, retry in 2 seconds: Network Error : dial tcp xxx.xx.x.xxx:1883: i/o timeout”

Above it says, that the port is filtered could it still be the firewall? In the configuration I defined the user and the password:

Content of lora-gatway-bridge config
server=“tcp://xxx.xx.x.xxx:1883”
username=“loraserver_gw”
password=“xxx”

I entered the user in mosquitto’s password file on the server and disabled the ACL for the testing. I will add the auth_plugin later and the SSL support later.

Content of Mosquitto password_file
loraserver_gw:$xxxxxxxxxxxxxxxxxxxxxxxxxxx==

Maybe you have another hint. I will go over the MQTT settings again maybe I missed something.

Best regards,

LuWi

4

To find out if it is a firewall issue, you could try telnet xxx.xx.x.xxx 1883 to find out if you can reach the MQTT broker. I assume this is a networking related issue, when It would be related to your credentials it would give a different error.

5

Hi,

it was the firewall. I had to set the following rule to make it possible to access the MQTT broker on the server from the gateway.

sudo iptables -A INPUT -p tcp -m tcp --dport 1883 -j ACCEPT

which resulted in:

Mär 28 00:06:45 IoT-Gateway-433Mhz lora-gateway-bridge[1570]: time=“2018-03-28T00:06:45+02:00” level=info msg=“backend: connecting to mqtt broker” server=“tcp://xxx.xx.x.xxx:1883”
Mär 28 00:06:45 IoT-Gateway-433Mhz lora-gateway-bridge[1570]: time=“2018-03-28T00:06:45+02:00” level=info msg=“gateway: starting gateway udp listener” addr=“0.0.0.0:1700”
Mär 28 00:06:45 IoT-Gateway-433Mhz lora-gateway-bridge[1570]: time=“2018-03-28T00:06:45+02:00” level=info msg=“backend: connected to mqtt broker

Thx for the support and sorry for bothering, because the issue was entirely unrelated to the loraserver.

So my journey can continue.

Best regards,

LuWi