Corda Firewall Float Bridge keeps reconnecting


jmayeur@...
 

Dears, 

When locally deploying Corda Firewall in a DMZ ready setup (node + bridge + float), we are facing an issue where the bridge keeps reconnecting to the float. When calling lsof | grep P2PPORTNUMBER, no process is listed. Same for the port between the float and the bridge.

Below the logs on the Bridge that keep repeating:
[INFO ] 2020-04-30T14:11:16,477Z [nioEventLoopGroup-3-1] provider.DelegatedKeystore. - Signing using delegated key : cordaclienttlsbridge, algo : SHA512withECDSA {}
[INFO ] 2020-04-30T14:11:16,486Z [nioEventLoopGroup-3-1] netty.AMQPChannelHandler. - Handshake completed with subject: CN=float, O=Corda, L=London, C=GB, requested server name: abe07d244d47f9b8d1f2a3c6d2083b9a.corda.net. {allowedRemoteLegalNames=CN=float, O=Corda, L=London, C=GB, localCert=CN=bridge, O=Corda, L=London, C=GB, remoteAddress=localhost/127.0.0.1:12007, remoteCert=CN=float, O=Corda, L=London, C=GB, serverMode=false}
[INFO ] 2020-04-30T14:11:16,486Z [nioEventLoopGroup-3-1] audit.LoggingFirewallAuditService. - Connection change on float control port ConnectionChange remoteAddress: localhost/127.0.0.1:12007 connected state: true cert subject: CN=float, O=Corda, L=London, C=GB cert ok: true {}
[INFO ] 2020-04-30T14:11:16,488Z [nioEventLoopGroup-3-1] engine.ConnectionStateMachine. - Session been closed already {conn=[id: 0x08141915, L:/127.0.0.1:65087 - R:localhost/127.0.0.1:12007], localLegalName=CN=bridge, O=Corda, L=London, C=GB, remoteLegalName=CN=float, O=Corda, L=London, C=GB, serverMode=false}
[INFO ] 2020-04-30T14:11:16,488Z [nioEventLoopGroup-3-1] engine.ConnectionStateMachine. - Connection local open [id: 0x08141915, L:/127.0.0.1:65087 - R:localhost/127.0.0.1:12007] {conn=[id: 0x08141915, L:/127.0.0.1:65087 - R:localhost/127.0.0.1:12007], localLegalName=CN=bridge, O=Corda, L=London, C=GB, remoteLegalName=CN=float, O=Corda, L=London, C=GB, serverMode=false}
[INFO ] 2020-04-30T14:11:16,488Z [nioEventLoopGroup-3-1] netty.AMQPClient. - Disconnected from localhost:12007, Local address: /127.0.0.1:65087 {}
[INFO ] 2020-04-30T14:11:16,488Z [nioEventLoopGroup-3-1] netty.AMQPChannelHandler. - Closed client connection 08141915 from localhost/127.0.0.1:12007 to /127.0.0.1:65087 {allowedRemoteLegalNames=CN=float, O=Corda, L=London, C=GB, localCert=CN=bridge, O=Corda, L=London, C=GB, remoteAddress=localhost/127.0.0.1:12007, remoteCert=CN=float, O=Corda, L=London, C=GB, serverMode=false}
[INFO ] 2020-04-30T14:11:16,488Z [nioEventLoopGroup-3-1] audit.LoggingFirewallAuditService. - Connection change on float control port ConnectionChange remoteAddress: localhost/127.0.0.1:12007 connected state: false cert subject: CN=float, O=Corda, L=London, C=GB cert ok: true {}
[INFO ] 2020-04-30T14:11:16,488Z [nioEventLoopGroup-3-1] engine.ConnectionStateMachine. - Connection local close [id: 0x08141915, L:/127.0.0.1:65087 ! R:localhost/127.0.0.1:12007] {conn=[id: 0x08141915, L:/127.0.0.1:65087 ! R:localhost/127.0.0.1:12007], localLegalName=CN=bridge, O=Corda, L=London, C=GB, remoteLegalName=CN=float, O=Corda, L=London, C=GB, serverMode=false}
[INFO ] 2020-04-30T14:11:16,488Z [nioEventLoopGroup-3-1] engine.ConnectionStateMachine. - Connection unbound [id: 0x08141915, L:/127.0.0.1:65087 ! R:localhost/127.0.0.1:12007] {conn=[id: 0x08141915, L:/127.0.0.1:65087 ! R:localhost/127.0.0.1:12007], localLegalName=CN=bridge, O=Corda, L=London, C=GB, remoteLegalName=CN=float, O=Corda, L=London, C=GB, serverMode=false}
[INFO ] 2020-04-30T14:11:17,493Z [nioEventLoopGroup-3-2] netty.AMQPClient. - Retry connect to localhost:12007 {}
[INFO ] 2020-04-30T14:11:17,494Z [nioEventLoopGroup-3-1] netty.AMQPClient. - Connected to localhost:12007, Local address: /127.0.0.1:65089 {}
[INFO ] 2020-04-30T14:11:17,494Z [nioEventLoopGroup-3-1] netty.AMQPChannelHandler. - New client connection a6fde80c from localhost/127.0.0.1:12007 to /127.0.0.1:65089 {allowedRemoteLegalNames=CN=float, O=Corda, L=London, C=GB, localCert=null, remoteAddress=localhost/127.0.0.1:12007, remoteCert=null, serverMode=false}
[INFO ] 2020-04-30T14:11:17,497Z [nioEventLoopGroup-3-1] netty.LoggingTrustManagerWrapper. - Check Server Certpath:
  C=GB,L=London,O=Corda,CN=float[3D7055DC03320946C3B94B4C87A755F2E71AF5CB] issued by C=GB,L=London,O=Corda,CN=Internal Tunnel Root[3A4B8816959588018C021837D8D5E033106B6B1F] [NO CRLDP ext]
  C=GB,L=London,O=Corda,CN=Internal Tunnel Root[3A4B8816959588018C021837D8D5E033106B6B1F] issued by C=GB,L=London,O=Corda,CN=Internal Tunnel Root[3A4B8816959588018C021837D8D5E033106B6B1F] [NO CRLDP ext] {}
Below the logs on the Float that keep repeating:
[INFO ] 2020-04-30T14:11:17,508Z [nioEventLoopGroup-3-4] netty.AMQPChannelHandler. - Handshake completed with subject: CN=bridge, O=Corda, L=London, C=GB, requested server name: abe07d244d47f9b8d1f2a3c6d2083b9a.corda.net. {allowedRemoteLegalNames=null, localCert=CN=float, O=Corda, L=London, C=GB, remoteAddress=/127.0.0.1:65089, remoteCert=CN=bridge, O=Corda, L=London, C=GB, serverMode=true}
[INFO ] 2020-04-30T14:11:17,508Z [nioEventLoopGroup-3-4] audit.LoggingFirewallAuditService. - Connection change on float control port ConnectionChange remoteAddress: /127.0.0.1:65089 connected state: true cert subject: CN=bridge, O=Corda, L=London, C=GB cert ok: true {}
[INFO ] 2020-04-30T14:11:17,509Z [nioEventLoopGroup-3-4] netty.AMQPChannelHandler. - Closed client connection c0e6da26 from /127.0.0.1:65089 to /127.0.0.1:12007 {allowedRemoteLegalNames=null, localCert=CN=float, O=Corda, L=London, C=GB, remoteAddress=/127.0.0.1:65089, remoteCert=CN=bridge, O=Corda, L=London, C=GB, serverMode=true}
[INFO ] 2020-04-30T14:11:17,509Z [nioEventLoopGroup-3-4] audit.LoggingFirewallAuditService. - Connection change on float control port ConnectionChange remoteAddress: /127.0.0.1:65089 connected state: false cert subject: CN=bridge, O=Corda, L=London, C=GB cert ok: true {}
[INFO ] 2020-04-30T14:11:17,509Z [nioEventLoopGroup-3-4] engine.ConnectionStateMachine. - Connection local close [id: 0xc0e6da26, L:/127.0.0.1:12007 ! R:/127.0.0.1:65089] {conn=[id: 0xc0e6da26, L:/127.0.0.1:12007 ! R:/127.0.0.1:65089], localLegalName=CN=float, O=Corda, L=London, C=GB, remoteLegalName=CN=bridge, O=Corda, L=London, C=GB, serverMode=true}
[INFO ] 2020-04-30T14:11:18,517Z [nioEventLoopGroup-2-1] netty.NettyServerEventLogger. - Server socket [id: 0xad8607f5, L:/127.0.0.1:12007] ACCEPTED [id: 0xcbd519dc, L:/127.0.0.1:12007 - R:/127.0.0.1:65090] {}
[INFO ] 2020-04-30T14:11:18,517Z [nioEventLoopGroup-3-1] netty.AMQPChannelHandler. - New client connection cbd519dc from /127.0.0.1:65090 to /127.0.0.1:12007 {allowedRemoteLegalNames=null, localCert=null, remoteAddress=/127.0.0.1:65090, remoteCert=null, serverMode=true}
[INFO ] 2020-04-30T14:11:18,519Z [nioEventLoopGroup-3-1] provider.DelegatedKeystore. - Signing using delegated key : cordaclienttlsfloat, algo : SHA512withECDSA {}
[INFO ] 2020-04-30T14:11:18,579Z [nioEventLoopGroup-3-1] netty.LoggingTrustManagerWrapper. - Check Client Certpath:
  C=GB,L=London,O=Corda,CN=bridge[F9F06FF9084E06ED278D5F8E93C34D012973627E] issued by C=GB,L=London,O=Corda,CN=Internal Tunnel Root[3A4B8816959588018C021837D8D5E033106B6B1F] [NO CRLDP ext]
  C=GB,L=London,O=Corda,CN=Internal Tunnel Root[3A4B8816959588018C021837D8D5E033106B6B1F] issued by C=GB,L=London,O=Corda,CN=Internal Tunnel Root[3A4B8816959588018C021837D8D5E033106B6B1F] [NO CRLDP ext] {}
Would anyone have an idea where we should look into?
Thank you in advance,
Jonathan