Any idea why I can't ping OpenWRT netclient from Netmetr server, It works the other way around, everything shows as healthy I just don't get metrics. Eg. 10.11.12.254 > 10.11.12.1 = fail 10.11.12.1 > 10.11.12.254 = success

[metrics.go-66] Collect(): failed ping for metrics on peer address 10.11.12.254 socket: permission denied

I've tried to set firewall on netclient to permit ICMP from anywhere (by default it's WAN zone) to no avail

config rule
    option name 'Allow-Ping'
    option proto 'icmp'
    option family 'ipv4'
    option target 'ACCEPT'
    list icmp_type 'echo-request'
    option src '*'

I can ping the netclient's public IP just not the one assigned by netmetr. 🤷‍♂️

it is probably due to a firewall restriction on either the netmaker server or on the OpenWRT router (or somewhere in between)

the private interface for netmaker is inside of the docker container. You wont be able to ping openwrt from the host machine, you'd have to do it from the container

You are right, ping works from inside the container thanks! 🙏 Well then that also works, but still no idea why latency metrics don't, keeps repeating "permission denied" on netclient side. Is metrics measurement responsibility of the netclient or the netmaker or both? 🤔 Not sure which side of the pipeline is to blame. Is it regular ICMP or some other method?

yes, ICMP is required for metrics