Author

Topic: Help with a full node (Read 313 times)

legendary
Activity: 3500
Merit: 6320
Crypto Swap Exchange
May 23, 2024, 01:27:30 PM
#18
...I have to say that I had never heard of having to pay a premium for port forwarding capabilities, but I reckon that nowadays ISPs are always looking for ways to charge customers functions that should be made available freely....

OT a bit but with the IP4 network address exhaustion:
https://en.wikipedia.org/wiki/IPv4_address_exhaustion
https://lightyear.ai/blogs/what-ipv4-address-exhaustion-means-for-you

More and more ISPs are using CGNAT for home customers:
https://nfware.com/blog/what-is-the-difference-between-nat-and-cgnat#:~:text=CGNAT%20(Carrier%2DGrade%20NAT),a%20single%2C%20public%20IP%20address.

So there is no port forwarding since you are more or less already on a 'private network' Some ISPs are dong a hybrid with your IP4 address coming through CGNAT but you also get a real pubic IP6 address that you can use.

So, yeah it's happening. Starlink is a prime example of this people ran out to get it and then discovered a bunch of things that need static port mappings no longer work.

-Dave
legendary
Activity: 1568
Merit: 6660
bitcoincleanup.com / bitmixlist.org
May 23, 2024, 02:56:35 AM
#17
I suppose running Bitcoin Core without port 8333 is useless for the network, is it?
I wouldn't say that it is useless, at least you're doing more than most. Per my understanding, port 8333 is meant for inbound connections which is the channel that allows other nodes to connect to your own node but in the event that you are not able to open the port, you still provide the network with some benefits

The Bitcoin network does not only check port 8333 for P2P connections. When it gets the list of peers from another node, or in the case where there are no other known nodes, then from hard-coded seed nodes, it receives the port number along with the IP address.

That way, you are able to set the listening port to be whatever you want it to be, and still receive incoming connections as long as your network is configured correctly.
legendary
Activity: 1148
Merit: 3117
May 21, 2024, 01:07:33 PM
#16
However, my recollection is that by having UPnP enabled ends up being a security risk considering that you are basically allowing anything within your device to open ports directly into your firewall. If you end up having malware on it, then it can quickly spread to the remaining (vulnerable) devices in the network.
Unfortunately, I didn't pay enough attention to its consequences when I was running a node in the past [SMH] until I read your comment and did some Googling... It appears that you're right [it looks like I'll be sticking with outbound connections whenever I decide to run a node again (thank you)].
- For those who might be interested, here are two old threads (#1 and #2) with interesting arguments about it.
Glad that I could help. UPnP and DMZ are one of those things that shouldn't ever be touched considering the security holes that they end up creating in a user network.

I have to say that I had never heard of having to pay a premium for port forwarding capabilities, but I reckon that nowadays ISPs are always looking for ways to charge customers functions that should be made available freely.

In case some guidance is needed for whoever is reading this, I always share this[1] website for people looking to port forward - it has a large array of suppliers and it covers the needed steps for someone to successfully port forward (assuming the ISP isn't greedy...).

[1]https://portforward.com/router.htm
legendary
Activity: 2968
Merit: 3406
Crypto Swap Exchange
May 21, 2024, 09:22:55 AM
#15
However, my recollection is that by having UPnP enabled ends up being a security risk considering that you are basically allowing anything within your device to open ports directly into your firewall. If you end up having malware on it, then it can quickly spread to the remaining (vulnerable) devices in the network.
Unfortunately, I didn't pay enough attention to its consequences when I was running a node in the past [SMH] until I read your comment and did some Googling... It appears that you're right [it looks like I'll be sticking with outbound connections whenever I decide to run a node again (thank you)].
- For those who might be interested, here are two old threads (#1 and #2) with interesting arguments about it.
legendary
Activity: 1148
Merit: 3117
May 21, 2024, 08:17:16 AM
#14
~
If port forwarding is a premium service on OP's side, then this is a clever workaround for it. However, my recollection is that by having UPnP enabled ends up being a security risk considering that you are basically allowing anything within your device to open ports directly into your firewall. If you end up having malware on it, then it can quickly spread to the remaining (vulnerable) devices in the network.

Note that I haven't messed around with UPnP for ages, perhaps the protocol developed more since last time I tinkered with it...
legendary
Activity: 3500
Merit: 6320
Crypto Swap Exchange
May 21, 2024, 07:35:55 AM
#13
Just learned there's a issue with my ISP. Basically i can't do what i want if i don't pay. Perfect Cry

I suppose running Bitcoin Core without port 8333 is useless for the network, is it?

Name and shame the ISP. This way the next person who has this same issue will know it's not them it's their ISP.
Assuming they search the forum for the ISP name and / or one of us remembers this thread.

-Dave
legendary
Activity: 2968
Merit: 3406
Crypto Swap Exchange
May 21, 2024, 05:53:05 AM
#12
Just learned there's a issue with my ISP. Basically i can't do what i want if i don't pay.
I'm sorry for the inbound connections but i'll help with the outbound then.
Back in the day when I was running a node [v22], I got a similar response from one of my ISP's support staff [e.g. you need to upgrade blah blah blah], but I still managed to find a workaround [with uTorrent] and a solution [turning on UPnP (credit goes to @ranochigo)]: Can't get inbound connections on Bitcoin Core! [Solved]

legendary
Activity: 3038
Merit: 4418
Crypto Swap Exchange
May 20, 2024, 10:22:36 PM
#11
Do note LoyceV reply before mine as I think that it's an interesting path to explore if you're willing to. I recommend the second approach (VPS with OpenVPN) and you can follow this[1] guide in order to have it up and running.

How about a VPN with port forwarding (or a cheap VPS with OpenVPN installed)?
Most well regarded VPN providers - such as Mullvad or IVPN - have removed the ability to do port forwarding. Proton still allows it[1] but you have to be a paid subscriber and you also get the port chosen by the program and you have to change it each time you restart the VPN connection. Considering that I personally do not trust other VPN providers, my recommendation would be the second option (VPS with OpenVPN installed).
Generally VPN over VPS is rather slow, and also more expensive with insufficient benefits to the network. Instead of having one hop, data goes through your VPS and then to your computer. Cheap ones are generally quite slow and likely wouldn't have sufficient bandwidth for a very large node. 1TB upload is probably not very sufficient if you have a VPN running through it and nodes connecting to it.

It shouldn't be an issue if you're unable to accept inbound connections. If you want an easy to setup and a free solution, then you can route it through Tor.
legendary
Activity: 1148
Merit: 3117
May 20, 2024, 06:14:01 AM
#10
That's great then. I'm sorry for the inbound connections but i'll help with the outbound then.

Thank you for the clarification.
Do note LoyceV reply before mine as I think that it's an interesting path to explore if you're willing to. I recommend the second approach (VPS with OpenVPN) and you can follow this[1] guide in order to have it up and running.

How about a VPN with port forwarding (or a cheap VPS with OpenVPN installed)?
Most well regarded VPN providers - such as Mullvad or IVPN - have removed the ability to do port forwarding. Proton still allows it[1] but you have to be a paid subscriber and you also get the port chosen by the program and you have to change it each time you restart the VPN connection. Considering that I personally do not trust other VPN providers, my recommendation would be the second option (VPS with OpenVPN installed).

[1]https://monovm.com/blog/how-to-install-openvpn-on-vps/
[2]https://protonvpn.com/support/port-forwarding/
legendary
Activity: 1092
Merit: 1021
May 20, 2024, 05:40:26 AM
#9
That's great then. I'm sorry for the inbound connections but i'll help with the outbound then.

Thank you for the clarification.
legendary
Activity: 1148
Merit: 3117
May 20, 2024, 04:54:39 AM
#8
I suppose running Bitcoin Core without port 8333 is useless for the network, is it?
I wouldn't say that it is useless, at least you're doing more than most. Per my understanding, port 8333 is meant for inbound connections which is the channel that allows other nodes to connect to your own node but in the event that you are not able to open the port, you still provide the network with some benefits, per Greg Maxwell reply here[1]:
Quote
An outbound connection is functionally equivalent to an inbound connection except in the respect that you initiated it. An outbound only node provides the same resources to the network except that it doesn't provide incoming connection slots.
(...)Nodes without open inbound also provide important DOS and privacy protection to the network: It is much more difficult for an attacker to get connected to nodes that don't accept random connections, since the attacker must wait for the victim to come to them. So the presence of outbound-only peers has the advantage of strengthening the network against some kinds of attack. (That said, the network has more than enough out-only peers to achieve those benefits already...)
Would it be optimal for the node to have its inbound connection port open? Yes, but if you are indeed unable to do it, you are still, in a way, contributing to the network.

[1]https://bitcoin.stackexchange.com/questions/88127/are-nodes-that-dont-accept-inbound-connections-necessarily-leechers/88147
legendary
Activity: 3290
Merit: 16489
Thick-Skinned Gang Leader and Golden Feather 2021
May 20, 2024, 01:50:11 AM
#7
Just learned there's a issue with my ISP. Basically i can't do what i want if i don't pay.
How about a VPN with port forwarding (or a cheap VPS with OpenVPN installed)?
legendary
Activity: 1092
Merit: 1021
May 19, 2024, 04:33:34 AM
#6
Just learned there's a issue with my ISP. Basically i can't do what i want if i don't pay. Perfect Cry

I suppose running Bitcoin Core without port 8333 is useless for the network, is it?
legendary
Activity: 1568
Merit: 6660
bitcoincleanup.com / bitmixlist.org
May 19, 2024, 02:40:25 AM
#5
What happens if you try to connect to port 8333

- from your own computer
- from some other computer on the same LAN
- from the rest of the Internet?

The answers to these questions will help you to determine which part has not opened up port 8333 yet.

You can use a program like nmap to check (set it to only check port 8333).
legendary
Activity: 2618
Merit: 6452
Self-proclaimed Genius
May 19, 2024, 02:35:05 AM
#4
Full node is not working because port 8333 is not open.
Please be specific on the way that it's not working.
Like, not connecting at all or has outbound connections but no inbound connections?

Because if it's just about failing to open port 8333, your node should've at least outbound connections.
If it's not connecting to any peer, try to check your "debug.log" file for related errors because it could be caused by something else.
Your debug.log file is in your bitcoin datadir.
legendary
Activity: 3290
Merit: 16489
Thick-Skinned Gang Leader and Golden Feather 2021
May 19, 2024, 01:44:12 AM
#3
NAT is configured for port 8333 on that PC.
Did you mean port forwarding is configured?
member
Activity: 77
Merit: 10
May 18, 2024, 04:08:45 PM
#2
Did you also set a firewall exception in your router?
legendary
Activity: 1092
Merit: 1021
May 18, 2024, 11:17:56 AM
#1
In my modem/router i set the DHCP so my PC has a static IP.
NAT is configured for port 8333 on that PC.
Firewall set to "low" in order to allow the connections.
In Windows i created the firewall rule.

Full node is not working because port 8333 is not open. What am i missing?
Jump to: