Author

Topic: Running on a port other than 8333 (Read 26024 times)

newbie
Activity: 42
Merit: 0
March 24, 2017, 09:48:35 PM
#45
yeah, it's more like... if it's a nonstandard port, mark it as such, and connect much less frequently....ie: only one nonstandard port connection per day... with a doubling backoffs on failure, and random time to attempt.   this would allow nonstandard ports to exist.   any web server can handle an extra 10k requests evenly spread out through the day, so no risk of ddos.   if this seems to work, and it's useful, and it doesn't turn into a mosh pit on testnet, the levels can be slowly raised to 10 nonstandard peers per day, or whatever.
full member
Activity: 380
Merit: 100
Developer and Consultant
February 23, 2017, 10:41:17 PM
#44
Great, thanks!!
legendary
Activity: 2054
Merit: 1158
aka tonikt
February 23, 2017, 09:33:37 PM
#43
It's in net.cpp

Look for:

Code:
// do not allow non-default ports, unless after 50 invalid addresses selected already
if (addr.GetPort() != Params().GetDefaultPort() && nTries < 50)
    continue;
legendary
Activity: 2054
Merit: 1158
aka tonikt
February 23, 2017, 09:18:28 PM
#42
It doesn't matter which post you select, because at some point in time (around adding the addr messages ad removing IRC) the algo in the bitcoin core for selecting peers to connect to has been fucked up. And ever since then the bitcoin core node intentionally discards peers that are listening at non-default port.

I raised this issue once, but the answer was that it wasn't a bug, but a security feature.
Great feature, BTW - it makes me feel so much more secured! Smiley

Anyway, if you setup you node to use a different port, you only get incoming connections from non bitcoin core nodes.
Because the bitcoin code node is fucked up and nobody gives a shit about it.

Can you link me to the section of code that discards the peers, i'd like to submit a patch toc change that aspect. Users should be allowed to use whatever port they desire.
That was my thinking from the very beginning. Also because now it's very easy to block bitcoin just by blocking tcp connections on port 8333

Changing it is easy - you just need to remove a bit of code...
But I remember gmaxwell saying that they wouldn't change it, because it would allow for someone to use bitcoin nodes for conducting DDoS attacks on internet servers Smiley

Not sure where it is now - the code is changing all the time... give me a sec.
full member
Activity: 380
Merit: 100
Developer and Consultant
February 23, 2017, 09:07:14 PM
#41
It doesn't matter which post you select, because at some point in time (around adding the addr messages ad removing IRC) the algo in the bitcoin core for selecting peers to connect to has been fucked up. And ever since then the bitcoin core node intentionally discards peers that are listening at non-default port.

I raised this issue once, but the answer was that it wasn't a bug, but a security feature.
Great feature, BTW - it makes me feel so much more secured! Smiley

Anyway, if you setup you node to use a different port, you only get incoming connections from non bitcoin core nodes.
Because the bitcoin code node is fucked up and nobody gives a shit about it.

Can you link me to the section of code that discards the peers, i'd like to submit a patch toc change that aspect. Users should be allowed to use whatever port they desire.
legendary
Activity: 2054
Merit: 1158
aka tonikt
June 27, 2014, 01:11:25 PM
#40
It doesn't matter which post you select, because at some point in time (around adding the addr messages ad removing IRC) the algo in the bitcoin core for selecting peers to connect to has been fucked up. And ever since then the bitcoin core node intentionally discards peers that are listening at non-default port.

I raised this issue once, but the answer was that it wasn't a bug, but a security feature.
Great feature, BTW - it makes me feel so much more secured! Smiley

Anyway, if you setup you node to use a different port, you only get incoming connections from non bitcoin core nodes.
Because the bitcoin code node is fucked up and nobody gives a shit about it.
newbie
Activity: 20
Merit: 0
June 27, 2014, 11:38:40 AM
#39
You need to specify the -rpcport of the instance you want to stop (probably 7332).

yep, hence using the -datadir switch to point to the secondary bitcoin.conf file... thank you.


Hi guys, I know this thread is very old but it is something I am experiencing right now.

The example conf here is for old versions and I was wondering if you can post one that is suitable for 0.9 +
hero member
Activity: 812
Merit: 1000
July 31, 2011, 07:02:34 PM
#38
You need to specify the -rpcport of the instance you want to stop (probably 7332).

yep, hence using the -datadir switch to point to the secondary bitcoin.conf file... thank you.
hero member
Activity: 755
Merit: 501
July 31, 2011, 12:12:26 PM
#37
You need to specify the -rpcport of the instance you want to stop (probably 7332).
hero member
Activity: 812
Merit: 1000
July 31, 2011, 11:08:14 AM
#36
so i was able to get this working, one instance running on 8333/8332 and another working on 7333/7332.

But when I tried to stop the 2nd instance, it stopped the first one instead!

/web/sites/.bitcoin1/bitcoind <- this runs on the default ports

/web/sites/.bitcoin2/bitcoind -datadir=/web/sites/.bitcoin2/ <- this runs on 7333

/web/sites/.bitcoin2/bitcoind stop <- this command stops the bitcoin1 instance!

Use

/web/sites/.bitcoin2/bitcoind -datadir=/web/sites/.bitcoin2/ stop


Thanks, will try that...

Funny I tried that switch before, but I put it after the 'stop':

/web/sites/.bitcoin2/bitcoind stop -datadir=/web/sites/.bitcoin2/ <- doesn't work Tongue

didn't even think to put it first.
hero member
Activity: 812
Merit: 1011
No Maps for These Territories
July 31, 2011, 11:04:57 AM
#35
so i was able to get this working, one instance running on 8333/8332 and another working on 7333/7332.

But when I tried to stop the 2nd instance, it stopped the first one instead!

/web/sites/.bitcoin1/bitcoind <- this runs on the default ports

/web/sites/.bitcoin2/bitcoind -datadir=/web/sites/.bitcoin2/ <- this runs on 7333

/web/sites/.bitcoin2/bitcoind stop <- this command stops the bitcoin1 instance!

Use

/web/sites/.bitcoin2/bitcoind -datadir=/web/sites/.bitcoin2/ stop
hero member
Activity: 812
Merit: 1000
July 31, 2011, 10:57:11 AM
#34
so i was able to get this working, one instance running on 8333/8332 and another working on 7333/7332.

But when I tried to stop the 2nd instance, it stopped the first one instead!

/web/sites/.bitcoin1/bitcoind <- this runs on the default ports

/web/sites/.bitcoin2/bitcoind -datadir=/web/sites/.bitcoin2/ <- this runs on 7333

/web/sites/.bitcoin2/bitcoind stop <- this command stops the bitcoin1 instance!
hero member
Activity: 812
Merit: 1000
July 29, 2011, 10:26:55 AM
#33

honestly i'd like to upgrade but i still haven't found a solution to the missing glibcxx_3.4.11 yet.

/usr/lib/libstdc++.so.6: version `GLIBCXX_3.4.11' not found
/lib/i686/cmov/libc.so.6: version `GLIBC_2.11' not found
hero member
Activity: 755
Merit: 501
hero member
Activity: 812
Merit: 1000
July 29, 2011, 08:47:42 AM
#31
maybe i'm just misunderstanding how this is supposed to work...

but can anyone tell me what mainline version number this was first added to? it's not working with 0.3.20 but i guess i should maybe be upgrading anyway.
hero member
Activity: 812
Merit: 1000
July 29, 2011, 08:03:42 AM
#30
Why are you trying to run 2 bitcoinds?

Isn't the answer to that question in the OP?

(to run two separate websites/businesses/wallets on one server at the same time)
hero member
Activity: 755
Merit: 501
July 29, 2011, 07:57:28 AM
#29
Why are you trying to run 2 bitcoinds?  There is no reason to run 2 bitcoinds on the public network.
hero member
Activity: 812
Merit: 1000
July 29, 2011, 07:21:11 AM
#28
thanks matt, i have more questions now hopefully someone can help Smiley

c) do i physically need 2 copies of the bitcoind bin? i'm not much of a linux guy but i tried to nohup the 2nd instance of bitcoind from the same physical program file and it doesn't appear to have launched the 2nd process.

d) i was going to ask how to just stop one instance and not both, but if you need 2 physical copies of bitcoind then a simple stop command would make sense.
hero member
Activity: 755
Merit: 501
July 29, 2011, 07:09:33 AM
#27
a) is this information still current
Yes
b) has this functionality made it into the default client, or i still need to find a patched version?
Mainline.
hero member
Activity: 812
Merit: 1000
July 29, 2011, 06:52:52 AM
#26
I've been working on adding -port= / -rpcport=  command line / config file options to bitcoin.

Usage looks like this:
Code:
$ ./bitcoind getbalance  # The TEST network Faucet bitcoind
40616.66159265000
$ ./bitcoind -datadir=/home/bitcoin/.bitcoinTEST2 getbalance
1000.000000000000
$ cat /home/bitcoin/.bitcoinTEST2/bitcoin.conf
rpcpassword=.....
port=18666
rpcport=18665

Patches are at http://pastebin.com/2e4hfXSS; I've only tested on Linux so far, anybody willing to try this on Windows?

a) is this information still current, or is there some more up-to-date thread i should be reading instead? (i notice there is an rpcport option in the example bitcoin.conf going around, but no 'port' option).

b) has this functionality made it into the default client, or i still need to find a patched version?

thank you.
hero member
Activity: 812
Merit: 1011
No Maps for These Territories
May 10, 2011, 05:38:12 AM
#25
I just read in the IRC channel that there is up to one outgoing connection per /16.

https://en.bitcoin.it/wiki/Weaknesses#Cancer_nodes

If that is true, supporting alternate ports won't open Bitcoin up for any more sybil attacks than we have now. You can have 65535 bitcoin instances running on your system, but it will ignore all of them but one.

hero member
Activity: 755
Merit: 501
May 07, 2011, 06:39:15 PM
#24
Well even now with IPv4 there are people with a shitload of IPs (for example botnet owners or ISPs), and that will only get worse. If bitcoin somehow relies on IPs being scarce, this is a pretty big (potential) hole in security.
Yea, the networking code is one of those things that no one has really touched since satoshi...though I don't think either port nor IPs can exploit bitcoin for sybil but I just don't know what kind of numbers would actually be required to pull it off (though it does get much, much easier with IPv6).
hero member
Activity: 812
Merit: 1011
No Maps for These Territories
May 07, 2011, 06:28:23 PM
#23
Yea, pretty much, though for IPv6 if you just take a /64 as a single address and ignore anything else from that /64 as a duplicate it might be ok.  Then again, so many of use have /48's from HE so...yea it needs to be thought out.
Well even now with IPv4 there are people with a shitload of IPs (for example botnet owners or ISPs), and that will only get worse. If bitcoin somehow relies on IPs being scarce, this is a pretty big (potential) hole in security.
hero member
Activity: 755
Merit: 501
May 07, 2011, 06:24:13 PM
#22
OK. That sounds pretty serious. These issues will have to be addressed for IPv6 as well, then.
Yea, pretty much, though for IPv6 if you just take a /64 as a single address and ignore anything else from that /64 as a duplicate it might be ok.  Then again, so many of use have /48's from HE so...yea it needs to be thought out.
hero member
Activity: 812
Merit: 1011
No Maps for These Territories
May 07, 2011, 06:18:06 PM
#21
My concerns are more along the lines of potential for DDoSing the network if you have infinite nodes (well 65000 per IP) and sybil attacks.  But those are mostly because I haven't read enough of the networking code to realize all the possibilities (nor do I think anyone really has).  If you spend enough time reading up on net.cpp and can convince people that those aren't a problem, then I'm sure it would get merged.
OK. That sounds pretty serious. These issues will have to be addressed for IPv6 as well, then.
hero member
Activity: 755
Merit: 501
May 07, 2011, 06:08:35 PM
#20
Can you explain which concerns, and why they cannot be addressed? Why would using another port than 8333 be less secure?

I'd say using a fixed port has security/networking problems of its own.
My concerns are more along the lines of potential for DDoSing the network if you have infinite nodes (well 65000 per IP) and sybil attacks.  But those are mostly because I haven't read enough of the networking code to realize all the possibilities (nor do I think anyone really has).  If you spend enough time reading up on net.cpp and can convince people that those aren't a problem, then I'm sure it would get merged.
hero member
Activity: 812
Merit: 1011
No Maps for These Territories
May 07, 2011, 06:00:42 PM
#19
But yea, it will probably never be added due to various security/networking concerns about the results of it.  I agree, its a cool idea to add in theory, but there are too many concerns about it and in financial software, thats just unacceptable.
Can you explain which concerns, and why they cannot be addressed? Why would using another port than 8333 be less secure?

I'd say using a fixed port has security/networking problems of its own.

The only potential issue I could find in this topic is this one:
Quote
Satoshi pointed out that allowing bitcoin/bitcoind to run on a non-standard port could be dangerous, because if misconfigured two bitcoins might both open and write to the same database.
This could be addressed by storing the port number in a configuration file in the same directory as the database (or even *in* the database). One database will only open on one port, effectively protecting it.

Or use some other scheme to make sure only one bitcoin is running on a database at the same time, such as a lock file. This would be even better, as it doesn't depend on TCP rejecting the second bind to the same port

hero member
Activity: 755
Merit: 501
May 07, 2011, 04:40:04 PM
#18
Am I correct that there is currently no way to change from port 8333 and that this will possibly never be a feature ?
Technically, no.  You can change the default port now and it would theoretically work, just very, very poorly. 
But yea, it will probably never be added due to various security/networking concerns about the results of it.  I agree, its a cool idea to add in theory, but there are too many concerns about it and in financial software, thats just unacceptable.
member
Activity: 112
Merit: 11
May 07, 2011, 04:02:48 PM
#17
Am I correct that there is currently no way to change from port 8333 and that this will possibly never be a feature ?
I don't know but arbitrary port selection should be a feature.
imagine if a government outlawed bitcoin usage and forced all their isp's to block port 8333.
newbie
Activity: 15
Merit: 0
May 07, 2011, 03:46:31 PM
#16
Am I correct that there is currently no way to change from port 8333 and that this will possibly never be a feature ?
hero member
Activity: 755
Merit: 501
April 01, 2011, 10:36:58 AM
#15
I am behind a firewall, in which I can open some ports, but not 8333.

Will this function be there in some future versions?
Due to various security/network concerns it will probably never be merged into the mainline Bitcoin version.  You can run a patched bitcoin with -port, but you still won't get incoming connections due to the way clients chose peers to connect to.  You don't strictly need to be able to accept incoming connections for bitcoin to work, it just helps the network if you do, but even if the portoption branch was merged you would still have to be able to make outgoing connections on port 8333.
member
Activity: 116
Merit: 10
April 01, 2011, 09:24:12 AM
#14
I am behind a firewall, in which I can open some ports, but not 8333.

Will this function be there in some future versions?
newbie
Activity: 14
Merit: 0
January 21, 2011, 02:09:38 PM
#13
You'll need to be running the latest source code from github for the nolisten option.
I'm running the windows binary from bitcoin.org and am not comfortable compiling my own wallet. Smiley Is there a timeframe when the nolisten option will be included in the windows binary?

I tried with the current windows version and it does not work. (Either one of the wallets start, second instance grows to 6mb ram usage and then dies before showing the gui) I think this has to do with the listen port of the second instance conflicting with the first?

legendary
Activity: 1652
Merit: 1186
Chief Scientist
January 19, 2011, 10:57:45 PM
#12
Run one instance normally.  It'll listen for incoming bitcoin network connections on port 8333, rpc connections on port 8332, and connect to other nodes.

Run the other instance with a different -datadir, and a bitcoin.conf like this:
nolisten=1
rpcport=7332  (or whatever you like)
noirc=1
connect=127.0.0.1:8333

You'll need to be running the latest source code from github for the nolisten option.

The noirc and connect settings aren't strictly necessary; leave them out and the second instance will make 8 outgoing connections to other bitcoin nodes.  You'll save a little network bandwidth if the nolisten instance only connects to the other node.
newbie
Activity: 14
Merit: 0
January 19, 2011, 09:25:14 PM
#11
both have a different rcport specified in the config (8332 and 8333)

8333 is the hardcoded P2P port.

So I just need to select a different port then? I am confused here because I configured one instance as:

rpcport=8333
rpcconnect=127.0.0.1:8333

and I configured the other instance as:

rpcport=8332
rpcconnect=127.0.0.1:8332


This solution seems to work fine but not when I run both at the same time. (i.e. either one wallet OR the other wallet) I am obviously doing something wrong here but can't figured out what. I trolled through most of the forum posts to look for an answer.

-=-=-=- DOUBLE  TROUBLE =-=-=-=-
http://doubletrouble.bitcoinbet.com
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
legendary
Activity: 1596
Merit: 1022
January 19, 2011, 07:42:55 PM
#10
both have a different rcport specified in the config (8332 and 8333)

8333 is the hardcoded P2P port.
newbie
Activity: 14
Merit: 0
January 19, 2011, 07:41:59 PM
#9
I've been working on adding -port= / -rpcport=  command line / config file options to bitcoin.  The idea is to let you run multiple copies of bitcoind on one machine; I need this because I'm planning on having at least two Bitcoin-related web services (the Bitcoin Faucet and a service to be named later), I want them to have completely separate wallets, but I don't want to rent multiple servers to host them.

Same here. I have managed to create 2 wallets and two instances of a bitcoin.conf.

both have a different rcport specified in the config (8332 and 8333)

I can start either one of them and it works fine, the web sites using the wallet can connect.

However.... If I start the second bitcoin instance (I'm on windows) the second process grows to about 6 Mb and then just dies.... So each of them wallets runs just fine alone but not together.

Is there any way I can debug to see what happened? I tried switching on options in the config (like noirc and the connect only to...) but it does not seem to make a difference.

Kind regards,

MoneyTree

http://doubletrouble.bitcoinbet.com/
legendary
Activity: 1596
Merit: 1022
September 12, 2010, 04:50:25 PM
#8
Is there a way to open BerkeleyDB exclusive?

What is your intended goal?

If it is to prevent two bitcoin clients from actively using the same database, you'll need to employ application-level protection.  Crude methods of this include a lockfile or "lock" database entry.

If the intention is to prevent all other access, I'd suggest giving up on that goal Smiley  It is highly useful to permit db4 tools to access db4 databases:
Code:
db46_archive     db46_deadlock    db46_load        db46_stat
db46_checkpoint  db46_dump        db46_printlog    db46_upgrade
db46_codegen     db46_hotbackup   db46_recover     db46_verify

and just as useful to permit read-only accesses by tools such as gavin's bitcointools.

founder
Activity: 364
Merit: 3077
September 12, 2010, 01:40:20 PM
#7
Also, does Bitcoin open the BerkeleyDB as exclusive, precluding the need for a file lock?It does not -- did my own tests.
Is there a way to open BerkeleyDB exclusive?

DB_PRIVATE is the worst of both worlds.  DB_PRIVATE is not exclusive, but it does make it get screwed up if another process tries to access it at the same time.

I've dropped the DB_PRIVATE flag in rev 153.
legendary
Activity: 1596
Merit: 1022
August 10, 2010, 01:07:15 PM
#6
Do you have an updated version of this patch for SVN revision 125? Also, does Bitcoin open the BerkeleyDB as exclusive, precluding the need for a file lock?It does not -- did my own tests.

It does open with DB_PRIVATE.

http://www.oracle.com/technology/documentation/berkeley-db/db/api_reference/C/envopen.html
full member
Activity: 210
Merit: 100
August 10, 2010, 11:24:55 AM
#5
Do you have an updated version of this patch for SVN revision 125? Also, does Bitcoin open the BerkeleyDB as exclusive, precluding the need for a file lock?It does not -- did my own tests.
newbie
Activity: 53
Merit: 0
July 27, 2010, 03:00:15 PM
#4
I've been working on adding -port= / -rpcport=  command line / config file options to bitcoin

Nice.  In addition it would be good to have an -ip= option for what address to bind the port.  (rpcport binds to 127.0.0.1 but currently port binds to 0.0.0.0 which is all IP addresses on the machine.  On my multi-homed system I'd like to bind bitcoin to the external address different from the bitcoin(s) that binds to the internal address(es).)
hero member
Activity: 574
Merit: 504
July 27, 2010, 10:53:46 AM
#3
Satoshi pointed out that allowing bitcoin/bitcoind to run on a non-standard port could be dangerous, because if misconfigured two bitcoins might both open and write to the same database.  To prevent that, the /db.log file is used as a lock so only one bitcoin can access the same datadir at a time (uses boost::interprocess::file_lock, which is purported to be cross-platform and well-behaved, even if bitcoin crashes).

Additionally you could run each client as a different system user.
sr. member
Activity: 252
Merit: 255
July 27, 2010, 10:42:23 AM
#2
If I was a C++ programmer, I would make multiple instances of Bitcoin automatically talk to each other. But then again, I don't know how hard it is to do cross platform interprocess communication. If a data directory was already being used by one instance, then the new instance would be required to use a different data directory. Sure, you probably can make multiple instances share some or all the files in a data directory, but I think it's a bad idea since it the likelihood for little bugs is high, but the likelihood of the likelihood of those being discovered, researched, reported and fixed is low since the feature wouldn't get much exposure. Imagine the mess it will make if somebody starts half a dozen instances. Shocked
legendary
Activity: 1652
Merit: 1186
Chief Scientist
July 27, 2010, 10:08:17 AM
#1
I've been working on adding -port= / -rpcport=  command line / config file options to bitcoin.  The idea is to let you run multiple copies of bitcoind on one machine; I need this because I'm planning on having at least two Bitcoin-related web services (the Bitcoin Faucet and a service to be named later), I want them to have completely separate wallets, but I don't want to rent multiple servers to host them.

Usage looks like this:
Code:
$ ./bitcoind getbalance  # The TEST network Faucet bitcoind
40616.66159265000
$ ./bitcoind -datadir=/home/bitcoin/.bitcoinTEST2 getbalance
1000.000000000000
$ cat /home/bitcoin/.bitcoinTEST2/bitcoin.conf
rpcpassword=.....
port=18666
rpcport=18665

Satoshi pointed out that allowing bitcoin/bitcoind to run on a non-standard port could be dangerous, because if misconfigured two bitcoins might both open and write to the same database.  To prevent that, the /db.log file is used as a lock so only one bitcoin can access the same datadir at a time (uses boost::interprocess::file_lock, which is purported to be cross-platform and well-behaved, even if bitcoin crashes).

Issues that came up as I was doing this:

I left a call to wxSingleInstanceChecker in the Windows GUI code, so no multiple-gui-bitcoins-listening-on-different-ports on Windows.  I don't do Windows...

I didn't bother making the error handling graceful if you point two bitcoins at the same datadir (you get a runtime exception "Cannot lock db.log, is bitcoin already running?").

Patches are at http://pastebin.com/2e4hfXSS; I've only tested on Linux so far, anybody willing to try this on Windows?

Jump to: