Topic: Why is Miniupnpc in Bitcoin-Qt? (Read 2029 times)

Thanks for the info. Sorry for your time. Everything is just fine.

That IS the case for official builds!? We have a Bitcoin-Qt option and take a look at the -upnp parameter.

Dia

That's a good suggestion (plus option in the bitcoin.conf file, since I don't use the UI version).  In my case, it is/was that way however simply because I didn't have libminiupnp installed and found it simpler to deactivate it in the build than to installing it.  (That's no argument that it should be that way, of course.)

So why not always include the library and have an option in the preferences to deactivate UPNP?

IIRC, You asked this previously and it was explained to you.  Bitcoin preferentially connects to the default port if it is able to in order to reduce the problem of a malicious party announcing other peoples addresses maliciously and creating connection DDOS attacks against random ports.  Its important that Bitcoin not act as a network nuisance and get itself banned from networks, so it doesn't use non-default ports unless the default ports aren't working.  I can't see into Satoshi's mind, but the rational seems clear enough for me.

Adding additional nodes on a single network is not of tremendous value to the network, though if you'd like to do so for local scaling reasons (instead of just increasing the accepted connections on a single node) you can simply load balance at the front end, iptables will do this happily, as will many commercial routers and firewalls. I've had multiple inbound nodes on a single IP this way without issue.  If there was evidence of a problem that could be solved by having more nodes on distinct ports treating a small range of high ports as equally preferred, which would also avoid the nuisance/DDOS risk. ... but I haven't seen a reason to even propose a BIP for it. If you have one, I'm all ears.

[Sorry for continuing the OT here,  but I'm somewhat concerned that piotr_n's misinformation— if unanswered— may adversely impact my personal reputation as well as the stability of the bitcoin ecosystem, e.g. if people who don't know better see his unanswered allegations that core developers never explain anything they may believe it]

This is drifting too far off topic for my taste. I will lock this thread tomorrow so create a new thread and post a link to it here if you want to.

Why the first 50 addresses with non-default port number are considered same as invalid?
To be honest, I have no idea. Just like I have no idea about a purpose of many things this s/w does, also spotted BTW.
But my personal experience advises me to not ask these kind of questions, because they don't like it.
It's a feature, not an issue - that's all you need to know.
The bitcoin elite is an actual elite, so if they made an effort to add a line of code - who are we to question it?

The obvious question now would be:
WTF? Why?

OK - I know already.

Maybe indeed I should not had said that it did not work with other port numbers than 8333, since it's not entirely true.

But I was right that it was not an issue - it's obviously a feature:

Even if it was an issue for someone, he does not need to change the source code to solve it - not at all.
He only needs to convince everyone else to setup a non-default TCP port in their clients - and then he should finally get some incoming satoshi connections...

Especially with a banscore of 90

As I said, I will re-check it and let you know again.

Ok, I found one with Satoshi subver, but I guess that doesn't mean it's really a Satoshi client.

Hm. I didn't check that.
Ok, there's no "subver":

Hmm.. OK, sorry - let me retest then.. last time I checked it wasn't working.
Are you sure that these are connections from an actual satoshi nodes?
They shouldn't connect twice, you know...

You mean version 0.8.3 ?
Lol, yeah, right. 

No wonder that there was a lack of listening peers, since the satoshi client version 2013 still does not work with any TCP port except 8333.
It wont even connect to a different port, despite of the port number being an actual part of the protocol's addr structure - I guess it's to make the competition look equally bad

If you have a huge network behind NAT, only one PC is entitled to run a listening node, no matter how good you are in configuring your router, or how big was the upnp lib that you have liked it with.
Moreover, if you want to stop someone from using bitcoin, all you need to do is to block TCP port 8333 on your firewall and he won't be able to circumvent such a blockade, otherwise than by using Tor or VPN, which will be either slow or expensive.

But don't mind me - I'm always complaining about not an issues

There are NAT punching techniques that could help.  However, if most of the network has upnp, then it doesn't cause that much of a problem.  All connections have to be outbound.

When the router has UPnP disabled you can't do anything about that.

Dia

Well, I am currently on a Wireless connection, and I mean via a Nanostation that communicates to the main antenna of my ISP and this Nanostation M5 has a built-in router, but I have access neither to the router OR Nanostation control panel. Even UpnP does not forward my ports.

Personally I don't have libminiupnpc installed on my system and manually disable building with it each time I compile bitcoin, since I don't want my router to "automatically" open ports to me for security reasons.  Since I run bitcoin over Tor anyway, it wouldn't matter though even if I did open the port.  So I can understand the OPs ideas very well.  (Note that to help the network, I'm running a full node with 50-100 connections on my VPS.)

But I can also understand very well that probably without that most users wouldn't even know about opening their ports, so I think we can keep the current behaviour.

Yeah, of course.

OK. That is a strong argument.

Hmm I assumed normal people would not have to configure anything.