Author: Gregory Maxwell
Published on: 2011-07-01T17:59:47+00:00
In a forum poll, the votes for whether to turn on or off UPnP are split 50/50. The original poster is in favor of turning it on by default in the GUI and leaving it off in bitcoind. Although they do not like UPnP, they strongly support it being on because leaving it off is not really an alternative. They believe that a forum poll is not the right tool to use to decide if bitcoin keeps working or not. The Bitcoin/bitcoind difference seems confusing to them since when someone complains about connectivity, they will have to remember to ask which one they are using. Enabling UPnP for the GUI is probably sufficient in terms of network health. The poster believes that it will probably happen anyways as most bitcoind users build locally and do not bother installing the UPnP library. They also point out that no one seems concerned that Bitcoin (by default!) listens on port 8333, so they think it's only logical to extend that to work behind NATs as well. They note that listening at all is more interesting than UPnP - though almost any harm that listening can cause can also be caused by outgoing connections since the protocol is symmetric. If you want to talk about worrying people about security, the IRC connections seriously set off alarm bells, especially when someone looks and sees something indistinguishable from a botnet in IRC. Until they get IRC disabled nothing else is really all that significant from a security perspective.Another user agrees that UPnP is bad for an individual but good for the network, and someone has to make the tough decision and turn it on. However, users who don't like it can still disable listening, which is healthier for the network right now than leaving listening on but not actually working. They suggest fixing the incentive structure somewhat by giving preference in the form of preferred forwarding from/to to nodes that we've connected to vs connected to us, potentially improved relay rules. This would give incentives to listen (faster txn processing, hearing about blocks earlier) and also reduce the effectiveness of some DOS attacks.
Updated on: 2023-05-17T16:46:45.180473+00:00