Document ports requirements

[eschnou]

Should any ports be available to the outside for proper operation of the daemon? Does it help the network if we open some ports? I could not find documentation about this anywhere.

[miguelfreitas]

Yes, default port for bitcoin-like network is 28333 (tcp). This will be requested to your upnp-aware router if you compiled miniupnp support.

Default port to DHT and torrent is 28333 + 1000 = 29333 (both udp and tcp). afair libtorrent will also try to upnp request it.

[BlockTester]

I noticed many more ports opened by twister, namely 4433, 4434, 1900. It would be great to document these (and the above) in the official documentation.

[iShift]

@BlockTester +1

[toyg]

@BlockTester @iShift Miguel said elsewhere that 4433-4 are likely for the RPC interface over SSL (which might not work, at this point) inherited from bitcoind, since he himself didn't use them. I have them blocked in my AWS instance and things seem to work ok anyway. Haven't seen 1900 before though...

[toyg]

Ok, I've figured it out. 4433 is the default LIBTORRENT ssl port, i.e. for DHT operations only. Because @miguelfreitas expects 29333 in code, I believe that other port is just sitting there doing nothing...? I don't see 1900 being used, so that's a red herring.

Wrapping up, @eschnou : if you want to document this anywhere:

• 28333 inbound - must be open for blockchain sync operations. Supports UPNP.
• 29333 inbound - must be open for DHT operations. Supports UPNP.
• 4433 inbound - DHT-over-SSL, likely unused at this point
• 20000+ outbound - twisterd will open outgoing connections on a number of ephemeral ports to manage both blockchain sync and DHT operations. Support UPNP.

[BlockTester]

twisterd  19190 user   24u  IPv6 198338547      0t0  TCP *:28332 (LISTEN)
twisterd  19190 user   32u  IPv4 198338548      0t0  TCP *:29333 (LISTEN)
twisterd  19190 user   33u  IPv4 198338557      0t0  UDP *:1900 
twisterd  19190 user   34u  IPv4 198338549      0t0  TCP *:4433 (LISTEN)
twisterd  19190 user   36u  IPv6 198338551      0t0  TCP *:4434 (LISTEN)
twisterd  19190 user   37u  IPv4 198338554      0t0  UDP *:29333 
twisterd  19190 user   44u  IPv4 198342697      0t0  UDP *:60177 

[toyg]

Weird, I don't see 1900 and 60177 here on OSX...? What's the exact command you ran ?

[BlockTester]

For listing?

lsof -i | fgrep twister

Running Debian Jessie/Testing 64bit.

[miguelfreitas]

@toyg just to confirm: 4433 is from libtorrent (not sure if used for DHT or torrent though) not bitcoin's.

Bitcoin's inherited SSL RPC support is believed to work, but untested.

[toyg]

@BlockTester ok, yes, I see it now:

twisterd  69732 toyg   34u  IPv4 0xe19c8867bf0e2ce9      0t0  UDP *:ssdp

SSDP sits on port 1900. http://en.wikipedia.org/wiki/Simple_Service_Discovery_Protocol i.e. it's part of the UPNP machinery. Not a port you should expose to the internet.

I don't see port 60177 but I do have a couple of random-looking UDP listening in the ephemeral range. I suspect it's more UPNP stuff.

[BlockTester]

Good find for the port, I honest hadn't even searched. Nevertheless it should be documented since the program does indeed open that port. Likewise for the rest of the UPNP stuff. Is there a switch somewhere to turn it off altogether? I suspect most people at this stage don't even use it (when more regular joes will join in that might be a different story).

[toyg]

man, I love upnp, it's a life-saver! :smile_cat:

You can disable it in twister.conf with upnp=0

[iShift]

old issue we can close that we have pull #121