Incoming Peers question

Support and Troubleshooting
1

My node is synced and running on Rabsperry Pi. It all looks good on interface. I followed all steps during installing process. I have 10 peers after 24 hours and when checked with Full Noded wallet it says that they are only outgoing peers. Is my node fully functional or should I worry about router settings etc? It is connected via ethernet.
I’m on mac osx and my terminal does not seem to work so I’m not sure how to check it. Bitnodes.io connects automatically to my main computer and when I put in my Umbrel url it says invalid ip address.

2

Hi @riotrade,

Peer Discovery

IMSMR, From years past when I was more active in the dev side of crypto/blockchain projects, working on this stuff we used a technique called “dns-seeds” in our config file.

The job of dnsseed would be to act as a hardcoded array of URI’s/IP’s of nodes which the bitcoin client can then query when run to begin syncing

To get the initial source of peers populated so the daemon becomes aware of where to begin asking the network for additional peers to start the sync process can be done in a number of different ways,
Which is what Bitcoin does indeed do.

For Bitcoin to know where to aim in order for the node to get started on the blockchain sync process, these dnsseed nodes, the initial peer nodes who job it would be to either act as a sync node directly or as a relay to Gossip back to the client a fresh list of other known/unknown peers currently available on the network. (simplified)

This process acts two-fold it helps get client nodes synced and it helps maintain a list of fresh sync-nodes on the main-net out to those peers IP addresses to other nodes on the network, which would in-turn allow others on the network to help participate in getting the client node synced.

in fact, there are several routines carried out by Bitcoin client to collect peers even before the IBD starts.

Connecting to peers

The dns seed help establish the initial seeds who then sends out “getaddr()” from peers on the network and are of the correct version done with version requests to gather additional peers from throughout the network to begin the Initial Block Download
Its done over ipv4/ipv6/onion

Currently I also have 11 peers connected to my node.

This is a feature of Umbrel/Bitcoin not really an issue. :slight_smile:

  1. Umbrel docker-compose.yml pulls in Bitcoin docker container repository:
    https://github.com/getumbrel/umbrel/blob/master/docker-compose.yml#L31-L33

Code:

bitcoin:
      container_name: bitcoin
      image: >lncm/bitcoind:v0.21.1@sha256:5bedb46d698de16c59e9e43d31485d0d82239bd437d62ac7cf47ebb633214f37
  1. Now we study …/bitcoin/src/net.cpp
    https://github.com/bitcoin/bitcoin/blob/master/src/net.cpp#L1727-L1729 
LogPrintf("Loading addresses from DNS seed %s\n", seed);
if (HaveNameProxy()) {
   AddAddrFetch(seed);
  1. Here we can see Bitcoin method for deciding on if it needs fall back to use DNS Seed or rely Bitcoin’s P2P network to get its peer list.

This is how I suspect/know how Umbrel has been designed to work. (I could be wrong :thinking:)

Stealth to keep your Wealth

Umbrel works in almost a stealth mode which is by design, as in, it dose not forward (or expose) your internals to the public side of your LAN/WAN unless told to do so (by you or another app or service).

As explained in the umbrel docs if you need to access remotely you do that over Tor.

Like with all Operating Systems/Platforms/App’s you can almost make/allow them to do anything you wish. The decision to minimise Umbrel node exposure to the wild is down to a number of factors

  • Security (Want to keep your funds safe :slight_smile: )
  • Privacy (Privacy by default not optional :wink: )

Back to Bitnodes.io

So returning back to the the original question and how the http://bitnodes.io/ website will not detect your umbrel node (Unless told otherwise) is if we take a look at the script itself to identify what it is that bitnodes.io node crawler is using to detect bitcoin nodes on the network.

  1. We download the shell script (Don’t run just inspect it - unless you want to :slight_smile: )
curl https://bitnodes.io/install-full-node.sh | cat {pwd}\install-full-node.sh
  1. This is the key part you need to change to get your node showing up on bitnodes.io when its crawled the network again:
### IPv4/IPv6 mode ###
# This mode requires uPnP feature on your router to allow Bitcoin Core to accept incoming connections.
bind=0.0.0.0
upnp=1

### Tor mode ###
# This mode requires tor (https://www.torproject.org/download/) to be running at the proxy address below.
# No configuration is needed on your router to allow Bitcoin Core to accept incoming connections.
#proxy=127.0.0.1:9050
#bind=127.0.0.1
#onlynet=onion

listen=1
port=$PORT
maxconnections=64

dbcache=64
par=2
checkblocks=24
checklevel=0

disablewallet=1

rpccookiefile=$TARGET_DIR/.bitcoin/.cookie
rpcbind=127.0.0.1
rpcport=8332
rpcallowip=127.0.0.1
EOF

Summary

You see what bitnode is trying to look for so that it can crawl the nodes and basically index the visible network by checking publicly visible nodes running on bitcoin port 8333/tcp

With Umbrel by default this is set to deny inbound requests on port 8333/tcp [as I think its tied to local loopback only requests ip: 0.0.0.0]

Sites like this check for “listening nodes”, nodes that are configured to allow for incoming connections umbrel is working with Docker containers with the apps as sub containers all linked to Docker’s internal .env host > client bridge.

So, as an analogy docker and the umbrel middleware/manager stack is inside and compartmentalised into sub-network and apps are port mapped internally, a containerised environment which has connections routed through NGINX which acts as a reverse-Proxy and blocks http traffic from the WAN but allows for communication through .onion only links if in accordance with the authorised host its configured for.

Some part detailed here may need some citation.

Its a little bit long winded however you may find a more complete explanation on how Bitcoin operates over at Bitcoin Developer P2P Network - Peer Discovery Docs

To see how Bitcoin works (and the other apps) inside Umbrel you best bet is to have a good r00t around the umbrel github repository & on your RPi filesystem where you will see the registry.json | docker-compose.yml | local .env | and *.conf files.

Hope this helps explain things more clearly.

3 Likes
3

Hello, I am a newbie. I am running Bitcoin Core but I can’t get the inbound connections because I can’t open port 8333. Is this Umbrel no need to open port and can get the inbound connections?

4

Umbrel run behind Tor. Do you know how Tor works?
If you can’t open port 8333 on your router and node, then you will be limited to max 10-11 peers. That is more than enough to run a node.

5

I don’t know how Tor works but I know it can help receiving inbound connection.
I got a DM reply from Umbrel (Twitter): Umbrel receiving inbound connections via Tor.
That’s great for me.

6

Screenshot 2022-02-24 at 10.01.32 AM
Screenshot 2022-02-24 at 10.01.32 AM1054×1564 177 KB

they say not receiving inbound connections via Tor now.
Any Umbrel user here? Got inbound connnections via Tor or not?
I don’t have Umbrel now. If got then I will get Umbrel.

7

image
image1320×317 19 KB

As I already told you: go to BTC RPC Explorer app in Umbrel and in node details you will see exactly your node communication and many more stats.
It will show you exactly how many peers you have in a certain moment and how they are connected (in or out).

By design a Tor node (or without port 8333 open in your router) will NOT have more than 11 peers. I really don’t understand why you insist so much in this matter.

8

Bro, I don’t have the Umbrel yet. Okay, I saw it. 1 in, 10 out. Thanks

9

Hi, not trying to beat this to death, but I have a few similar questions. (If you know, if not, thank you anyways)

  1. Do I even need inbound connections for lightning network channels to connect from others to me? Or is this apples and oranges?

  2. I know how TOR works (in theory), and I can also open ports on my router (I already have 80 and 443 open for other things). Is it really just that simple, opening 8883 and port-forwarding to the local IP? Does Umbrel have a reverse proxy already, or some other means to keep people from connecting? Also I have DDNS through my ISP, is that an issue?

Thanks in advance

10
  1. No. The peers for bitcoin node are NOT the same as for LN node. Are two total different type of peers.
  2. You should stick with Tor for more privacy. That means you do not need to open any ports on your router. Umbrel was designed EXACTLY for this, to be easy for a simple user to run a at home a node, in private and without need to tinker anything else. Umbrel by default works behind Tor, so there is no reverse proxy or anything else. DDNS have nothing to do with your Umbrel node.
1 Like
11

Screenshot 2022-03-02 at 8.48.11 PM
Screenshot 2022-03-02 at 8.48.11 PM2880×1800 624 KB

Hi, is the Umbrel receiving non-listening node?

12

How many times we have to explain you this?
Read again this whole thread.

13

image
image828×615 123 KB

1 Like