On Mon, 27 Oct 2008 13:28:33 +0100
bqz69 <bqz69 at telia.com> wrote:
> Now my question, is it necessary to have any ports open in order for freenet
> to work best?
No, it's not -necessary- in the sense that your node will work anyway, but it's
a good thing and you should do that. Let's see why.
The whole problem boils down to one single line:
=> If you don't open the Darknet and the Opennet ports, your node won't be able
to accept connections initiated by other nodes. <=
Let's see what are the implications (some of them, anyway)
Think of peer connections as phone calls: one peer calls, another peer answers,
then the two talk.
Without open ports, your node will still be able talk with peers but it won't
be able to 'answer their calls'; the only way to initiate a 'conversation' will
be 'calling' peers and waiting for them to 'answer the phone'.
This is not a problem as long as most Freenet users open their freenet ports
and the only ones who don't open them are those who for one or another reason
can't open their ports at all (no access to router, for instance).
If people leave their ports closed/unforwarded for any stupid reason they came
up with (or simply because they're too lazy to figure out how to do that), more
peers will only be able to 'call' but not 'answer', and of course two peers
that are both able to call but not answer will never start a conversation: both
will keep calling and none will answer the call, so the number of available
peers for any given 'closed ports node' will decrease sensibly, harming the
network. If everyone leave their ports closed just because they don't want to
open them, Freenet is doomed.
Freenet uses two random ports for node-to-node comunication, which means that
an attacker can't determine the existence of a freenet node looking for traffic
on a particular port.
In conclusion, you should allow inbound communications ('answering the phone')
on your darknet and freenet ports, and the only valid reason not to do that is
that you can't.
--
FAFS - The Freenet Applications FreeSite
USK at
ugb~uuscsidMI-Ze8laZe~o3BUIb3S50i25RIwDH99M,9T20t3xoG-dQfMO94LGOl9AxRTkaz~TykFY-voqaTQI,AQACAAE/FAFS/40/
freemail:
luke771 at
MJWEES3VJBMS2ZKMIJUECT3SJB3UK5SBKBAVQYJQO5FXGWSROE2USNDKNMZU2SK2ORXUKLDZJYWXQUSNMRYUCWD6IF3HAULWKRKWW2SJJVEGQQTDNNKGYMRWKFZW6V3ONNIDKQ3DKR3SYQKRIFBUCQKF.freemail
