Disabling uPNP on Dappnode side?


My router supports uPNP and I use it for other things, but I don’t want to use it for Dappnode (mostly because it hijacks 443/80 even though it doesn’t need them except for the VPN).

I disabled it under Supports → Ports but Dappnode is still using uPNP. I had to shut it off on the router level to get Dappnode to release them.

Is there some way to keep uPNP on at the router level and just make sure no Dappnode package uses it?

Before filing a new topic, please provide the following information.

Core DAppNode Packages versions

  • bind.dnp.dappnode.eth: 0.2.6
  • core.dnp.dappnode.eth: 0.2.71
  • dappmanager.dnp.dappnode.eth: 0.2.66, commit: 38304ab3
  • https.dnp.dappnode.eth: 0.1.4
  • ipfs.dnp.dappnode.eth: 0.2.19
  • wifi.dnp.dappnode.eth: 0.2.8
  • wireguard.dnp.dappnode.eth: 0.1.2

System info

  • dockerComposeVersion: 1.25.5
  • dockerServerVersion: 20.10.5+dfsg1
  • dockerCliVersion: 20.10.5+dfsg1
  • os: debian
  • versionCodename: bullseye
  • architecture: amd64
  • kernel: 5.10.0-23-amd64
  • Disk usage: 54%

I think you may be misunderstanding how UPnP works on Dappnode. UPnP is necessary to run almost any package, especially any main blockchain package like ETH clients, Prater/Goerli clients, Gnosis/xDai clients, and more, as the vast majority of packages have P2P ports -sometimes 2 or even more. If you decide to disable UPnP then you will need to manually open between 1-4 ports per package on your router, so please take caution and know that disabling all of Dappnode’s UPnP is almost certainly gonna hurt you more than help.
Also- from the support > ports tab there’s not a way to disable UPnP, only a way to test and scan if the ports are accessible or not. It’s just a status check, not a way to enable or disable functionality.
Your issue seems to mainly be that you don’t want your dappnode to use port 80 and 443. Those ports are used by one core system package, the HTTPS package, which for some packages it is required to be installed for the package to work. But you can disable the HTTPS portal/package by going here and pausing the HTTPS package. Please keep in mind that you cannot securely expose any ports to the outside internet without the HTTPS package. Your dappnode will not request for port 80 or port 443 to be forwarded to your dappnode; depending on your particular use case and packages you run/intend to run this may not be a a big deal for you, but I’d say nearly half of our users run their own dappnode so they can use it as an RPC endpoint for web3 wallets (i.e. MetaMask). But this use case is not possible without the HTTPS package, so keep that in mind.

Disabling all of UPnP on Dappnode is not something I’ve done before personally (I run 3-4 Dappnode’s on a single internet connection at home right now, so I manually handle ports and assign things to get what I need from my setup), but if you want to disable UPnP entirely on the Dappnode side, you should be able to disable it here and in the first entry that says DISABLE_UPNP enter the word true in the field to the right as shown here and click update.

I understand that disabling uPNP requires manually opening different ports depending on the packages used. With Nethermind/Teku and Wireguard this was about 5 ports total. Since I disabled uPNP on my router already, I had to do this to keep Dappnode working. I am not currently using it as an RPC endpoint for web3 (though I don’t know the value in doing that – but all my wallet interaction doesn’t need a direct link between metamask and my node)

I put in the DISABLE_UPNP option and re-enabled uPnp on my router and it seems to be working!

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.