Overview

An open blockchain requires that all participants are aware of its current state, so nodes must talk to each other and keep up to date. This constant P2P communication is how the entire network stays in sync.

Your node maintains a changing list of peers (other nodes) to communicate with, which are split into two categories:

• Outbound peers - These are peers who your node made the initial contact with and established a connection. In other words, you found them, not the other way around.
• Inbound peers - where your peers are inbound, it means they are the ones who made the initial request to connect. Your node was listening and accepted their request to become peers.

By default, you will have 8 outbound peers and no inbound. But data is always being exchanged exactly the same between you and your peers, no matter if they’re inbound or outbound.

To acquire inbound peers, you need to allow for external connections. Your node is listening for the outside world on port 3414, and for him to hear anything you will have to open this port, aka port forwarding. This will make it a public node.

So why allow inbound?

A node which is not open to external connections is basically only leeching, in the sense that it doesn’t allow new (or newly returning) nodes who wish to sync the blockchain to get the data from him. He would only request connections (thus only connect) to peers who are up to date.

It is also worth noting that with the dandelion protocol, transactions are only passed through public nodes before they’re broadcast to the network. A private node can’t participate in the stemming process.

View dandelion illustration

dandelion.png1035×539

Conclusion: If you have a high-bandwidth connection to the internet and plan to keep your node running somewhat consistently, then having port 3414 open would be extremely valuable to the health of the network.

How to allow inbound?

This usually requires changing your router settings, as most are very restrictive.

Find default gateway

First step would be to find your default gateway. It is usually in the form of 192.168.x.x or 10.x.x.x.

WIndows

Press ❖+R and enter cmd. Then, type:

powershell -command "ipconfig | select-string default" 

macOS

Enter the laucnhpad and search for Terminal. Type the following command.

netstat -nr | grep default

Linux

You know how to open a terminal. Just enter the following:

ip route | grep default

Open port

In your browser, enter your default gateway address into the URL bar. From there you should be able to modify your router settings.

If you’ve never done so before, the user / password combination is probably one of the defaults, so give them a try:

• admin / admin
• admin / 1234
• admin / password
• admin / (leave empty)

note: the combination may also be written on the bottom of your router

Once you’re inside, locate the port forwarding section (usually under advanced settings), then open port 3414 for the computer running your grin node.

If you have an active firewall you might need to configure it as well. Do a simple search on how to open a port on your specific firewall.

Verify

Visit https://canyouseeme.org/ to make sure your port is in fact open and reachable. Your node must be running while you check this.

Hooray!

Is it still correct? I see in the default grin-server.toml, the inbound is commented 128.
I thought the commented parameters here is the default, right?

I need to translate some points to my Vietnam Grin blog.

This doesn’t contradict my earlier comment.
I meant you’ll have no inbound connections if you didn’t actively open the port. Once you do, then I suppose the default max inbound connections is 128.