this post was submitted on 02 Oct 2023
32 points (92.1% liked)
Piracy: ꜱᴀɪʟ ᴛʜᴇ ʜɪɢʜ ꜱᴇᴀꜱ
54565 readers
392 users here now
⚓ Dedicated to the discussion of digital piracy, including ethical problems and legal advancements.
Rules • Full Version
1. Posts must be related to the discussion of digital piracy
2. Don't request invites, trade, sell, or self-promote
3. Don't request or link to specific pirated titles, including DMs
4. Don't submit low-quality posts, be entitled, or harass others
Loot, Pillage, & Plunder
📜 c/Piracy Wiki (Community Edition):
💰 Please help cover server costs.
Ko-fi | Liberapay |
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
That's not a dumb question.
So, this question is more how does NAT function. There are different NAT configurations, but basically when you connect to anything behind a router, that router maps a port to be used for the request. Traffic matching its destination on return is then compared against an internal table and sent back through to your device. Opening these ports do not directly increase speed, but they do allow you to join DHT/PeX swarms. If you see an increase in speed its because you are effectively being saturated by connections passively through the swarm.
In a normal situation to connect to these swarms, you would either need to open a port pointing to the port number you configured your torrent application to use thereby making you visible to it, or enable UPnP which dynamically maps ports for the connections to work. Typically, you wouldn't want to enable UPnP as it is then possible to externally query the router and pull a manifest of UPnP advertised devices that exist on your internal network, however.
The problem with opening ports in your router if on a mobile network is that most networks use CGNAT. This is where your router does not hold a publicly routable IP address on the WAN side and instead maps out a single public IP with many (possibly thousands) of other devices. In this case, you would need something like a VPN service that supports port forwards. They would give you a port that they are forwarding for you. You would take that port number and from the device you connected to the VPN from (like your PC) enter that port number into your torrent client's "listening" port field.
Also, cgnat is not common in USA as there is no,shortage of ip addresses. However many other countries have hit their limits in ip4 and cgnat allows the isps to work well with more customers than addresses. Mine will disable it if you ask.
It is less common in the US, but is gaining more traction especially with carriers starting to release 5G home internet options. Currently, T-Mobile and Verizon both use it by default. AT&T has yet to launch their service but probably by/around 2024.
Thanks for detailed explanation. Im too dumb for some of it, but i think i mostly understood.
So if i use my mobile network directly through a usd cable to my phone (not a USB 4G modem/router stick) the only way for me to use open ports is VPN? But i doubt it's really worth it for me, since i never use VPN despite living in Russia. GoodbyeDPI does all the work for blocked domains
Yes, you would have to use a service like a VPN to open ports in that setup. You mentioned you USB tether from your phone. Do Russian providers use datacaps? Datacapping is common in the US, but almost non-existent in other parts of the world like EU territory, so I was curious. For US, it can be bypassed with TTL mangling on 4G LTE networks, but on 5G its a bit trickier and requires a GRE tunnel to be established between the phone and end device. Just curious if you guys have similar issues.
Honestly, the VPN would just be for opening ports for technical reasons, though. Russian VPN anonomity isn't really a thing, but that anonomity is only used to circumvent US copyright law and any international application of US laws (countries have their own copyright laws I understand, but the US does strong-arm countries into adopting more US-centric versions). If your host country does not recognize those things, then I would imagine that becomes a non-issue for you.
I pay like 7$/month for unlimited mobile data, but they do datacap and use very scetchy schemes aswell. I live in a countryside and we have 4G, but they offer you something called "pre-5G" for extra 4$. I tried it last month and obviously didn't feel much difference since it's the same 4G with a "higher priority, P2W". But this month i disabled it and now my speeds are so bad during the day. Lots of websites can be laggy and slow from time to time, they're literally forcing you to enable that thing back, even tho it wasn't as bad before i enabled it.
Speed-wise it can easily get 1.2-1.8 MB/s on torrents, so it's not that bad. But watching Twitch or Youtube can sometimes be annoying because connection can be pretty unstable during daylight, at night everything is perfect. And it's not because there's a lot of other people using mobile data in my area, i'm probably the only one who uses my certain provider here. They do deliberately "shape" the speed down for some reason and lots of people on russian forums complain about it.
Yeah port forwarding through a VPN really isn't worth it.
It defeats the purpose of using a VPN anyway because the VPN provider needs to know that whatever port number should be routed to your private IP address.
So, that's an interesting point. A provider would need to know where to send traffic to, but the idea is generally that they run services from RAM with minimal logging and associate the port forward with your account ID (or some other sub-account ID). That would prevent them from having to record IP address info, but in truth if a VPN provider says they are no-log you are really just trusting them that they aren't lying.
Even if they show they are 3rd-party audited, people need to understand that they KNOW when they are going to be audited and the scope of the audit. Its incredibly easy to game that system if you control how its done.
That being said, if you look at it observationally, people who use port-forwarded VPNs do not receive DMCA notices anywhere near the extent that non-VPN users do, and there isn't any real DMCA notice discrepancy between port-forwarded and non-forwarded VPN services.
I mean you're right in that in practice it might not mean receiving DMCA notices, but it has to identify you.
I mean you've been assigned the port, and your torrent client publishes that port on the tracker. Surely the port assignment can't only be recorded in RAM, you'd have to change the ports configured in your client every few weeks.
I remember when Mullvad offered port forwards, it assigned you both a port and a key. My guess is that they simply authenticated the key to determine if the port should be routed to whatever tunnel established the connection. So, they would have to map that a dynamically generated key was assoicated to the port (and probably other bits of non-PII like datacenter/region), but nothing beyond that point outside memory. Even account IDs they generated were dynamic. In theory if you were able to guess the ID, you could use the account.
Yeah good point. Even when they offered port forwards, they would only do it with the once off payment accounts. If you set up a payment method against your account ID to be used each month then you couldn't do port forward because the port number shown on the tracker could be linked to your card which could be linked to you.