Port forwarding can be necessary for helping your node stay synced and connected to peers. This can increase connections/peers for your Qortal core node(s). We will try to make this scenario as simple as we can - as there are several variables. Choose the section below that fits your situation:

Option 1: In this case, you only have ONE device that is acting as a blockchain node for Qortal AND your router has uPnP enabled. The default settings that your node will have comes with uPnP enabled - uPnP is a feature that most common routers provide by default. If you are unsure, ask your service provider. With uPnP enabled in the router, and only ONE node running on your home network, you do NOT need to configure anything further on this guide.

Option 2: If your router does NOT offer uPNP, you will need to port forward AND disable the default uPnP in your settings.json:

1) Stop the core:

cd qortal && ./stop.sh

2) Open your settings.json - this may be blank which indicates you have the default settings. You will then copy and paste the code below into the settings.json and click save:

{
"uPnPEnabled": false,
"listenPort": 12392
}

If you have settings already displayed, look for the uPnPEnabled section, if it exists, simply replace 'true' with 'false'. Then add the listenPort as shown above below uPnPEnabled section (or anywhere within the json settings as it doesn't have to be in a particular order - just be sure to add a comma after each listing, and DO NOT have a comma on the final listing.

3) Login to your router and set the IP address of the node to "STATIC" or "Reserve IP Address" or whatever verbiage your router uses for this setting. This will prevent the node’s IP address from changing and affecting all of this configuration.

4) In your router, configure port forwarding for this device: Inbound: 12392 (sometimes ‘inbound’ is titled ‘internal’) Outbound 12392 (sometimes ‘outbound’ is titled ‘external’) Protocol: TCP

5) Start your core:

cd qortal && ./start.sh

If you have more than one node on your network, then you’ll want to:

• Stop the core, then change the json settings on each node. Please note: the json will have a unique entry on each of your nodes.
• Disable uPnP in the router (if it is a feature in your router and already enabled).
• Configure port forwarding in the router for each node.
• Start the core on each node.

1) Stop the core on each node:

cd qortal && ./stop.sh

2) Pay attention to which node you are going to number as Node 1, Node 2, and so on. Each node will have a DIFFERENT listenPort setting. Open your settings.json for Node 1 - this will be blank which indicates you have the default settings. You will then modify your json settings:

Node 1:

{
"uPnPEnabled": false,
"listenPort": 12392
}

What we are doing here, is adding a listen port entry for each node that correlates with the port forwarding in step 3 below. Please note: the final entry does NOT have a comma after as we see with 12392 above. This is correct. If you have settings already displayed, look for the uPnPEnabled section, if it exists, simply replace 'true' with 'false'. Then add the listenPort as shown above below uPnPEnabled section (or anywhere within the json settings as it doesn't have to be in a particular order - just be sure to add a comma after each listing, and DO NOT have a comma on the final listing.

Node 2:

{
"uPnPEnabled": false,
"listenPort": 12393
}

Note that Node 2 has a DIFFERENT listenPort number than Node 1, which will match the settings in your router for port forwarding as shown in step 3 below. If you have settings already displayed, look for the uPnPEnabled section, if it exists, simply replace 'true' with 'false'. Then add the listenPort as shown above below uPnPEnabled section (or anywhere within the json settings as it doesn't have to be in a particular order - just be sure to add a comma after each listing, and DO NOT have a comma on the final listing.

Node 3:

{
"uPnPEnabled": false,
"listenPort": 12394
}

If you have settings already displayed, look for the uPnPEnabled section, if it exists, simply replace 'true' with 'false'. Then add the listenPort as shown above below uPnPEnabled section (or anywhere within the json settings as it doesn't have to be in a particular order - just be sure to add a comma after each listing, and DO NOT have a comma on the final listing.

Node 4:

{
"uPnPEnabled": false,
"listenPort": 12395
}

If you have settings already displayed, look for the uPnPEnabled section, if it exists, simply replace 'true' with 'false'. Then add the listenPort as shown above below uPnPEnabled section (or anywhere within the json settings as it doesn't have to be in a particular order - just be sure to add a comma after each listing, and DO NOT have a comma on the final listing. And so on….

3) Login to your router and set the IP address of each node to STATIC. This will prevent the node’s IP address from changing and affecting all of this configuration.

4) Set port forwarding for each node as shown in the following. Internal and external for each node will be unique and NOT match the other nodes:

Node 1:: Internal: 12392 External: 12392 Node 2 Internal: 12393 External: 12393 Node 3 Internal: 12394 External: 12394 Node 4** Internal: 12395 External: 12395

etc.

(Just change the last digit in each number.)

5. Start the core on each node:

cd qortal && ./start.sh

Here you can find step by step info for specific router: https://portforward.com/

Static IP guide: https://www.coolblue.nl/en/advice/assign-fixed-ip-address-router.html

Port forwarding guide: https://www.lifewire.com/how-to-port-forward-4163829

It is never a good idea to add your node in DMZ. That will stop all the DPI and SPI and if you have the API enabled and white listed, you are putting your computer at risk! DMZ bypasses the SPI mechanism of the built in filters and all the internet traffic can reach your node directly. SPI (stateful packet inspection) firewall protects you by examining incoming packets against existing connections. Also add UPnP text. If a router has it then it must be enabled. UPnP or NAT-pmp opens dynamic port ranges to act as an assist for SPI. Enabling NAT/UPnP solves problem for the most but unfortunately due to the torrent p2p laws most ISPs now filter ports by default at the client side so port forward is also needed. For example:

219.88.183.49:12392 (qortal-1.2.3-2df0453), height 42318, sig: PXNoJM7W, ts 2020-07-31 17:17:24

192.168.100.83:44380 (qortal-1.2.3-2df0453), height 42318, sig: PXNoJM7W, ts 2020-07-31 17:17:24

Look at the second IP address with a dynamic port. This is UPnP working. Instead of 12392 , it has opened a 44380 port for TCP handshake / connect / ACK.