Opening ports for relays

My relays are connecting to the other relays without any problem, and I can sync all blocks. But I have not opened any ports on my relay servers.

I assume this is because my outbound traffic is unblocked, like it normally is for a pc visiting a website.

But would this be any problem?

Are there ports that MUST be opened?

Can I just assume if I can connect to other relays it should be fine?

Or is this some kind of security risk?

Hi Bob,

Yes, you need to open your relay ports to allow inbound connections, as these are important to ensure minted blocks take to the chain:

You can follow this post regarding setting up your firewall rules:

Your friend, FROG

Thanks I understand that, but my point is I have a default installation of Ubuntu 20.04, with no firewall changes at all. And my relays appear to connect to other relays without any problems.

Does this mean by default I have open INCOMING ports? When I do a port scan from an “outside network”, it doesnt appear the ports are open. But still my relays connect to other networks fine. I assume this is because by default, all OUTBOUND ports are open.

So will I need to change anything?

Yes you will need to open your relay ports to inbound. Other nodes need to be able to “pull” your blocks for them to take to the chain.

Here’s what I use for Ubuntu 20.04 firewall settings:

Your friend, FROG

Thanks. Do I need to open the same port other relay nodes use (relays other people)?

So if I want to use a peer that uses port 3003, do i need this port open too?

My pleasure.

Relays listed in your topology would be outbound connections. You would need to open outbound traffic to those specific ports only if you are limiting outbound traffic via your firewall. You would never need to allow inbound connections to ports used by other relays - just your own.