UPnP

airbornflghtairbornflght Houston, TX Icrontian
edited October 2007 in Science & Tech
Should I leave it on or not?

I'm in a house with about 50 users. I know that it can set up port forwarding/triggering on demand, but what are the risks to leaving it enabled, if any?

Comments

  • kryystkryyst Ontario, Canada
    edited October 2007
    Leaving it on won't hurt anything and will save you some headaches. The risks of leaving it on are relatively minor. If you have an affected machine it'll be able to get out. But by that same token if you have an infected machine you have more to worry about then an open port.

    If you don't have UPnP running then you'll constantly have to be opening up ports in your firewall for the various users. When you put a hole in your firewall that hole stays open until you manually close it. With UPnP when the request for that port goes away the hole will time out and close.
  • airbornflghtairbornflght Houston, TX Icrontian
    edited October 2007
    With port triggering it automatically closes affter a certain period of inacctivity too though. I'm just worried about torrent and p2p users hammering the router.
  • kryystkryyst Ontario, Canada
    edited October 2007
    It's been my experience that port triggering doesn't work as well as UPnP, though that does very router by router.

    When it comes to p2p traffic controlling the ports will only completely allow or completely block that traffic. If you want to prevent p2p traffic from hammering your network then you need to control it through QoS. Which depending on the QoS abilities you have with the router you can control that on a Port by Port basis or by doing traffic shapping based on how much bandwidth is being requested and what type of bandwidth it is.

    So a decent QoS could say give max priority to port 80 at 75% bandwidth, but anything that bursts (usually meaning a file download) limit it to 50%. The idea being that it'll keep webpages coming in fast over port 80 but file transfers on port 80 it'll cut back to 50%.
  • airbornflghtairbornflght Houston, TX Icrontian
    edited October 2007
    ok. it's QoS features seem pretty solid, I'll give that a shot. Because about an hour ago people were complaining about the internet being down again, but it wasn't. There were 4 people running file sharing already. One day after the new router and they already figured out it's wide open. So I just killed UPnP for now.
Sign In or Register to comment.