Is piracy from reddit allowed? Link:
Many people look for a VPN with the primary goal of running Bittorrent. Sadly nearly equally many people have no idea what’s important there and recommend a random popular VPN without port-forwarding. They know no better. These misguided ‘recommendations’ are all over this sub and r/piracy too. Explanation
> But it has been running fine without any port-forwarding for me!
If you are OK with your downloads failing in 10% of cases then continue as usual. If you don’t want to miss a chance, here’s a short explanation:
Bittorrent relies on your connection working both ways: to accept incoming and outgoing connections. Without port-forwarding: you may will see slower speeds, slower speed ramp up and if a torrent has very few online seeders you may run into a situation where you cannot connect to anybody at all - no download! Seeding is very hard without port-forwarding.
Normally home users cannot accept incoming connections due to NAT. This is always the case for proxies and VPNs, but some VPNs allow the assignment of a port that will always lead to your connected device (and to your client). Making outgoing connections is always technically possible but then you rely on the seed/peer to have their ports open! At least one side must be open. There’s no way around.
A detailed explanation would be too long but you can ask in comments.
Is it safe (privacy-wise)? Decide for yourself, discussions also in comments
Opinion & TLDR: If a VPN tracked/logged you, they don’t need port-forwarding to find you. On the other hand, it is possible that the no-log VPN is forced to disclose which account currently (at the time of request) has the port in question configured. So far without known precedents. I believe it’s worth it, without seeding torrents would die. How to
Pick a VPN provider that supports port-forwarding. Here's a list I compiled last month.
Pick a client and force it to only ever use the VPN connection in settings (see screenshots). This is called IP/interface binding
In client settings set the "incoming port" to match the forwarded port from your VPN provider (also referred to as "local port")
Disable UPnP and other automatic configuration unless your VPN provider explicitly only works with UPnP.
You are set. Bon voyage at the calm seas!
Sometimes you also need to allow incoming connections to the client application in your firewall. EDIT: Examples
Explicit examples where port-forwarding will help establishing a connection:
Downloader, closed port <--- ---> Seeder, closed port: Tough luck!
Downloader, closed port ---> Seeder, open port: Instant!
Downloader, open port ---> Seeder, closed port: Bummer. Need to wait until Seed sees and connects back to you. Usually up to 30min (or tracker refresh time)
Downloader, open port <---> Seeder, open port: Instant! in either direction
I am writing these posts to form a complete guide for people to follow and set up everything. Next time I see someone recommending a trashy VPN, I’ll send them here.
I have numerous files which I am intentionally maintaining to improve seeding availability but I’ve always been bothered by how little they seed. Yet somehow while those same files are downloaded, seeding is great. Is this also a case of port forwarding being to blame? I do not have it enabled.
Sounds likely, I haven’t used port forwarding with my VPN since Mullvad stopped supporting it, so when I recently shared my own torrent I paid for 1 month of a seedbox just to make sure it seeds well and the seedbox uploaded ~50GB while my local setup on a VPN without port forwarding only uploaded 1.8GB (and it hardly showed any peers as if nobody was trying to download). So it seems peers had a much easier time connecting to the seedbox.
I have since setup port forwarding in gluetun for my local torrent client. I just wish there was more support for it because gluetun only has built in support for port forwarding for 2 providers (I guess automated requesting a forwarded port), and even then you still have to make your own script to automatically set the port in the torrent client when it’s assigned / changed. It’s possible that some providers do it more like Mullvad where you get assigned a port via the website that is tied to the VPN credentials, so you just have to plug the assigned port into the torrent client settings (that’s how it worked with Mullvad so I could just enter the port once and forget about it) but I haven’t checked other providers to see.
tl;dr you don’t, unless you plan to seed.
And if you plan to seed, invest in a hosted seedbox instead and make the world a better place.
Good Hygiene Reminder: Don’t use an IPv4 only VPN when you have dualstack IPv4/IPv6, or you may/will leak information.