UPnP_Generic Library to auto port-forwarding and provide access to Local (Blynk) Servers from Internet

UPnP_Generic Library

arduino-library-badgeGitHub releaseGitHubcontributions welcomeGitHub issues



Why do we need this UPnP_Generic library

Many of us are manually port-forwarding in Internet Gateway Device (IGD, Router) in order to provide access to local Web Services from the Internet. For example to provide access to your Local Blynk Server from Internet using Dynamic DNS or fixed IP.

This library provides the easier way to automatically port-forward by using the Simple Service Discovery Protocol (SSDP), running on nRF52, SAMD21/SAMD51, STM32F/L/H/G/WB/MP1, Teensy, ESP8266/ESP32, using ESP WiFi, WiFiNINA, Ethernet W5x00, ESP8266/ESP32 AT-command WiFi supporting UDP Multicast.

The SSDP provides a mechanism whereby network clients, with little or no static configuration, can discover network services. SSDP accomplishes this by providing for multicast discovery support as well as server based notification and discovery routing.

The SSDP is used for advertisement and discovery of network services and presence information. It accomplishes the task without assistance of server-based configuration mechanisms, such as Dynamic Host Configuration Protocol (DHCP) or Domain Name System (DNS), and without special static configuration of a network host. SSDP is the basis of the discovery protocol of Universal Plug and Play (UPnP) and is intended for use in residential or small office environments.

This UPnP_Generic library is created to automatically update your IGDs with the requested port-forward information, using one of the many available boards / shields. See Currently Supported Boards.

The time between checks to update the UPnP Port Mappings is configurable to match your use case, and is set in the examples at 10 minutes. The LEASE_DURATION is also configurable and default to 10hrs (36000s). The Virtual Server Name can also be specified in the sketch and is shown in the IGD, e.g. NRF52-W5X00 or ESP8266-WIFI as in the following picture:

The UPnP_Generic code is very short, can be immersed in your Projects and to be called in the loop() code.

This UPnP_Generic library is based on and modified from Ofek Pearl’s TinyUPnP Library to add support to many boards and shields besides ESP32 and ESP8266.


Releases v3.1.4

  1. Initial coding for Generic boards using many different WiFi/Ethernet modules/shields.
  2. Add more examples

Currently Supported Boards

  • ESP8266
  • ESP32
  • AdaFruit Feather nRF52832, nRF52840 Express, BlueFruit Sense, Itsy-Bitsy nRF52840 Express, Metro nRF52840 Express, NINA_B302_ublox, NINA_B112_ublox etc..
  • Arduino SAMD21 (ZERO, MKR, NANO_33_IOT, etc.).
  • Adafruit SAM21 (Itsy-Bitsy M0, Metro M0, Feather M0, Gemma M0, etc.).
  • Adafruit SAM51 (Itsy-Bitsy M4, Metro M4, Grand Central M4, Feather M4 Express, etc.).
  • Seeeduino SAMD21/SAMD51 boards (SEEED_WIO_TERMINAL, SEEED_FEMTO_M0, SEEED_XIAO_M0, Wio_Lite_MG126, WIO_GPS_BOARD, SEEEDUINO_ZERO, SEEEDUINO_LORAWAN, SEEED_GROVE_UI_WIRELESS, etc.)
  • STM32 (Nucleo-144, Nucleo-64, Nucleo-32, Discovery, STM32F1, STM32F3, STM32F4, STM32H7, STM32L0, etc.).
  • STM32F/L/H/G/WB/MP1 (Nucleo-64 L053R8,Nucleo-144, Nucleo-64, Nucleo-32, Discovery, STM32Fx, STM32H7, STM32Lx, STM32Gx, STM32WB, STM32MP1, etc.) having 64K+ Flash program memory.

Currently Supported WiFi Modules/Shields

  • ESP8266 built-in WiFi
  • ESP32 built-in WiFi
  • WiFiNINA using WiFiNINA or WiFiNINA_Generic library.
  • ESP8266-AT, ESP32-AT WiFi shields using WiFiEspAT or ESP8266_AT_WebServer library.

Currently Supported Ethernet Modules/Shields

  • W5x00’s using Ethernet, EthernetLarge or Ethernet3 Library.
  • Ethernet2 Library is also supported after applying the fix to add Multicast feature. See Libraries’ Patches
  • ENC28J60 using EthernetENC or UIPEthernet library is not supported as UDP Multicast is not available by design.
  • LAN872A using STM32Ethernet / STM32 LwIP libraries is not supported as UDP Multicast is not enabled by design, unless you modify the code to add support.
1 Like

I don’t follow… How will this library open up my router to accept incoming traffic to a local server?

And what about those SSDP vulnerabilities?

The board, running the UPnP_Generic library, will talk to the Router using SSDP, to automatically open the Virtual Server to the IP:Port of your board. You don’t need to access the Router to configure it manually.

Combined with the DNS Server, DDNS_Generic library, the DDNS_HostName:Port will be mapped to PublicIP:Port so that you can access from Internet the local WebServer running locally on your board.

Just run the example and access Local WebServer from Internet via PublicIP:Port or DDNS_HostName:Port

Read more about the SSDP attack in SSDP-DDoS-Attack.

For network administrators, a key mitigation is to block incoming UDP traffic on port 1900 at the firewall.

That’s it.