Add NAT support. (Consensys#270)

* Add  CLI option to disable built-in slashing protection for external signers.

Signed-off-by: Byron Gravenorst <[email protected]>

* Add instructions to connect to mainnet.

Signed-off-by: Byron Gravenorst <[email protected]>

* updating submodule to latest

* Add instructions to connect to mainnet.

Signed-off-by: Byron Gravenorst <[email protected]>

* Fix markdown issue.

Signed-off-by: Byron Gravenorst <[email protected]>

* Add UPnP support.

Signed-off-by: bgravenorst <[email protected]>

* Fix markdown.

Signed-off-by: bgravenorst <[email protected]>

* Address tech review feedback.

Signed-off-by: bgravenorst <[email protected]>

docs/HowTo/Find-and-Connect/Specifying-NAT.md

@@ -0,0 +1,33 @@
+---
+description: Configuring NAT with Teku
+---
+
+# Configuring NAT
+
+Use the [`--p2p-nat-method`](../../Reference/CLI/CLI-Syntax.md#p2p-nat-method) option to specify the
+NAT method. Options are [`NONE`](#none) and [`UPNP`](#upnp).
+
+You cannot change the NAT method while Teku is running. To change the NAT method restart the node
+with the [`--p2p-nat-method`](../../Reference/CLI/CLI-Syntax.md#p2p-nat-method) option.
+
+## UPnP
+
+Specify `UPNP` to quickly allow inbound peer connections without manual router configuration. Use
+UPnP in home or small office environments where a wireless router or modem provides NAT isolation.
+
+UPnP automatically detects if a node is running in a UPnP environment and provides port forwarding.
+UPnP might introduce delays during node startup, especially on networks without a UPnP gateway
+device.
+
+!!! tip
+
+    UPnP support is often disabled by default in networking firmware. If disabled by default, you
+    must explicitly enable UPnP support.
+
+## None
+
+Specify `NONE` to explicitly configure the external IP address and ports advertised using
+[`--p2p-advertised-ip`](../../Reference/CLI/CLI-Syntax.md#p2p-advertised-ip) and
+[`--p2p-advertised-port`](../../Reference/CLI/CLI-Syntax.md#p2p-advertised-port) for the P2P service.
+
+Manually configure your firewall to allow external hosts to create inbound connections to Teku.

docs/Reference/CLI/CLI-Syntax.md

@@ -882,6 +882,42 @@ The default is `true`.
 Specifies the network interface on which the node listens for P2P communication.
 The default is `0.0.0.0` (all interfaces).
 
+### p2p-nat-method
+
+=== "Syntax"
+
+    ```bash
+    --p2p-nat-method=<STRING>
+    ```
+
+=== "Command Line"
+
+    ```bash
+    --p2p-nat-method=UPNP
+    ```
+
+=== "Environment Variable"
+
+    ```bash
+    TEKU_P2P_NAT_METHOD=UPNP
+    ```
+
+=== "Configuration File"
+
+    ```bash
+    p2p-nat-method: "UPNP"
+    ```
+
+Specify the method for handling [NAT environments](../../HowTo/Find-and-Connect/Specifying-NAT.md).
+Valid options are `NONE` and `UPNP`.
+
+The default is `NONE`, which disables NAT functionality.
+
+!!! tip
+
+    UPnP support is often disabled by default in networking firmware. If disabled by default,
+    explicitly enable UPnP support.
+
 ### p2p-peer-lower-bound
 
 === "Syntax"
@@ -1053,7 +1089,11 @@ List of comma-separated Ethereum Node Records (ENRs) for P2P discovery bootstrap
     p2p-advertised-port: 1789
     ```
 
-The advertised P2P port. The default is the port specified in [`--p2p-port`](#p2p-port)
+The advertised P2P port. The default is the port specified in [`--p2p-port`](#p2p-port).
+
+The advertised port can differ from the [`--p2p-port`](#p2p-port). For example, you can set the
+advertised port to 9010, and the `--p2p-port` value to 9009, then manually configure the firewall to
+forward external incoming requests on port 9010 to port 9009 on the Teku node.
 
 ### p2p-private-key-file
 

mkdocs.yml

@@ -75,6 +75,7 @@ nav:
         - Prevent slashing offences: HowTo/Prevent-Slashing.md
         - Find and connect to peers:
             - Improve P2P connectivity: HowTo/Find-and-Connect/Improve-Connectivity.md
+            - Specify NAT methods: HowTo/Find-and-Connect/Specifying-NAT.md
         - Voluntary exit: HowTo/Voluntary-Exit.md
         - Troubleshoot:
             - Solve common problems: HowTo/Troubleshoot/Troubleshooting.md