uPnP seems a distraction from the topic. It's not necessary for networking to network -- my LAN intentionally does not support it at all. It is necessary for certain use cases, of course, but it's not mandatory in a network in the general case.
It's necessary for feature parity with IPv6 (or, equivalently, with the 2000s-era Internet). Even if you don't use uPnP, the amount of complex protocol parsing necessary to support/work around NAT (e.g. SIP is particularly tricky) is a larger attack surface than a full IPv6 stack.
Disagree. Just the XML parsing logic required for uPnP alone is more complex than a basic firewall implementation.