Refs:

• https://cs-people.bu.edu/heilman/eclipse/
• Eclipse Attacks on Bitcoin’s Peer-to-Peer Network

A victim node restart is still the most likely way of an eclipse attack occurring (#17326 (comment)).

Suppose that a node periodically dumps the current outbound connection list to the disk (a very small file) and retrieve it after shutdown/crash and restart, and tries to re-connect to the listed peers. It could mitigate eclipse attack.

UPDATE 2019-11-07 13:30 UTC
There is an eclipse attack scenario when an attacker exploits a victim node restart to force it to connect to new, probably adversarial, peers.

Trying to re-connect to the before-restart dedicated block-relay-only (#15759) outbound peers mitigates such type of attack.

This proposition does not:

• prevent all types of eclipse attack
• completely eliminate the type of eclipse attack described above, as re-connection could fail
• make block-relay-only connections persistent as any of them could be dropped by a peer