Skip to content

[WIP] p2p: asmap, avoid inbound connections from a specific AS #26938

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 4 commits into from
Closed

[WIP] p2p: asmap, avoid inbound connections from a specific AS #26938

wants to merge 4 commits into from

Conversation

brunoerg
Copy link
Contributor

Fixes #26353

For privacy/security reasons (discussed in #26353 - e.g. malicious nodes on a particular AS), we could avoid connections from particular AS (discussed in #26353). This PR adds a flag -avoidas, which can be specified multiple times, where you pass an ASN you want to avoid inbound connections from.

e.g.

./src/bitcoind --asmap=path/to/file --avoidas=399991

@DrahtBot
Copy link
Contributor

DrahtBot commented Jan 20, 2023
edited
Loading

The following sections might be updated with supplementary metadata relevant to reviewers and maintainers.

Reviews

See the guideline for information on the review process.
A summary of reviews will appear here.

Conflicts

No conflicts as of last run.

@brunoerg brunoerg changed the title [WIP] p2p: asmap, avoiding inbound connections from specific AS [WIP] p2p: asmap, avoid inbound connections from particular AS Jan 20, 2023
@brunoerg brunoerg changed the title [WIP] p2p: asmap, avoid inbound connections from particular AS [WIP] p2p: asmap, avoid inbound connections from a specific AS Jan 20, 2023
@sipa
Copy link
Member

sipa commented Jan 20, 2023

Would it make sense to instead offer this feature as an extension of the banning functionality (through setban / listbanned RPCs). That way it'd be runtime-configurable, get expiration, and the ability to export/import banlist.json files.

@brunoerg
Copy link
Contributor Author

brunoerg commented Jan 20, 2023
edited
Loading

Would it make sense to instead offer this feature as an extension of the banning functionality (through setban / listbanned RPCs). That way it'd be runtime-configurable, get expiration, and the ability to export/import banlist.json files.

I'm testing different approaches and I think makes sense to expand banlist (I think i've a branch with some work about it), gonna change it.

@sipa
Copy link
Member

sipa commented Jan 20, 2023

Apparently I even opened an issue about that once: #19129

@brunoerg
Copy link
Contributor Author

@sipa, adding it to the ban stuff would not work for only inbound connections I guess. If I set a ban based on AS, maybe all my connections with them would be affected, wouldn't it? This approach is more like to avoid any inbound, but not affecting me to connect to any of them.

@sipa
Copy link
Member

sipa commented Jan 20, 2023

@brunoerg Why would you only want to avoid inbound? And if so, maybe that's generally useful as a feature for banmap?

@brunoerg
Copy link
Contributor Author

Why would you only want to avoid inbound?

An example: an attacker is using AWS to create multiple nodes and connect with me, I want to avoid it. However, it doesn't mean all the nodes from there are malicious, even I can have another node hosted there.

@sipa
Copy link
Member

sipa commented Jan 23, 2023
edited
Loading

@brunoerg For that I think it suffices to just have an asmap loaded that treats all or most of AWS as the same ASN (which I believe is the case). The inbound connection logic already prioritizes connections from diverse networks (evicting connections from groups with many networks if a new incoming connection appears from a different one).

Still, it doesn't seem unreasonable to have a way to just ban for just inbound connections, but I feel like that applies equally to other IP ranges, so perhaps it is better to add that as an orthogonal feature to banman?

@petertodd
Copy link
Contributor

I think this feature should be called something like -ban-as rather than -avoidas, as the functionality is similar to IP banning. The word "avoid" doesn't give that connotation and needlessly introduces a new term for users to understand.

This was referenced Feb 15, 2023
Draft
Draft
Draft
Draft
@DrahtBot DrahtBot mentioned this pull request Jun 19, 2023
Closed
luke-jr
luke-jr suggested changes Jun 22, 2023
View reviewed changes
Copy link
Member

@luke-jr luke-jr left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Also think it would make more sense to broaden this to a ban type. If you want to connect to peers in the AS but not accept inbound connections (which IMO is weird), why wouldn't that possibly also be the case for (eg) a subnet ban?

This was referenced Aug 2, 2023
Merged
Closed
@brunoerg
Copy link
Contributor Author

brunoerg commented Sep 5, 2023

Closing it for now. I agree on moving it to ban, will work on it.

@brunoerg brunoerg closed this Sep 5, 2023
@bitcoin bitcoin locked and limited conversation to collaborators Sep 4, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers
1 more reviewer

@luke-jr luke-jr luke-jr requested changes

Reviewers whose approvals may not affect merge requirements
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Asmap: avoid connecting to certain AS
5 participants
@brunoerg @DrahtBot @sipa @petertodd @luke-jr