Inbound peer eviction method - Closes #3721 #3824

mitsuaki-u · 2019-06-14T13:26:00Z

What was the problem?

In the current implementation, when the maximum number of inbound peers are connected and a new peer attempts to connect to the node, we randomly select and remove an ongoing inbound peer connection.

How did I fix it?

In the new protocol, we use the strategy of protecting a number of peers for several distinct characteristics for increased security.

Netgroups: We calculate a randomized value keyedNetgroup based on IP group for each eviction candidate. We protect 4 peers with the smallest keyedNetgroup values. An attacker cannot predict which netgroups will be protected.

To be started in bucket system milestone

Peer latency: We protect a number of peers with optimal latency. An attacker cannot manipulate this metric without physically moving nodes closer to the target.
Useful work: We protect peers who perform useful work, such as peers who have recently sent blocks and transactions. An attacker cannot manipulate this metric without performing useful work.
Connection time: We protect half of the remaining nodes who have been connected the longest. This precludes attacks that start later.

Review checklist

The PR resolves Introduce specific eviction method for incoming connections #3721
All new code is covered with unit tests
All new code was formatted with Prettier
Linting passes
Tests pass
Commit messages follow the commit guidelines
Documentation has been added/updated

elements/lisk-p2p/src/peer/base.ts

elements/lisk-p2p/src/peer_pool.ts

elements/lisk-p2p/src/p2p.ts

elements/lisk-p2p/src/peer/inbound.ts

elements/lisk-p2p/src/peer/outbound.ts

elements/lisk-p2p/src/peer_pool.ts

Addressed.

elements/lisk-p2p/src/peer/base.ts

elements/lisk-p2p/src/peer/inbound.ts

Addressed.

elements/lisk-p2p/src/p2p.ts

elements/lisk-p2p/src/peer/base.ts

elements/lisk-p2p/src/peer/inbound.ts

elements/lisk-p2p/src/peer_pool.ts

elements/lisk-p2p/test/integration/p2p.ts

…3721_peer_eviction

Addressed.

elements/lisk-p2p/src/peer_pool.ts

elements/lisk-p2p/src/p2p_request.ts

elements/lisk-p2p/src/peer/outbound.ts

Addressed

elements/lisk-p2p/src/p2p.ts

elements/lisk-p2p/test/integration/p2p.ts

Addressed

elements/lisk-p2p/src/p2p.ts

elements/lisk-p2p/src/peer/inbound.ts

Addressed.

mitsuaki-u self-assigned this Jun 14, 2019

mitsuaki-u marked this pull request as ready for review June 19, 2019 14:01

mitsuaki-u force-pushed the 3721_peer_eviction branch from 0a072df to a58631d Compare June 19, 2019 14:02

mitsuaki-u added the 👁️ pending review label Jun 19, 2019

mitsuaki-u requested review from shuse2, jondubois and diego-G June 19, 2019 14:02

mitsuaki-u force-pushed the 3721_peer_eviction branch from a58631d to 5bb51fe Compare June 20, 2019 08:44

mitsujutsu added 4 commits June 20, 2019 10:44

Track inbound peer latency

7b76c28

Protect inbound peers from eviction for latency and connect time

eb35c31

Protect inbound peer for useful work performed

f48f0ab

Add integration test for inbound peer eviction protection

f480399

mitsuaki-u force-pushed the 3721_peer_eviction branch from 5bb51fe to f480399 Compare June 20, 2019 08:45

jondubois previously requested changes Jun 20, 2019

View reviewed changes

Internal pong response time

60da7c6

jondubois previously requested changes Jun 20, 2019

View reviewed changes

elements/lisk-p2p/src/peer/base.ts Outdated Show resolved Hide resolved

elements/lisk-p2p/src/peer/inbound.ts Outdated Show resolved Hide resolved

elements/lisk-p2p/src/peer/inbound.ts Outdated Show resolved Hide resolved

Remove pong event and send event response instead

3ae294b

Reset peer productivity properly

ea9caa4

diego-G suggested changes Jun 21, 2019

View reviewed changes

diego-G previously requested changes Jun 24, 2019

View reviewed changes

elements/lisk-p2p/test/integration/p2p.ts Outdated Show resolved Hide resolved

Randomize ping timeout

6e654c6

jondubois added the elements/P2P label Jun 24, 2019

mitsujutsu added 4 commits June 24, 2019 17:57

Change peer eviction configurations

9bf6d69

P2PRequest takes options object

7847834

Fix p2p type

c8e3890

Merge remote-tracking branch 'origin/feature/implement-lip-p2p' into …

64ddba9

…3721_peer_eviction

shuse2 removed the elements/P2P label Jun 24, 2019

shuse2 previously requested changes Jun 25, 2019

View reviewed changes

mitsujutsu added 2 commits June 25, 2019 11:31

Update integration test

8f05920

Use enum for protection categories

5486b7b

diego-G previously requested changes Jun 25, 2019

View reviewed changes

elements/lisk-p2p/src/p2p.ts Show resolved Hide resolved

elements/lisk-p2p/src/p2p.ts Show resolved Hide resolved

elements/lisk-p2p/test/integration/p2p.ts Show resolved Hide resolved

Add skeleton tests for latency and responseRate

c163c0f

mitsuaki-u mentioned this pull request Jun 25, 2019

Fix cyclomatic complexity in P2P constructor #3859

Closed

jondubois previously requested changes Jun 25, 2019

View reviewed changes

elements/lisk-p2p/src/p2p.ts Outdated Show resolved Hide resolved

elements/lisk-p2p/src/peer/inbound.ts Outdated Show resolved Hide resolved

elements/lisk-p2p/src/peer/inbound.ts Outdated Show resolved Hide resolved

Fix pingStart scope

d65abae

jondubois approved these changes Jun 26, 2019

View reviewed changes

jondubois merged commit f885b17 into feature/implement-lip-p2p Jun 26, 2019

karmacoma added ✅ ready and removed 👁️ pending review labels Jul 4, 2019

shuse2 deleted the 3721_peer_eviction branch July 29, 2019 10:07

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Inbound peer eviction method - Closes #3721 #3824

Inbound peer eviction method - Closes #3721 #3824

mitsuaki-u commented Jun 14, 2019 •

edited

Loading

Inbound peer eviction method - Closes #3721 #3824

Inbound peer eviction method - Closes #3721 #3824

Conversation

mitsuaki-u commented Jun 14, 2019 • edited Loading

What was the problem?

How did I fix it?

Review checklist

mitsuaki-u commented Jun 14, 2019 •

edited

Loading