Randomize message processing peer order #22144
Conversation
|
Concept ACK |
1 similar comment
|
Concept ACK |
|
Concept ACK
I am assuming it improves privacy and security. |
|
Concept ACK |
|
The following sections might be updated with supplementary metadata relevant to reviewers and maintainers. ConflictsReviewers, this pull request conflicts with the following ones:
If you consider this pull request important, please also help to review the conflicting pull requests. Ideally, start with the one that should be merged first. |
|
ACK 79c02c8 We shouldn't build any assumptions into net_processing about the order that we serve peers. Shuffling the order on each loop of the message handler is a good way to make that requirement more explicit. I think in the future, we want to move away from a strictly equally-weighted algorithm to service our peers in the message handling thread. If a peer is providing us with lots of useful data, we shouldn't have to call ProcessMessages()/SendMessages() for every peer each time we process a message from the useful peer. Likewise, if a peer is causing us to use a lot of resources, we should be able to throttle back on serving it. That would mean a non-stable ordering of servicing peers, which would again mean that net_processing can't assume a stable ordering. Merging this PR should give us confidence that there aren't any undocumented assumptions about ordering in net_processing and that those future changes are safe. In summary, I think this is a useful change now, and is consistent with the way we should think about the net-net_processing interface. |
|
Concept ACK |
|
ACK 79c02c8 |
|
FWIW, shuffling 1000 pointers takes around 10 microseconds here, if anyone was concerned about the CPU cost (in a microbenchmark). |
There was a problem hiding this comment.
FWIW, shuffling 1000 pointers takes around 10 microseconds here, if anyone was concerned about the CPU cost (in a microbenchmark).
Thanks, I was curious what the impact would be.
I've been running a node with this patch rebased to master (to also continue testing the torv2 removal) since a few minutes after this was opened, as a sanity check, and all seems nominal.
ACK 79c02c8
|
utACK 79c02c8 |
|
Is there a risk this could make things worse? Right now, longer-connected peers can't be "disrupted" (in this context) by later-connected peers, but with a random order, disruption opportunities also open up to later peers where they might not have previously been. |
|
@luke-jr Interruption isn't changed, we always progress from one peer to the next one in |
|
Concept ACK |
|
Code Review ACK 79c02c8 |
|
crACK 79c02c8 |
|
Edited op to remove @ mention. |
|
Should this shuffling also be done in |
Right now, the message handling loop iterates the list of nodes always in the same order: the order they were connected in (see the
vNodesvector). For some parts of the net processing logic, this order matters. Transaction requests are assigned explicitly to peers since #19988, but many other parts of processing work on a "first-served-by-loop-first" basis, such as block downloading. If peers can predict this ordering, it may be exploited to cause delays.As there isn't anything particularly optimal about the current ordering, just make it unpredictable by randomizing.
Reported by Crypt-iQ.