-
Notifications
You must be signed in to change notification settings - Fork 35.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
net: open p2p connections to nodes that listen on non-default ports #23542
Conversation
Concept ACK |
Concept ACK |
38a7cf9
to
a47716a
Compare
|
Concept ACK |
1 similar comment
Concept ACK |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Concept ACK
a47716a
to
cb3887e
Compare
|
cb3887e
to
634f283
Compare
|
tACK |
|
The following sections might be updated with supplementary metadata relevant to reviewers and maintainers. ConflictsReviewers, this pull request conflicts with the following ones:
If you consider this pull request important, please also help to review the conflicting pull requests. Ideally, start with the one that should be merged first. |
Concept ACK |
Concept ACK |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Code review ACK 0671bc5 rebased to master, debug build clean, unit tests green, briefly ran a signet node.
Some non-blocking review thoughts.
src/netbase.h
Outdated
* Determine if a port is "bad" from the perspective of attempting to connect | ||
* to a node on that port. | ||
* See | ||
* https://fetch.spec.whatwg.org/#port-blocking | ||
* https://chromium.googlesource.com/chromium/src.git/+/refs/heads/main/net/base/port_util.cc | ||
* https://hg.mozilla.org/mozilla-central/file/tip/netwerk/base/nsIOService.cpp | ||
* https://github.com/bitcoin/bitcoin/pull/23306#issuecomment-947516736 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Still not sure about few things and comment above was marked as resolved even though few other reviewers have similar confusion about ports:
- What is a BAD port for Bitcoin Core?
- Why browsers (bad ports) are referenced here because Bitcoin Core is not a browser and I was unable to find anything relevant for other P2P networks. Example: i2p
- Make AddrMan support multiple ports per IP #23306 (comment) this doesn't look like a big issue or maybe there is some misunderstanding
- What was the reason to allow p2p connections to nodes that are not using default ports? Why would someone use non-default port? Two reasons that I could think of: Privacy and Security. If someone wants to use a port that looks like other service but is Bitcoin Core, isn't that something we should encourage/allow?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
... comment above was marked as resolved even though ...
Which comment? #23542 (comment) is still open.
- What is a BAD port for Bitcoin Core?
Since this PR, if it gets merged, a bad port (for making automatic outgoing connections to) is one for which IsBadPort()
returns true
.
- Why browsers (bad ports) are referenced here because Bitcoin Core is not a browser ...
- What was the reason to allow p2p connections to nodes that are not using default ports?
From this PR OP: "because connections over clearnet that involve
port 8333 make it easy to detect, analyze, block or divert Bitcoin p2p
traffic before the connection is even established (at TCP SYN time)"
Why would someone use non-default port?
See above, and also the reasons you state below:
Two reasons that I could think of: Privacy and Security. If someone wants to use a port that looks like other service but is Bitcoin Core, isn't that something we should encourage/allow?
Yes. This is what the current PR aims to achieve.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Replied here: #23542 (comment)
0671bc5
to
36bae78
Compare
|
ACK 36bae78 |
a13278a
to
36ee76d
Compare
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
ACK 36ee76d
One possible issue is that DNS seeds return IPs without port information (try e.g. That means that in the unlikely event that suddenly everyone switched to a non-default port after this is merged, the DNS seeds would become dysfunctional. I think that the seeder code wouldn't mark peers with non-default ports as good and return them though, so at least it wouldn't lead to conflicting entries with the standard port being advertised in addr relay. But it seems to me that we shouldn't be too offensive in advertising the use of non-standard ports before a solution for the DNS seeds exists. |
@mzumsande, if a DNS seed (e.g. |
@vasild: This is is not about the port the DNS seed itself listens on. The DNS seeder software has a crawler that connects to listening nodes of the network to check whether they are reachable, and returns a list of IPs (but not ports!) of reachable nodes to help new nodes find peers initially. It can't include results from nodes listening on non-default ports in these responses. |
uff, of course the seeder itself does not run a bitcoin node 🤦, sorry for the confusion (or it could, but that is not relevant) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
tACK 36ee76d
Left some very minor comments but nothing blocking - feel free to ignore.
const uint64_t hash_addr{CServiceHash(0, 0)(addr)}; | ||
const CSipHasher hasher{m_connman.GetDeterministicRandomizer(RANDOMIZER_ID_ADDRESS_RELAY) | ||
.Write(hash_addr) | ||
.Write((GetTime() + hash_addr) / (24 * 60 * 60))}; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Since you're touching this line, maybe now is a good time to phase out the deprecated GetTime()
?
DEPRECATED
Use either GetTimeSeconds (not mockable) or GetTime<T> (mockable)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I really like doing such changes in a separate commit. It looks like that a GetTime()
-> GetTime<T>()
replacement "cannot possibly break anything". My experience is that once in 100 times, something gets affected by such "innocent" changes. And the last thing I want when investigating with e.g. git bisect
is to stumble on one commit that combines a logical change + mechanical "innocent" replacement that requires extra effort to decouple (and revert).
I will append a commit to use GetTime<T>()
if retouching.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I agree. Best as a separate pull (or commit, but it's unrelated to the change here).
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
ACK 36ee76d
Some minor grammar issues from my previous review subsist wrt the doc.
@@ -0,0 +1,114 @@ | |||
When Bitcoin Core automatically opens outgoing P2P connections it chooses |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
When Bitcoin Core automatically opens outgoing P2P connections it chooses | |
When Bitcoin Core automatically opens outgoing P2P connections, it chooses |
@@ -0,0 +1,114 @@ | |||
When Bitcoin Core automatically opens outgoing P2P connections it chooses | |||
a peer (address and port) from its list of potential peers. This list is | |||
populated with unchecked data, gossiped over the P2P network by other peers. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
populated with unchecked data, gossiped over the P2P network by other peers. | |
populated with unchecked data gossiped over the P2P network by other peers. |
(or s/data,/data that is/
or s/data,/data, which is/
)
e.g. port 80 (http). | ||
|
||
Below is a list of "bad" ports which Bitcoin Core avoids when choosing a peer to | ||
connect to. If a node is listening on such a port, it will likely receive less |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
"fewer" for countable quantities
connect to. If a node is listening on such a port, it will likely receive less | |
connect to. If a node is listening on such a port, it will likely receive fewer |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
"fewer" for countable quantities
Tucked these fixups into #24468.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
utACK 36ee76d
light code review, I'm not very familiar with this area of code
For now it seems fine if DNS seeds only return nodes that listen on port 8333. As soon as your node finds a single peer, it will get nodes at other ports. We could later have port.someseed.com return nodes for port, or something like that. This would be relevant for nodes that, during their bootstrapping phase, are not able to connect to anything on port 8333. In that case the first place to start might 80.someseed.com. If blocking 8333 becomes a very common problem (as opposed to just annoying firewalls that only allow port 80 and 443), I would not be surprised if DNS seed domains are blocked by most ISP's too in that dystopia. |
Concept and light code review ACK 36ee76d |
Should there be a release note for this? |
…ated tor/i2p documentation a1db99a init, doc: improve -onlynet help and tor/i2p documentation (Jon Atack) Pull request description: including review feedback from bitcoin/bitcoin#22834 (comment) and bitcoin/bitcoin#24205 (comment) concerning `src/init.cpp`, `doc/tor.md` and `doc/i2p.md` - s/outgoing/automatic outbound/ - s/Incoming/Inbound and manual/ (are not affected by this option.) - s/only through network/only to network/ - s/this option. This option/this option. It/ - s/network types/networks/ and pick up a few nits in `doc/p2p-bad-ports.md` from bitcoin/bitcoin#23542 (review). ACKs for top commit: laanwj: ACK a1db99a w0xlt: ACK a1db99a theStack: ACK a1db99a Tree-SHA512: dd727904b9b3dadb16053e2b0350e6c0814ef68fb0cca7d34880b883123cfe3aa03b15813b40a863f6367d596d17ee4517eab55281cfe35cd00767b8a39593ca
Added release notes to https://github.com/bitcoin-core/bitcoin-devwiki/wiki/23.0-Release-Notes-draft#p2p-and-network-changes, feel free to edit. |
…/i2p documentation a1db99a init, doc: improve -onlynet help and tor/i2p documentation (Jon Atack) Pull request description: including review feedback from bitcoin#22834 (comment) and bitcoin#24205 (comment) concerning `src/init.cpp`, `doc/tor.md` and `doc/i2p.md` - s/outgoing/automatic outbound/ - s/Incoming/Inbound and manual/ (are not affected by this option.) - s/only through network/only to network/ - s/this option. This option/this option. It/ - s/network types/networks/ and pick up a few nits in `doc/p2p-bad-ports.md` from bitcoin#23542 (review). ACKs for top commit: laanwj: ACK a1db99a w0xlt: ACK a1db99a theStack: ACK a1db99a Tree-SHA512: dd727904b9b3dadb16053e2b0350e6c0814ef68fb0cca7d34880b883123cfe3aa03b15813b40a863f6367d596d17ee4517eab55281cfe35cd00767b8a39593ca
This was part of 23.0 and got a release note. Removing "Needs release note". |
Summary: ``` By default, for mainnet, the p2p listening port is 8333. Bitcoin Core has a strong preference for only connecting to nodes that listen on that port. Remove that preference because connections over clearnet that involve port 8333 make it easy to detect, analyze, block or divert Bitcoin p2p traffic before the connection is even established (at TCP SYN time). ``` Backport of [[bitcoin/bitcoin#23542 | core#23542]]. Depends on D12342 and D12343. Test Plan: ninja all check-all Reviewers: #bitcoin_abc, PiRK Reviewed By: #bitcoin_abc, PiRK Subscribers: PiRK Differential Revision: https://reviews.bitcoinabc.org/D12344
By default, for mainnet, the p2p listening port is 8333. Bitcoin Core
has a strong preference for only connecting to nodes that listen on that
port.
Remove that preference because connections over clearnet that involve
port 8333 make it easy to detect, analyze, block or divert Bitcoin p2p
traffic before the connection is even established (at TCP SYN time).
For further justification see the OP of:
#23306