Node attempts to connect to local address peers #523
Comments
|
There is a blacklist for addresses. Do we need to add some ranges? |
|
This should only be filtered out under certain circumstances. We would not want multiple nodes on the same subnet to be unable to connect locally. The peer list sent to other nodes not already on the same subnet should not have private range addresses. That should be sufficient to prevent such traffic. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
It has been found that when discovering peers, any node with local address peers will advertise these peers to others. This causes every node to attempt to connect to local address ranges, which can cause issues for certain hosting providers (seen with Hetzner.de so far, "suspicious traffic").
Suggest removing 192.168.0.0/16, 172.22.0.0/12, 10.0.0.0/8 from peer list before it is sent to other nodes. Also suggest preventing attempts to connect to peers on said subnets if the bound ip of the node is not also on such a subnet.
The text was updated successfully, but these errors were encountered: