filters out inactive nodes from push options #12674
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
behzadnouri
force-pushed
the
filter-out-dead
branch
3 times, most recently
from
20cbc6a
to
14f192a
Compare
solana-labs#12620 patched the DDOS issue with nodes which go offline: solana-labs#12409 However, offline nodes still see (much lesser) traffic spike, likely because no origins are pruned from their bloom filter in active set: https://github.com/solana-labs/solana/blob/aaf3790d8/core/src/crds_gossip_push.rs#L276-L286 and so multiple nodes push redundant duplicate messages to them simultaneously: https://github.com/solana-labs/solana/blob/aaf3790d8/core/src/crds_gossip_push.rs#L254-L255 This commit will filter out inactive peers from potential push targets entirely. To mitigate eclipse attacks, staked nodes are retried periodically.
behzadnouri
force-pushed
the
filter-out-dead
branch
from
14f192a
to
ed5fa50
Compare
Codecov Report
@@ Coverage Diff @@
## master #12674 +/- ##
=========================================
- Coverage 82.0% 81.9% -0.1%
=========================================
Files 359 359
Lines 83989 84003 +14
=========================================
- Hits 68881 68870 -11
- Misses 15108 15133 +25 |
carllin
approved these changes
Oct 6, 2020
mergify bot
pushed a commit
that referenced
this pull request
Oct 14, 2020
* filters out inactive nodes from push options #12620 patched the DDOS issue with nodes which go offline: #12409 However, offline nodes still see (much lesser) traffic spike, likely because no origins are pruned from their bloom filter in active set: https://github.com/solana-labs/solana/blob/aaf3790d8/core/src/crds_gossip_push.rs#L276-L286 and so multiple nodes push redundant duplicate messages to them simultaneously: https://github.com/solana-labs/solana/blob/aaf3790d8/core/src/crds_gossip_push.rs#L254-L255 This commit will filter out inactive peers from potential push targets entirely. To mitigate eclipse attacks, staked nodes are retried periodically. * uses current timestamp in test/crds_gossip (cherry picked from commit a5c6a78)
mergify bot
pushed a commit
that referenced
this pull request
Oct 20, 2020
* filters out inactive nodes from push options #12620 patched the DDOS issue with nodes which go offline: #12409 However, offline nodes still see (much lesser) traffic spike, likely because no origins are pruned from their bloom filter in active set: https://github.com/solana-labs/solana/blob/aaf3790d8/core/src/crds_gossip_push.rs#L276-L286 and so multiple nodes push redundant duplicate messages to them simultaneously: https://github.com/solana-labs/solana/blob/aaf3790d8/core/src/crds_gossip_push.rs#L254-L255 This commit will filter out inactive peers from potential push targets entirely. To mitigate eclipse attacks, staked nodes are retried periodically. * uses current timestamp in test/crds_gossip (cherry picked from commit a5c6a78)
mergify bot
added a commit
that referenced
this pull request
Oct 20, 2020
* filters out inactive nodes from push options #12620 patched the DDOS issue with nodes which go offline: #12409 However, offline nodes still see (much lesser) traffic spike, likely because no origins are pruned from their bloom filter in active set: https://github.com/solana-labs/solana/blob/aaf3790d8/core/src/crds_gossip_push.rs#L276-L286 and so multiple nodes push redundant duplicate messages to them simultaneously: https://github.com/solana-labs/solana/blob/aaf3790d8/core/src/crds_gossip_push.rs#L254-L255 This commit will filter out inactive peers from potential push targets entirely. To mitigate eclipse attacks, staked nodes are retried periodically. * uses current timestamp in test/crds_gossip (cherry picked from commit a5c6a78) Co-authored-by: behzad nouri <behzadnouri@gmail.com>
behzadnouri
added a commit
to behzadnouri/solana
that referenced
this pull request
Nov 11, 2020
Inactive nodes are still observing incoming gossip traffic: https://discord.com/channels/428295358100013066/670512312339398668/776140351291260968 likely because of pull-requests. Previous related issues and commits: solana-labs#12409 solana-labs#12620 solana-labs#12674 This commit implements same logic as solana-labs#12674 to exclude inactive nodes from pull options, with the same periodic retry logic for offline staked nodes in order to mitigate eclipse attack.
behzadnouri
added a commit
to behzadnouri/solana
that referenced
this pull request
Nov 11, 2020
Inactive nodes are still observing incoming gossip traffic: https://discord.com/channels/428295358100013066/670512312339398668/776140351291260968 likely because of pull-requests. Previous related issues and commits: solana-labs#12409 solana-labs#12620 solana-labs#12674 This commit implements same logic as solana-labs#12674 to exclude inactive nodes from pull options, with the same periodic retry logic for offline staked nodes in order to mitigate eclipse attack.
behzadnouri
added a commit
that referenced
this pull request
Nov 12, 2020
Inactive nodes are still observing incoming gossip traffic: https://discord.com/channels/428295358100013066/670512312339398668/776140351291260968 likely because of pull-requests. Previous related issues and commits: #12409 #12620 #12674 This commit implements same logic as #12674 to exclude inactive nodes from pull options, with the same periodic retry logic for offline staked nodes in order to mitigate eclipse attack.
mergify bot
pushed a commit
that referenced
this pull request
Nov 12, 2020
Inactive nodes are still observing incoming gossip traffic: https://discord.com/channels/428295358100013066/670512312339398668/776140351291260968 likely because of pull-requests. Previous related issues and commits: #12409 #12620 #12674 This commit implements same logic as #12674 to exclude inactive nodes from pull options, with the same periodic retry logic for offline staked nodes in order to mitigate eclipse attack. (cherry picked from commit 4e4e12b)
behzadnouri
added a commit
that referenced
this pull request
Nov 12, 2020
Inactive nodes are still observing incoming gossip traffic: https://discord.com/channels/428295358100013066/670512312339398668/776140351291260968 likely because of pull-requests. Previous related issues and commits: #12409 #12620 #12674 This commit implements same logic as #12674 to exclude inactive nodes from pull options, with the same periodic retry logic for offline staked nodes in order to mitigate eclipse attack. (cherry picked from commit 4e4e12b)
mergify bot
added a commit
that referenced
this pull request
Nov 12, 2020
Inactive nodes are still observing incoming gossip traffic: https://discord.com/channels/428295358100013066/670512312339398668/776140351291260968 likely because of pull-requests. Previous related issues and commits: #12409 #12620 #12674 This commit implements same logic as #12674 to exclude inactive nodes from pull options, with the same periodic retry logic for offline staked nodes in order to mitigate eclipse attack. (cherry picked from commit 4e4e12b) Co-authored-by: behzad nouri <behzadnouri@gmail.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Problem
#12620
patched the DDOS issue with nodes which go offline:
#12409
However, offline nodes still see (much lesser) traffic spike, likely
because no origins are pruned from their bloom filter in active set:
https://github.com/solana-labs/solana/blob/aaf3790d8/core/src/crds_gossip_push.rs#L276-L286
and so multiple nodes push redundant duplicate messages to them
simultaneously:
https://github.com/solana-labs/solana/blob/aaf3790d8/core/src/crds_gossip_push.rs#L254-L255
Summary of Changes
This commit will filter out inactive peers from potential push targets
entirely. To mitigate eclipse attacks, staked nodes are retried
periodically.