aboutsummaryrefslogtreecommitdiffstats
path: root/p2p/discover/udp.go
Commit message (Collapse)AuthorAgeFilesLines
* p2p/discover: s/lastPong/bondTime/, update TestUDP_findnodeFelix Lange2018-02-171-1/+1
| | | | | | | I forgot to change the check in udp.go when I changed Table.bond to be based on lastPong instead of node presence in db. Rename lastPong to bondTime and add hasBond so it's clearer what this DB key is used for now.
* p2p/discover: validate bond against lastpong, not db presencePéter Szilágyi2018-02-161-1/+1
|
* p2p, p2p/discover: misc connectivity improvements (#16069)Felix Lange2018-02-121-27/+59
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * p2p: add DialRatio for configuration of inbound vs. dialed connections * p2p: add connection flags to PeerInfo * p2p/netutil: add SameNet, DistinctNetSet * p2p/discover: improve revalidation and seeding This changes node revalidation to be periodic instead of on-demand. This should prevent issues where dead nodes get stuck in closer buckets because no other node will ever come along to replace them. Every 5 seconds (on average), the last node in a random bucket is checked and moved to the front of the bucket if it is still responding. If revalidation fails, the last node is replaced by an entry of the 'replacement list' containing recently-seen nodes. Most close buckets are removed because it's very unlikely we'll ever encounter a node that would fall into any of those buckets. Table seeding is also improved: we now require a few minutes of table membership before considering a node as a potential seed node. This should make it less likely to store short-lived nodes as potential seeds. * p2p/discover: fix nits in UDP transport We would skip sending neighbors replies if there were fewer than maxNeighbors results and CheckRelayIP returned an error for the last one. While here, also resolve a TODO about pong reply tokens.
* p2p, p2p/discover, p2p/discv5: implement UDP port sharing (#15200)Felföldi Zsolt2018-01-221-24/+20
| | | | | | | | | | | | | | | This commit affects p2p/discv5 "topic discovery" by running it on the same UDP port where the old discovery works. This is realized by giving an "unhandled" packet channel to the old v4 discovery packet handler where all invalid packets are sent. These packets are then processed by v5. v5 packets are always invalid when interpreted by v4 and vice versa. This is ensured by adding one to the first byte of the packet hash in v5 packets. DiscoveryV5Bootnodes is also changed to point to new bootnodes that are implementing the changed packet format with modified hash. Existing and new v5 bootnodes are both running on different ports ATM.
* discover: Changed Logging from Debug to Info (#14485)Ali Hajimirza2017-05-201-1/+1
|
* p2p, p2p/discover, p2p/nat: rework logging using context keysFelix Lange2017-02-281-21/+25
|
* all: blidly swap out glog to our log15, logs need reworkPéter Szilágyi2017-02-231-12/+11
|
* p2p: remove trailing newlines from log messagesPéter Szilágyi2017-02-231-3/+3
|
* p2p, p2p/discover, p2p/discv5: add IP network restriction featureFelix Lange2016-11-231-10/+15
| | | | | | The p2p packages can now be configured to restrict all communication to a certain subset of IP networks. This feature is meant to be used for private networks.
* p2p/discover, p2p/discv5: prevent relay of invalid IPs and low portsFelix Lange2016-11-231-4/+16
| | | | | | | | | | | | | | | | | | | | | The discovery DHT contains a number of hosts with LAN and loopback IPs. These get relayed because some implementations do not perform any checks on the IP. go-ethereum already prevented relay in most cases because it verifies that the host actually exists before adding it to the local table. But this verification causes other issues. We have received several reports where people's VPSs got shut down by hosting providers because sending packets to random LAN hosts is indistinguishable from a slow port scan. The new check prevents sending random packets to LAN by discarding LAN IPs sent by Internet hosts (and loopback IPs from LAN and Internet hosts). The new check also blacklists almost all currently registered special-purpose networks assigned by IANA to avoid inciting random responses from services in the LAN. As another precaution against abuse of the DHT, ports below 1024 are now considered invalid.
* p2p/discover, p2p/discv5: use netutil.IsTemporaryErrorFelix Lange2016-11-231-8/+1
|
* Merge pull request #2242 from jimenezrick/upstream-cryptoJeffrey Wilcke2016-02-241-5/+5
|\ | | | | Closes #2241: Use Keccak-256 from golang.org/x/crypto/sha3 and mention explicitly
| * all: Rename crypto.Sha3{,Hash}() to crypto.Keccak256{,Hash}()Ricardo Catalinas Jiménez2016-02-221-5/+5
| | | | | | | | As we aren't really using the standarized SHA-3
* | p2p/discover: emphasize warning, add 10 min cooldownPéter Szilágyi2016-02-241-16/+9
| |
* | psp/discovery: NTP sanity check clock drift in case of expirationsPéter Szilágyi2016-02-241-4/+29
|/
* p2p/discover: EIP-8 changesFelix Lange2016-02-191-1/+10
|
* p2p/discover: fix Windows-specific issue for larger-than-buffer packetsFelix Lange2016-01-231-3/+6
| | | | | | | | | | On Windows, UDPConn.ReadFrom returns an error for packets larger than the receive buffer. The error is not marked temporary, causing our loop to exit when the first oversized packet arrived. The fix is to treat this particular error as temporary. Fixes: #1579, #2087 Updates: #2082
* p2p, p2p/discover: track bootstrap state in p2p/discoverFelix Lange2015-12-181-7/+5
| | | | | | This change simplifies the dial scheduling logic because it no longer needs to track whether the discovery table has been bootstrapped.
* p2p/discover: support incomplete node URLs, add ResolveFelix Lange2015-12-181-1/+1
|
* node: customizable protocol and service stacksPéter Szilágyi2015-11-271-4/+12
|
* p2p/discover: ignore packet version numbersFelix Lange2015-09-301-4/+0
| | | | The strict matching can get in the way of protocol upgrades.
* p2p/discover: fix race involving the seed node iteratorFelix Lange2015-09-301-7/+0
| | | | | | | | | | | | | | | | | | | nodeDB.querySeeds was not safe for concurrent use but could be called concurrenty on multiple goroutines in the following case: - the table was empty - a timed refresh started - a lookup was started and initiated refresh These conditions are unlikely to coincide during normal use, but are much more likely to occur all at once when the user's machine just woke from sleep. The root cause of the issue is that querySeeds reused the same leveldb iterator until it was exhausted. This commit moves the refresh scheduling logic into its own goroutine (so only one refresh is ever active) and changes querySeeds to not use a persistent iterator. The seed node selection is now more random and ignores nodes that have not been contacted in the last 5 days.
* Merge pull request #1694 from obscuren/hide-fdtrackJeffrey Wilcke2015-08-201-3/+0
|\ | | | | fdtrack: hide message
| * Revert "fdtrack: temporary hack for tracking file descriptor usage"Jeffrey Wilcke2015-08-201-3/+0
| | | | | | | | This reverts commit 5c949d3b3ba81ea0563575b19a7b148aeac4bf61.
* | p2p/discover: continue reading after temporary errorsFelix Lange2015-08-191-1/+11
|/ | | | Might solve #1579
* p2p/discover: fix UDP reply packet timeout handlingFelix Lange2015-08-111-31/+47
| | | | | | | | | | | | If the timeout fired (even just nanoseconds) before the deadline of the next pending reply, the timer was not rescheduled. The timer would've been rescheduled anyway once the next packet was sent, but there were cases where no next packet could ever be sent due to the locking issue fixed in the previous commit. As timing-related bugs go, this issue had been present for a long time and I could never reproduce it. The test added in this commit did reproduce the issue on about one out of 15 runs.
* fdtrack: temporary hack for tracking file descriptor usageFelix Lange2015-08-041-0/+3
| | | | | Package fdtrack logs statistics about open file descriptors. This should help identify the source of #1549.
* all: fix license headers one more timeFelix Lange2015-07-241-1/+1
| | | | I forgot to update one instance of "go-ethereum" in commit 3f047be5a.
* all: update license headers to distiguish GPL/LGPLFelix Lange2015-07-231-4/+4
| | | | | All code outside of cmd/ is licensed as LGPL. The headers now reflect this by calling the whole work "the go-ethereum library".
* all: update license informationFelix Lange2015-07-071-0/+16
|
* p2p/discover: fix out-of-bounds slicing for chunked neighbors packetsFelix Lange2015-05-141-14/+36
| | | | | The code assumed that Table.closest always returns at least 13 nodes. This is not true for small tables (e.g. during bootstrap).
* Manual send of multiple neighbours packets. Test receiving multiple ↵subtly2015-05-141-1/+7
| | | | neighbours packets.
* UDP Interop. Limit datagrams to 1280bytes.subtly2015-05-141-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | We don't have a UDP which specifies any messages that will be 4KB. Aside from being implemented for months and a necessity for encryption and piggy-backing packets, 1280bytes is ideal, and, means this TODO can be completed! Why 1280 bytes? * It's less than the default MTU for most WAN/LAN networks. That means fewer fragmented datagrams (esp on well-connected networks). * Fragmented datagrams and dropped packets suck and add latency while OS waits for a dropped fragment to never arrive (blocking readLoop()) * Most of our packets are < 1280 bytes. * 1280 bytes is minimum datagram size and MTU for IPv6 -- on IPv6, a datagram < 1280bytes will *never* be fragmented. UDP datagrams are dropped. A lot! And fragmented datagrams are worse. If a datagram has a 30% chance of being dropped, then a fragmented datagram has a 60% chance of being dropped. More importantly, we have signed packets and can't do anything with a packet unless we receive the entire datagram because the signature can't be verified. The same is true when we have encrypted packets. So the solution here to picking an ideal buffer size for receiving datagrams is a number under 1400bytes. And the lower-bound value for IPv6 of 1280 bytes make's it a non-decision. On IPv4 most ISPs and 3g/4g/let networks have an MTU just over 1400 -- and *never* over 1500. Never -- that means packets over 1500 (in reality: ~1450) bytes are fragmented. And probably dropped a lot. Just to prove the point, here are pings sending non-fragmented packets over wifi/ISP, and a second set of pings via cell-phone tethering. It's important to note that, if *any* router between my system and the EC2 node has a lower MTU, the message would not go through: On wifi w/normal ISP: localhost:Debug $ ping -D -s 1450 52.6.250.242 PING 52.6.250.242 (52.6.250.242): 1450 data bytes 1458 bytes from 52.6.250.242: icmp_seq=0 ttl=42 time=104.831 ms 1458 bytes from 52.6.250.242: icmp_seq=1 ttl=42 time=119.004 ms ^C --- 52.6.250.242 ping statistics --- 2 packets transmitted, 2 packets received, 0.0% packet loss round-trip min/avg/max/stddev = 104.831/111.918/119.004/7.087 ms localhost:Debug $ ping -D -s 1480 52.6.250.242 PING 52.6.250.242 (52.6.250.242): 1480 data bytes ping: sendto: Message too long ping: sendto: Message too long Request timeout for icmp_seq 0 ping: sendto: Message too long Request timeout for icmp_seq 1 Tethering to O2: localhost:Debug $ ping -D -s 1480 52.6.250.242 PING 52.6.250.242 (52.6.250.242): 1480 data bytes ping: sendto: Message too long ping: sendto: Message too long Request timeout for icmp_seq 0 ^C --- 52.6.250.242 ping statistics --- 2 packets transmitted, 0 packets received, 100.0% packet loss localhost:Debug $ ping -D -s 1450 52.6.250.242 PING 52.6.250.242 (52.6.250.242): 1450 data bytes 1458 bytes from 52.6.250.242: icmp_seq=0 ttl=42 time=107.844 ms 1458 bytes from 52.6.250.242: icmp_seq=1 ttl=42 time=105.127 ms 1458 bytes from 52.6.250.242: icmp_seq=2 ttl=42 time=120.483 ms 1458 bytes from 52.6.250.242: icmp_seq=3 ttl=42 time=102.136 ms
* p2p/discover: bump packet timeouts to 500msFelix Lange2015-05-071-2/+2
|
* p2p/discover: new distance metric based on sha3(id)Felix Lange2015-05-061-4/+4
| | | | | | | The previous metric was pubkey1^pubkey2, as specified in the Kademlia paper. We missed that EC public keys are not uniformly distributed. Using the hash of the public keys addresses that. It also makes it a bit harder to generate node IDs that are close to a particular node.
* p2p/discover: track sha3(ID) in NodeFelix Lange2015-04-301-6/+26
|
* p2p, p2p/discover: protocol version 4Felix Lange2015-04-301-1/+1
|
* p2p/discover: new endpoint formatFelix Lange2015-04-301-26/+52
| | | | | | This commit changes the discovery protocol to use the new "v4" endpoint format, which allows for separate UDP and TCP ports and makes it possible to discover the UDP address after NAT.
* cmd/bootnode, eth, p2p, p2p/discover: use a fancier db designPéter Szilágyi2015-04-241-5/+5
|
* cmd/bootnode, eth, p2p, p2p/discover: clean up the seeder and mesh into eth.Péter Szilágyi2015-04-241-5/+5
|
* cmd, eth, p2p, p2p/discover: init and clean up the seed cachePéter Szilágyi2015-04-241-4/+4
|
* p2p/discover: use rlp.DecodeBytesFelix Lange2015-04-171-1/+1
|
* p2p/discover: improve timer handling for reply timeoutsFelix Lange2015-04-141-2/+3
|
* p2p/discover: don't log packet contentFelix Lange2015-04-101-3/+4
|
* p2p/discover: make packet processing less concurrentFelix Lange2015-04-101-6/+4
|
* Updated loggingobscuren2015-04-071-10/+9
|
* p2p/discover: implement node bondingFelix Lange2015-04-011-84/+130
| | | | | | | | | | | | | | | | This a fix for an attack vector where the discovery protocol could be used to amplify traffic in a DDOS attack. A malicious actor would send a findnode request with the IP address and UDP port of the target as the source address. The recipient of the findnode packet would then send a neighbors packet (which is 16x the size of findnode) to the victim. Our solution is to require a 'bond' with the sender of findnode. If no bond exists, the findnode packet is not processed. A bond between nodes α and β is created when α replies to a ping from β. This (initial) version of the bonding implementation might still be vulnerable against replay attacks during the expiration time window. We will add stricter source address validation later.
* p2p/discover: add version number to ping packetFelix Lange2015-04-011-0/+8
| | | | | | The primary motivation for doing this right now is that old PoC 8 nodes and newer PoC 9 nodes keep discovering each other, causing handshake failures.
* p2p/discover: fix pending replies iterationFelix Lange2015-02-171-1/+2
| | | | | | Range expressions capture the length of the slice once before the first iteration. A range expression cannot be used here since the loop modifies the slice variable (including length changes).
* p2p/discover: fix race in ListenUDPFelix Lange2015-02-131-24/+17
| | | | | udp.Table was assigned after the readLoop started, so packets could arrive and be processed before the Table was there.
* p2p/discover: map listening port using configured mechanismFelix Lange2015-02-131-6/+17
|
* p2p/discover: code review fixesFelix Lange2015-02-131-2/+2
|
* p2p/discover: deflake UDP testsFelix Lange2015-02-091-3/+2
|
* p2p/discover: add node URL functions, distinguish TCP/UDP portsFelix Lange2015-02-071-13/+19
| | | | | The discovery RPC protocol does not yet distinguish TCP and UDP ports. But it can't hurt to do so in our internal model.
* p2p/discover: add some helper functionsFelix Lange2015-02-061-2/+2
|
* p2p/discover: new package implementing the Node Discovery ProtocolFelix Lange2015-02-061-0/+422