[WIP] p2p: asmap, avoid inbound connections from a specific AS #26938

pull brunoerg wants to merge 4 commits into bitcoin:master from brunoerg:2023-01-avoid-as changing 4 files +32 −0
  1. brunoerg commented at 6:40 PM on January 20, 2023: contributor

    Fixes #26353

    For privacy/security reasons (discussed in #26353 - e.g. malicious nodes on a particular AS), we could avoid connections from particular AS (discussed in #26353). This PR adds a flag -avoidas, which can be specified multiple times, where you pass an ASN you want to avoid inbound connections from.

    e.g.

    ./src/bitcoind --asmap=path/to/file --avoidas=399991
  2. net: add `as_to_avoid` to `CConnman` ef6c22864b
  3. net: add `AvoidPeerByAsn` 27453301f1
  4. init: add `-avoidas` option 2d7a691979
  5. net: disconnect peer if we're avoiding its AS fc7a797305
  6. DrahtBot commented at 6:40 PM on January 20, 2023: contributor

    <!--e57a25ab6845829454e8d69fc972939a-->

    The following sections might be updated with supplementary metadata relevant to reviewers and maintainers.

    <!--021abf342d371248e50ceaed478a90ca-->

    Reviews

    See the guideline for information on the review process. A summary of reviews will appear here.

    <!--174a7506f384e20aa4161008e828411d-->

    Conflicts

    No conflicts as of last run.

  7. brunoerg renamed this:
    [WIP] p2p: asmap, avoiding inbound connections from specific AS
    [WIP] p2p: asmap, avoid inbound connections from particular AS
    on Jan 20, 2023
  8. brunoerg renamed this:
    [WIP] p2p: asmap, avoid inbound connections from particular AS
    [WIP] p2p: asmap, avoid inbound connections from a specific AS
    on Jan 20, 2023
  9. sipa commented at 8:25 PM on January 20, 2023: member

    Would it make sense to instead offer this feature as an extension of the banning functionality (through setban / listbanned RPCs). That way it'd be runtime-configurable, get expiration, and the ability to export/import banlist.json files.

  10. brunoerg commented at 8:41 PM on January 20, 2023: contributor

    Would it make sense to instead offer this feature as an extension of the banning functionality (through setban / listbanned RPCs). That way it'd be runtime-configurable, get expiration, and the ability to export/import banlist.json files.

    I'm testing different approaches and I think makes sense to expand banlist (I think i've a branch with some work about it), gonna change it.

  11. sipa commented at 8:43 PM on January 20, 2023: member

    Apparently I even opened an issue about that once: #19129

  12. brunoerg commented at 9:12 PM on January 20, 2023: contributor

    @sipa, adding it to the ban stuff would not work for only inbound connections I guess. If I set a ban based on AS, maybe all my connections with them would be affected, wouldn't it? This approach is more like to avoid any inbound, but not affecting me to connect to any of them.

  13. sipa commented at 9:13 PM on January 20, 2023: member

    @brunoerg Why would you only want to avoid inbound? And if so, maybe that's generally useful as a feature for banmap?

  14. brunoerg commented at 12:21 PM on January 23, 2023: contributor

    Why would you only want to avoid inbound?

    An example: an attacker is using AWS to create multiple nodes and connect with me, I want to avoid it. However, it doesn't mean all the nodes from there are malicious, even I can have another node hosted there.

  15. sipa commented at 6:03 PM on January 23, 2023: member

    @brunoerg For that I think it suffices to just have an asmap loaded that treats all or most of AWS as the same ASN (which I believe is the case). The inbound connection logic already prioritizes connections from diverse networks (evicting connections from groups with many networks if a new incoming connection appears from a different one).

    Still, it doesn't seem unreasonable to have a way to just ban for just inbound connections, but I feel like that applies equally to other IP ranges, so perhaps it is better to add that as an orthogonal feature to banman?

  16. petertodd commented at 4:49 PM on February 4, 2023: contributor

    I think this feature should be called something like -ban-as rather than -avoidas, as the functionality is similar to IP banning. The word "avoid" doesn't give that connotation and needlessly introduces a new term for users to understand.

  17. luke-jr changes_requested
  18. luke-jr commented at 6:52 PM on June 22, 2023: member

    Also think it would make more sense to broaden this to a ban type. If you want to connect to peers in the AS but not accept inbound connections (which IMO is weird), why wouldn't that possibly also be the case for (eg) a subnet ban?

  19. brunoerg commented at 1:29 PM on September 5, 2023: contributor

    Closing it for now. I agree on moving it to ban, will work on it.

  20. brunoerg closed this on Sep 5, 2023
  21. bitcoin locked this on Sep 4, 2024
Contributors
brunoergDrahtBotsipapetertoddluke-jr
Linked (view graph)
#26353 Asmap: avoid connecting to certain AS
github-metadata-mirror

This is a metadata mirror of the GitHub repository bitcoin/bitcoin. This site is not affiliated with GitHub. Content is generated from a GitHub metadata backup.
generated: 2026-05-02 12:13 UTC
This site is hosted by @0xB10C
More mirrored repositories can be found on mirror.b10c.me