Should a warning be thrown when using -port that nodes are very unlikely to get any incoming connections? #5150

issue ghost openend this issue on October 27, 2014
  1. ghost commented at 10:55 am on October 27, 2014: none

    It’s surprising that using a non-standard listening port will cause peers to actively avoid connecting to you, is it sensible to add this to the help message and the warnings on startup if people have changed the default? I can’t find this behavior mentioned anywhere except for the comments in net.cpp.

    0// do not allow non-default ports, unless after 50 invalid addresses selected already
    1if (addr.GetPort() != Params().GetDefaultPort() && nTries < 50)
    2continue;
    

    https://github.com/bitcoin/bitcoin/blob/master/src/net.cpp#L1369

  2. laanwj added the label P2P on Oct 27, 2014
  3. laanwj commented at 8:42 pm on October 27, 2014: member
    I’m not entirely sure why that discrimination on port number exists in the first place. Is this an anti-Sybil measure?
  4. ghost commented at 10:25 pm on October 27, 2014: none

    I don’t think it’s anti sybil, just above it’s also avoiding connecting to nodes in ranges which it is already connected, wouldn’t that preclude connecting to the same peer twice on different ports?

    The line was added by @sipa in #787, though there’s no explanation of why that limit exists.

  5. gavinandresen commented at 11:05 pm on October 27, 2014: contributor
    Yes, it is an anti-Sybil measure, and has been in the code for as long as I’ve been around.
  6. TheBlueMatt commented at 11:22 pm on October 27, 2014: member
    ACK, we should warn people about this behavior.
  7. sipa commented at 3:59 am on October 28, 2014: member
    No, it’s to prevent spamming addr messages with eg IP:80 to the network, and have the entire Bitcoin network DoS attack that service. The same risk exists for Bitcoin itself of course, but I guess we try to be more polite to others. It’s been there since before addrman (though the mechanism was different then).
  8. ghost commented at 5:28 am on October 28, 2014: none
    That makes sense, thank you Sipa. From a users perspective it’s a little unintuitive, I wouldn’t have expected that behavior at all when setting up a listening Bitcoin daemon.
  9. laanwj commented at 6:33 am on October 28, 2014: member
    OK, looking at this discussion we should warn and add @sipa’s reply as comment why this is here in the first place.
  10. laanwj closed this on Dec 17, 2020

  11. vasild commented at 1:55 pm on June 3, 2021: member

    No, it’s to prevent spamming addr messages with eg IP:80 to the network, and have the entire Bitcoin network DoS attack that service.

    I don’t see how such a DoS could be carried out.

    • Assume 50k nodes.
    • Each node has around 50k addresses in their addrman (everybody knows about mostly everybody else).
    • One of the 50k addresses is victim:80, gossiped by a malicious actor.
    • Lets assume all 50k nodes try to open a new connection to a random address from their addrman (size 50k), how many nodes will attempt to connect to victim:80? One (1/50k chance, multiplied by 50k attempts).
    • How often will this happen? Assuming all nodes keep trying to open new connections all the time, then this will happen once per 0.5s: https://github.com/bitcoin/bitcoin/blob/8837f1ebde0537b0fdfa1353d06ae8e61a259982/src/net.cpp#L1813
    • Is one connection per 0.5s DoS? Probably not.
    • Note that the above assumption of all nodes trying to open new connections all the time is not correct. Once a node has 8 (is configurable) outbound connections, it will stop opening new connections. So the above 0.5s is maybe a few seconds or even higher in practice.

    This can be confirmed by observing a node that is listening on port 8333 and whose address is well propagated (has been online for a long time) and seeing how often it receives incoming connections. I have a long-running node but it is listening on non-default port, so I can’t confirm that myself.

    Did I oversimplify or get something wrong?

  12. MarcoFalke referenced this in commit 22a9018649 on Oct 25, 2021
  13. DrahtBot locked this on Aug 18, 2022

github-metadata-mirror

This is a metadata mirror of the GitHub repository bitcoin/bitcoin. This site is not affiliated with GitHub. Content is generated from a GitHub metadata backup.
generated: 2024-12-22 12:12 UTC

This site is hosted by @0xB10C
More mirrored repositories can be found on mirror.b10c.me