include DDoS mitigation scheme in network specification

[ghost]

DDoSing lightning network node is very critical attack and mitigation method is needed. For example, node discovery should not rely on ip address, and nodes should be able to relay packets behaving as proxy for other nodes.

[rustyrussell]

This is a fundamental issue with running a public node, whether it's a bitcoin node or a lightning node. Proxying creates the same DDoS issues, just internal to the lightning network.

One thing we can do is to add an optional message supplying confirmed peers with alternate address(es) to connect to. This allows a site to have a different address for peers who share channels.

[t-bast]

We should be addressing DDoS concern on a per-feature basis: the spec already contains recommendations to protect against DoS in some specific cases, but we can't have a catch-all that perfectly covers all DDoS concerns.