-
Notifications
You must be signed in to change notification settings - Fork 493
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
BOLT 1: adds remote address to optional init_tlvs (IP discovery) #917
Conversation
ef65d6a
to
6449b3b
Compare
6449b3b
to
60ac0f7
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I like that better than #911, it's very easy for nodes to start filling this field soon.
60ac0f7
to
ffe7823
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Concept ACK, I'll need to play a bit with a prototype implementation
Is this actually practically an alternative to #911? With the DNS based one, peers are able to easily query for the latest IPs related to a node and update them in their local table. It also makes configuration of a "fleet" of nodes easier, as a dynamic DNS record can be used to point to the latest set of "healthy/active" nodes. With this, AFAIK, it only actually happens on the initial handshake, so a node would continually need to make new connection in order to track a possibly dynamic IP. |
This adds the option to report a remote IP address back to a connecting peer using the init message. A node can decide to use that information to discover a potential update to its public IP address (NAT) and use that for a `node_announcement` update message containg the new address. See lightning/bolts#917
This adds the option to report a remote IP address back to a connecting peer using the `init` message. A node can decide to use that information to discover a potential update to its public IP address (NAT) and use that for a `node_announcement` update message containing the new address. See lightning/bolts#917
9c6e327
to
c209245
Compare
Update: Slightly changed the wording from:
To:
|
Also someone mentioned that this can be useful also for TOR connection, maybe someone can elaborate on that... |
Yea, its possible, but probably mostly not tbh. more of a "user didn't bother configuring things fully but did configure things partially" thing, so maybe not a huge value, but could be useful, I guess - if the user gets an onion address, but doesn't actually tell their lightning node, and then they tell someone else to connect to them, their lightning node may "learn" their onion address". Though this does have some MITM concerns so it may not be the best way to go about it. |
This adds the option to report a remote IP address back to a connecting peer using the `init` message. A node can decide to use that information to discover a potential update to its public IP address (NAT) and use that for a `node_announcement` update message containing the new address. See lightning/bolts#917
Maybe we should change the wording regarding private networks, since this includes more RFCs than just 1918, for example RFC 4862, RFC 5737, ... I added the checks c-lightning used for other purposes, which is: static bool IsRoutable(const struct wireaddr *addr)
{
return IsValid(addr) && !(IsRFC1918(addr) || IsRFC2544(addr) || IsRFC3927(addr) || IsRFC4862(addr) || IsRFC6598(addr) || IsRFC5737(addr) || (IsRFC4193(addr) && !IsTor(addr)) || IsRFC4843(addr) || IsLocal(addr) || IsInternal(addr));
} Maybe change it the other way around.
|
@t-bast What do you think on rewording the usage of private IPs part to i.e. "Only public addresses MUST be used." (see comment above). Or are we fine just mentioning RFC 1918 specifically? |
I'm fine with |
@t-bast I updated our branch ElementsProject/lightning#4864 I have several ideas on how to use that information to forge updated node_announcements. |
This adds the option to report a remote IP address back to a connecting peer using the `init` message. A node can decide to use that information to discover a potential update to its public IP address (NAT) and use that for a `node_announcement` update message containing the new address. See lightning/bolts#917
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
ACK 5e08475
I have tested cross-compatibility between eclair (ACINQ/eclair#1973) and c-lightning (ElementsProject/lightning#4864) so this should be ready to go.
@t-bast |
Can you explain how it could expose internal information? |
Yes I'm fine letting the receiver filter out private addresses. And the way I understand home NATed networks this should not even happen. However, Rusty noted ElementsProject/lightning#4864 (comment) in our PR. I think he has a point here. If a node software implementation sees a connection from a private IP (for whatever wired network setup reasons), he 'SHOULD NOT' disclose this as this information is useless at best, but potential tells an attacker about internal network setup. Not sure if there are routers that do address mapping (not only port mapping like normal NATs do). |
Good point, we don't want to reveal internal network details...it's probably safer then to filter out private addresses on both sides. |
This adds the option to report an remote IP address back to a connecting peer using the `init` message. A node can decide to use that information to discover a potential update to its public IPv4 address (NAT) and use that for a `node_announcement` update message containing the new address. The proposal includes reporting the IPv4 and IPv6 address, however in IPv6 there are likely no NAT issues. TOR is skipped for obvious reasons. Certain approaches to check and use this information are thinkable: - Wait for multiple peers or a certain fraction to report the same new address. - Check some random node known via gossip to also report the new address. - Verify this information by making a test connection to itself.
5e08475
to
efe9d2d
Compare
The only thing I just added: |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
ACK efe9d2d
This adds the option to report a remote IP address back to a connecting peer using the `init` message. A node can decide to use that information to discover a potential update to its public IP address (NAT) and use that for a `node_announcement` update message containing the new address. See lightning/bolts#917
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Concept ACK efe9d2d
@t-bast Using My question: Do we still want to include the (source) port to have this field similar to the address descriptor types of bolt 7? Edit: I would say yes, include (source) port and use address descriptor format for the sake of simplicity |
Yes, I don't think this is an issue. The remote peer knows that this is clearly not their listening port, they're only interested in the IP address part (the port should be unchanged compared to their previous announcement, unless the node operator changed it). It's true that we could in that case drop the port from the tlv, which would completely remove the risk of a mistake...I don't care that much, both options look good to me, so it's your call! |
This option sound safer to avoid confusion for who is reading the spec, so I agree with your point here |
I tend to include the (source) port as it currently is for two reasons:
|
This adds the option to report a remote IP address back to a connecting peer using the `init` message. A node can decide to use that information to discover a potential update to its public IP address (NAT) and use that for a `node_announcement` update message containing the new address. See lightning/bolts#917
This adds the option to report a remote IP address back to a connecting peer using the `init` message. A node can decide to use that information to discover a potential update to its public IP address (NAT) and use that for a `node_announcement` update message containing the new address. See lightning/bolts#917
Hey @t-bast Just a little update on this, as its now out in the wild for cln and acinq. I think I need to change our code to handle |
This is because of our clustering mode (see https://github.com/ACINQ/eclair/releases/tag/v0.5.0 for details). Our node splits the work between front-end nodes that handle connection logic / routing stuff and a back-end node that does channel operations. What you see are the front-end nodes, and there is indeed some load-balancing that's done automatically between them. But any of these IP addresses would work!
Not yet, we just send it for now. We're collecting data about it, and we'll later analyze that data to figure out whether we can use this reliably or not. |
Thanks for the clarification.
Afaik in terms of IP discovery for the peers they can't work. They just tell us something about ACINQ internals ;) |
@t-bast |
Right, I misunderstood your comment, I thought that was already handled by our frontend! It should be, it's a bug on our side then, thanks for the report. |
This is an alternate approach to #911 (BOLT 7: add gossip address descriptor type DNS hostname)
relying less on centralized services (DNS, IP query sites, ...) to solve the issue
of detecting a nodes own public IPv4 behind a NAT.
This adds the option to report an remote IP address back to a connecting
peer using the
init
message. A node can decide to use that informationto discover a potential update to its public IPv4 address (NAT) and use
that for a
node_announcement
update message containg the new address.The proposal includes reporting the IPv4 and IPv6 address,
however in IPv6 there are likely no NAT issues. TOR is skipped for
obvious reasons.
Certain appoaches to check and use this information are thinkable:
same new address.
address by making a test connection just for that purpose.