Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

autonat: document that the observed address may also be dialed #518

Merged
merged 1 commit into from
Feb 24, 2023
Merged

autonat: document that the observed address may also be dialed #518

merged 1 commit into from
Feb 24, 2023

Conversation

marten-seemann
Copy link
Contributor

I don't like that this is the case, but that's what the Go implementation has been doing since forever, and for better or worse, we're stuck with it. The purpose of this PR is to document this behavior.

cc @sukunrt

mxinden
mxinden reviewed Feb 24, 2023
View reviewed changes
Copy link
Member

@mxinden mxinden left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Given that the remote peer replaces the requested addresses with the observed IP anyways, why do you consider the current go-libp2p behavior bad @marten-seemann?

In order to prevent attacks like the one described in RFC 3489, Section
12.1.1 (see excerpt
below), implementations MUST NOT dial any multiaddress unless it is based on the
IP address the requesting node is observed as.

@marten-seemann
Copy link
Contributor Author

Given that the remote peer replaces the requested addresses with the observed IP anyways, why do you consider the current go-libp2p behavior bad @marten-seemann?

In order to prevent attacks like the one described in RFC 3489, Section
12.1.1 (see excerpt
below), implementations MUST NOT dial any multiaddress unless it is based on the
IP address the requesting node is observed as.

It prevents us from using AutoNAT v1 to test the reachability of different addresses. The observed address might be a TCP address, while what I actually want to test if I'm reachable via QUIC.

@mxinden
Copy link
Member

mxinden commented Feb 24, 2023

Makes sense. Thank you @marten-seemann.

@marten-seemann marten-seemann merged commit e764f11 into master Feb 24, 2023
@marten-seemann marten-seemann deleted the autonat-obs-addr-dial branch February 24, 2023 10:35
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mxinden mxinden mxinden approved these changes

@MarcoPolo MarcoPolo Awaiting requested review from MarcoPolo

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@marten-seemann @mxinden