Management of requests to @IP from RFC 1918 so as not to be emitted on public Internet #34
Assignees
Comments
poussette
changed the title
|
Thanks for reporting this. We need to further investigate how we can interact with the libp2p's libraries in order to silent those requests. Will remain open for now. |
|
Hello, does this problem still occurs? The reason I'm asking this is that we did not find anything to tune from the libp2p libs that we are using. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
I noticed the nodes emit requests to RFC 1918 addresses (10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16). I assume that these are @home nodes with some NAT or local network configuration or with more than one network card with private network, so they are collected and produce requests in the protocol. However, unless they are local to a local testnet, these are unnecessary requests since they are not routed over the public Internet. these tcp requests are all initiated in SYN_SENT from the node but never have a SYN_ACK response then the socket closes just behind. Even if it doesn't necessarily consume a lot of resources Couldn't there be a bit of configuration for nodes (prefs.toml?) so as to choose to use them or not (local testnet vs full public IP mainnet). ?
I have currently set following rules on my firewall so as requests not to be sent unnecessarily on the Internet and be clean with the hosting provider.
To:192.168.0.0/16/tcp DENY IN from:Anywhere
To:10.0.0.0/8/tcp DENY IN from:Anywhere
To:172.16.0.0/12/tcp DENY IN from:Anywhere
Best regards.
Poussette
The text was updated successfully, but these errors were encountered: