-
Notifications
You must be signed in to change notification settings - Fork 1.4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat(net): disconnect from malicious nodes if necessary #5899
Changes from 21 commits
7dbe7c6
53dab13
1b6ca45
9e2b144
1b198f8
5a41c62
4af6102
d7d5aff
d7c0fef
75f405d
22c54ed
7207537
2642b9f
edf6934
81b4289
6c87144
f2a1732
406c5c2
c5c3add
90af8ef
828077b
a57de7a
7836f4c
24bcaa6
5bf9ea3
15b3abc
369cd92
3662502
3a85f98
eafda50
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,33 @@ | ||
package org.tron.common.parameter; | ||
|
||
import lombok.Getter; | ||
import lombok.Setter; | ||
import lombok.extern.slf4j.Slf4j; | ||
|
||
@Slf4j(topic = "net") | ||
public class ResilienceConfig { | ||
@Getter | ||
@Setter | ||
private boolean enabled = false; | ||
|
||
@Getter | ||
@Setter | ||
private int checkInterval = 60; | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. This does not need to be defined as a parameter. There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. The specification requires that the value of check interval is configurable. |
||
|
||
@Getter | ||
@Setter | ||
private int peerNotActiveThreshold = 600; | ||
|
||
@Getter | ||
@Setter | ||
private int blockNotChangeThreshold = 300; | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. It is recommended to use There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. They have completely different definition. blockNotChangeThreshold is the config parameter that means if latest block has stay unchanged in blockNotChangeThreshold seconds, we think the node is isolated by peers. |
||
|
||
@Getter | ||
@Setter | ||
private boolean testStopInv = false; | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. This is only a field in a feature. The feature should be configurable. If the feature is not enabled, defining this field is useless. There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. It is used to specify whether we test if the peer is malicious. There is alternative method. Only one of them can be used. It can be configured in config.conf. There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. This is just a field in the rule. What I mean is that you should configure it according to the rules, not the fields in the rules. When you want to enable or disable rules, you can just change the configuration without changing the code. |
||
|
||
@Getter | ||
@Setter | ||
private int disconnectNumber = 1; | ||
|
||
} |
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -1391,6 +1391,7 @@ public void updateDynamicProperties(BlockCapsule block) { | |
(chainBaseManager.getDynamicPropertiesStore().getLatestBlockHeaderNumber() | ||
- chainBaseManager.getDynamicPropertiesStore().getLatestSolidifiedBlockNum() | ||
+ 1)); | ||
chainBaseManager.setLatestSaveBlockTime(System.currentTimeMillis()); | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. This assignment statement should not be placed in this method, right? There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. We verify whether the node is isolated through the latest writing block time to database. If this time stay unchanged over some minutes, it's isolated. Do you have better solution or place? There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. I did not deny the timing of assigning this variable, I just feel that the assignment statement is unreasonable in this method, I think you can put it near where this method is called, what do you think? There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. I can assign it in ResilienceService where it's used, but it's not accurate. Let's try it. |
||
Metrics.gaugeSet(MetricKeys.Gauge.HEADER_HEIGHT, block.getNum()); | ||
Metrics.gaugeSet(MetricKeys.Gauge.HEADER_TIME, block.getTimeStamp()); | ||
} | ||
|
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -22,6 +22,7 @@ | |
import org.tron.core.net.peer.PeerStatusCheck; | ||
import org.tron.core.net.service.adv.AdvService; | ||
import org.tron.core.net.service.effective.EffectiveCheckService; | ||
import org.tron.core.net.service.effective.ResilienceService; | ||
import org.tron.core.net.service.fetchblock.FetchBlockService; | ||
import org.tron.core.net.service.nodepersist.NodePersistService; | ||
import org.tron.core.net.service.relay.RelayService; | ||
|
@@ -73,6 +74,9 @@ public class TronNetService { | |
@Autowired | ||
private EffectiveCheckService effectiveCheckService; | ||
|
||
@Autowired | ||
private ResilienceService resilienceService; | ||
|
||
private volatile boolean init; | ||
|
||
private static void setP2pConfig(P2pConfig config) { | ||
|
@@ -95,6 +99,7 @@ public void start() { | |
PeerManager.init(); | ||
relayService.init(); | ||
effectiveCheckService.init(); | ||
resilienceService.init(); | ||
logger.info("Net service start successfully"); | ||
} catch (Exception e) { | ||
logger.error("Net service start failed", e); | ||
|
@@ -113,6 +118,7 @@ public void close() { | |
peerStatusCheck.close(); | ||
transactionsMsgHandler.close(); | ||
fetchBlockService.close(); | ||
resilienceService.close(); | ||
effectiveCheckService.close(); | ||
p2pService.close(); | ||
relayService.close(); | ||
|
@@ -178,6 +184,7 @@ private P2pConfig updateConfig(P2pConfig config) { | |
config.setPort(parameter.getNodeListenPort()); | ||
config.setNetworkId(parameter.getNodeP2pVersion()); | ||
config.setDisconnectionPolicyEnable(parameter.isOpenFullTcpDisconnect()); | ||
config.setNotActiveInterval(parameter.peerNoBlockTime * 1000L); | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. What does libp2p need this parameter for? There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. The strategy of Random disconnection use this parameter to filter no block peer. If we send or receive some blocks among peerNoBlockTime from this peer, it cannot be disconnect. |
||
config.setNodeDetectEnable(parameter.isNodeDetectEnable()); | ||
config.setDiscoverEnable(parameter.isNodeDiscoveryEnable()); | ||
if (StringUtils.isEmpty(config.getIp()) && hasIpv4Stack(NetUtil.getAllLocalAddress())) { | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Why define this variable? Can it be determined by the header block time?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It cannot be determined by the header block time. The variable is used to determine how long ago I save the last block. Let's suppose that i am far from newest block, the header block time is useless in this scene.