ipfs / kubo

An IPFS implementation in Go
https://docs.ipfs.tech/how-to/command-line-quick-start/
Other
15.97k stars 2.99k forks source link

User option to advertise relay addresses #4230

Open vyzo opened 6 years ago

vyzo commented 6 years ago

Type: Enhancement

Description:

We currently filter relay addresses by default, with thre rationale that it is an experimental feature. We do want to make it easy for node operators to use however, especially when they know a priori that they are behind an impenetrable NAT.

We should implement a configuration option, Swarm.AdvertiseRelayAddress with default of false, that disables the filtering of relay addresses. When the option is set, the unspecific p2p-circuit address will not be filtered, which will allow peers to automatically attempt dialing through known relays.

Stebalien commented 6 years ago

What are the usecases for advertising unspecified relay addresses? They can be useful for dialing if, e.g., you want to reduce the number of TCP connections you have open. However, when dialing a relay address, doesn't one generally want to dial a relay to which the peer is connected?

vyzo commented 6 years ago

It will try known relays to which there is a connection automatically.

vyzo commented 6 years ago

Per discussion in slack with @lgierth, it seems we already have the functionality in place to do this: The address.announce option, where we can directly add the relay address.

Stebalien commented 6 years ago

It will try known relays to which there is a connection automatically.

Yes but what's the actual use-case here? Why would one do this over advertising/dialing specific addresses? I'm a bit worried this will become a DoS vector.

vyzo commented 6 years ago

Use-case: User is behind impenetrable NAT and wants to have incoming connectivity, so (s)he opts to advertise a relay address.

Note that the address.announce option is more flexible, as it allows us to specify explicit relay addresses.

Stebalien commented 6 years ago

User is behind impenetrable NAT and wants to have incoming connectivity, so (s)he opts to advertise a relay address.

In that case, I assume he'd dial a few relays and then advertise specific relay addresses.

whyrusleeping commented 6 years ago

I think its fine to advertise a general 'catchall' relay address.

Stebalien commented 6 years ago

We've discussed this offline.

Currently, we're not advertising anything. The easiest solution would just be to advertise non-specific relay addresses up-front however, that's not very efficient. Advertising specific relay addresses is strictly better (at least that's what we concluded) however, we'd need to advertise the relays we're connected to as we connect to them.

whyrusleeping commented 6 years ago

This is pretty critical to have for full js-ipfs connectivity.

@diasdavid would just advertising the non-specific relay address work for you?

daviddias commented 6 years ago

In order for js-ipfs in the browser to work, those relay addrs need to be of nodes that are behind DNS and with TLS enabled (wss) OR through a node that speaks WebRTC so that a js node can dial through WebRTC to a TCP go-ipfs node.

fazo96 commented 6 years ago

Has there been any progress on this?

Stebalien commented 6 years ago

No.

daviddias commented 6 years ago

@lgierth this is another item that we will need for the successful migration to the new gateway Infra.