LeeSmet
commented
6 years ago After doing some digging, it turns out that other major p2p products mainly use (a variation of) the kademlia network. This protocol however, mainly specifies to which nodes a connection should be made. In all cases, the actual connection is handles through a combination of: upnp, hole punching, manual port forwarding, ... . While there does not seem to be a reliable method to establish a connection between two arbitrary peers, that does not really matter for these networks. The idea is that the network itself is large enough to guarantee a proper distribution of connections among peers, even if (a large amount of) peers can't connect directly to each other.
Furthermore, applications like Bittorent and ipfs are fundamentally different then rivine: in rivine, the majority of the peers all have the same information (ideally, they all have the same information). However, in bittorent and ipfs, every node has a few distinct pieces of information (usually replicated among a small but still significant subset of all available peers). This means that they can utilize indirect connections: Say that Peer A wants to download a file from Peer B. But neither can initiate a connection to the other. As it turns out, A learned that the file it is after is stored on B, since both are connected to a common Peer C. In order for A to download the file, it is accepted that it uses C as a proxy, B uploads the file to C, and C passes the stream to A. So A and B are effectively connected, even though there is no direct connection between them.
This is not useful for our purposes. We want to achieve consensus, among a group of nodes we don't trust. In the above scenario, there is no trust either, though whether or not the file was altered can be easily verified by the checksums of the file blocks (either because A originally created the file or got the checksums from a register). But in our case there is no such thing as a checksum which we can retrieve upfront. Ideally we want B and C in this scenario to send the same info, yet should the info from B reach us through C, we have no guarantee that said info is authentic, and otherwise not tampered with.
All things considered, upnp alone has proven to be not enough to guarantee a large set of different publicly reachable nodes. There is no readily available solution which works most of the time, so either we will need to implement some alternatives, or we ask people to explicitly enable upnp/manually open the port on their network.
GlenDC
Check how others handle this: torrent, ipfs, ...