Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: add pending connection limits + bump libp2p to 0.54.1 #2644

Open
wants to merge 20 commits into
base: master
Choose a base branch
from
Open

feat: add pending connection limits + bump libp2p to 0.54.1 #2644

wants to merge 20 commits into from
+601 −384

Conversation

MitchTurner
Copy link
Member

@MitchTurner MitchTurner commented Jan 28, 2025
edited
Loading

Linked Issues/PRs

Replaces: #2150

Even though I've added this parameter, I'm not fully sold that it should be present. The rationale is we only dial a peer if:
a) We are below the desired amount of peers in a gossipsub mesh (which would imply we would be below any potential max_pending_outgoing_connections anyway) and we determined that the peer in question would have a reasonable peer score. So essentially our gossipsub config should handle this scenario.
AND
b) We are relatively certain that peer is reachable i.e. the multiaddr for that peer can be successfully dialled - if that is so, we want to prioritize dialling it.
But I may be missing something about the current p2p setup.

Description

This is apart of the broader initiative outlined in #1968 to improve the DoS resilience

This PR doesn't make the pending connection limits configurable for a reason, it is an easy way for the operator to footgun and mess up the node configuration. We've used some defaults for now, but there should be some analysis done on optimal connection count for latency to propagate messages.

Checklist

  • Breaking changes are clearly marked as such in the PR description and changelog

Before requesting review

  • I have reviewed the code myself

@fuel-cla-bot
Copy link

fuel-cla-bot bot commented Jan 28, 2025

Thanks for the contribution! Before we can merge this, we need @maschad to sign the Fuel Labs Contributor License Agreement.

@MitchTurner MitchTurner self-assigned this Jan 28, 2025
@MitchTurner MitchTurner force-pushed the mc/chore/p2p-upgrades branch from 318d164 to c27d715 Compare January 28, 2025 19:06
@AurelienFT
Copy link
Contributor

@MitchTurner Can we update to libp2p 0.55 directyl it would fix : #2488

@MitchTurner
Copy link
Member Author

@MitchTurner Can we update to libp2p 0.55 directyl it would fix : #2488

@AurelienFT I'd be happy to, but it looks like it requires Rust v1.83. So maybe we wait until we update the Rust version?

@MitchTurner MitchTurner marked this pull request as ready for review February 1, 2025 21:04
rymnc
rymnc reviewed Feb 2, 2025
View reviewed changes
Copy link
Member

@rymnc rymnc left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

will not approve, will allow others to review

netrome
netrome requested changes Feb 2, 2025
View reviewed changes
Copy link
Contributor

@netrome netrome left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks mostly good to me. The only blocking thing I've spotted are some as conversions that could potentially panic.

crates/services/p2p/src/p2p_service.rs Outdated Show resolved Hide resolved
crates/services/p2p/src/p2p_service.rs Outdated Show resolved Hide resolved
crates/services/p2p/src/behavior.rs Show resolved Hide resolved
netrome
netrome previously approved these changes Feb 3, 2025
View reviewed changes
Copy link
Contributor

@netrome netrome left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for updating! 🙏

MitchTurner
MitchTurner commented Feb 3, 2025
View reviewed changes
crates/services/p2p/src/behavior.rs Show resolved Hide resolved
bin/fuel-core/src/cli/run/p2p.rs Show resolved Hide resolved
crates/services/p2p/src/p2p_service.rs Outdated Show resolved Hide resolved
tests/tests/peering.rs Outdated Show resolved Hide resolved
acerone85
acerone85 reviewed Feb 4, 2025
View reviewed changes
bin/fuel-core/src/cli/run/p2p.rs
Comment on lines +325 to +326
max_gossipsub_peers_connected: 100,
max_request_response_peers_connected: 100,
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Some suggestions on these two lines:

  1. should these values be configurable, and also have a hard limit?

e.g. something like

Suggested change
max_gossipsub_peers_connected: 100,
max_request_response_peers_connected: 100,
max_gossipsub_peers_connected: self.max_gossipsub_peers_connected.min(100),
max_request_response_peers_connected: self.max_request_response_peers_connected.min(100),

  1. Maybe best to declare the hardcoded constants as const variables?

  2. You renamed self.max_peers_connected, but not self.max_peers_connected. (Ther argument has --max-peers-connected` as argument name hardcoded in clap_derive, so there should be no risk in renaming this

acerone85
acerone85 reviewed Feb 4, 2025
View reviewed changes
crates/services/p2p/src/sized_hashset.rs
hash::Hash,
};

pub struct SizedHashset<T> {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit: I find BoundedHashSet more clear

acerone85
acerone85 reviewed Feb 4, 2025
View reviewed changes
crates/services/p2p/src/p2p_service.rs
Comment on lines +619 to +625
if !self
.gossipsub_peer_limiter
.insert_new_if_room(propagation_source)
{
return None;
}

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I wonder if this makes the node susceptible to a DoS. It requires only 100 peers to effectively block all GossipSub messages on a target node.

acerone85
acerone85 reviewed Feb 4, 2025
View reviewed changes
crates/services/p2p/src/p2p_service.rs
if !self
.gossipsub_peer_limiter
.insert_new_if_room(propagation_source)
{
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

should there be a warn message that the node has reached the maximum number of peers?

@acerone85
Copy link
Contributor

only one comment re the possibility of DoS, otherwise LGTM

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@rymnc rymnc rymnc left review comments

@acerone85 acerone85 acerone85 left review comments

@netrome netrome netrome left review comments

@xgreenx xgreenx Awaiting requested review from xgreenx xgreenx is a code owner

@Dentosal Dentosal Awaiting requested review from Dentosal Dentosal is a code owner

@rafal-ch rafal-ch Awaiting requested review from rafal-ch rafal-ch is a code owner

@AurelienFT AurelienFT Awaiting requested review from AurelienFT AurelienFT is a code owner

At least 2 approving reviews are required to merge this pull request.

Assignees

@MitchTurner MitchTurner

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Add connection_limits behavior to FuelBehavior
5 participants
@MitchTurner @AurelienFT @acerone85 @netrome @rymnc