merge bitcoin#22604: address rate-limiting follow-ups

This commit is contained in:
Kittywhiskers Van Gogh 2021-07-31 21:56:59 +02:00
parent 60b3e08ed1
commit 06e909b737
No known key found for this signature in database
GPG Key ID: 30CD0C065E5C4AAD
3 changed files with 21 additions and 22 deletions

View File

@ -181,7 +181,7 @@ static constexpr size_t MAX_ADDR_TO_SEND{1000};
static constexpr double MAX_ADDR_RATE_PER_SECOND{0.1}; static constexpr double MAX_ADDR_RATE_PER_SECOND{0.1};
/** The soft limit of the address processing token bucket (the regular MAX_ADDR_RATE_PER_SECOND /** The soft limit of the address processing token bucket (the regular MAX_ADDR_RATE_PER_SECOND
* based increments won't go above this, but the MAX_ADDR_TO_SEND increment following GETADDR * based increments won't go above this, but the MAX_ADDR_TO_SEND increment following GETADDR
* is exempt from this limit. */ * is exempt from this limit). */
static constexpr size_t MAX_ADDR_PROCESSING_TOKEN_BUCKET{MAX_ADDR_TO_SEND}; static constexpr size_t MAX_ADDR_PROCESSING_TOKEN_BUCKET{MAX_ADDR_TO_SEND};
struct COrphanTx { struct COrphanTx {
@ -302,14 +302,14 @@ struct Peer {
std::atomic_bool m_wants_addrv2{false}; std::atomic_bool m_wants_addrv2{false};
/** Whether this peer has already sent us a getaddr message. */ /** Whether this peer has already sent us a getaddr message. */
bool m_getaddr_recvd{false}; bool m_getaddr_recvd{false};
/** Number of addr messages that can be processed from this peer. Start at 1 to /** Number of addresses that can be processed from this peer. Start at 1 to
* permit self-announcement. */ * permit self-announcement. */
double m_addr_token_bucket{1.0}; double m_addr_token_bucket{1.0};
/** When m_addr_token_bucket was last updated */ /** When m_addr_token_bucket was last updated */
std::chrono::microseconds m_addr_token_timestamp{GetTime<std::chrono::microseconds>()}; std::chrono::microseconds m_addr_token_timestamp{GetTime<std::chrono::microseconds>()};
/** Total number of addresses that were dropped due to rate limiting. */ /** Total number of addresses that were dropped due to rate limiting. */
std::atomic<uint64_t> m_addr_rate_limited{0}; std::atomic<uint64_t> m_addr_rate_limited{0};
/** Total number of addresses that were processed (excludes rate limited ones). */ /** Total number of addresses that were processed (excludes rate-limited ones). */
std::atomic<uint64_t> m_addr_processed{0}; std::atomic<uint64_t> m_addr_processed{0};
/** Set of txids to reconsider once their parent transactions have been accepted **/ /** Set of txids to reconsider once their parent transactions have been accepted **/
@ -3455,11 +3455,12 @@ void PeerManagerImpl::ProcessMessage(
return; return;
// Apply rate limiting. // Apply rate limiting.
if (rate_limited) { if (peer->m_addr_token_bucket < 1.0) {
if (peer->m_addr_token_bucket < 1.0) { if (rate_limited) {
++num_rate_limit; ++num_rate_limit;
continue; continue;
} }
} else {
peer->m_addr_token_bucket -= 1.0; peer->m_addr_token_bucket -= 1.0;
} }
// We only bother storing full nodes, though this may include // We only bother storing full nodes, though this may include
@ -3487,12 +3488,8 @@ void PeerManagerImpl::ProcessMessage(
} }
peer->m_addr_processed += num_proc; peer->m_addr_processed += num_proc;
peer->m_addr_rate_limited += num_rate_limit; peer->m_addr_rate_limited += num_rate_limit;
LogPrint(BCLog::NET, "Received addr: %u addresses (%u processed, %u rate-limited) from peer=%d%s\n", LogPrint(BCLog::NET, "Received addr: %u addresses (%u processed, %u rate-limited) from peer=%d\n",
vAddr.size(), vAddr.size(), num_proc, num_rate_limit, pfrom.GetId());
num_proc,
num_rate_limit,
pfrom.GetId(),
fLogIPs ? ", peeraddr=" + pfrom.addr.ToString() : "");
m_addrman.Add(vAddrOk, pfrom.addr, 2 * 60 * 60); m_addrman.Add(vAddrOk, pfrom.addr, 2 * 60 * 60);
if (vAddr.size() < 1000) peer->m_getaddr_sent = false; if (vAddr.size() < 1000) peer->m_getaddr_sent = false;

View File

@ -146,6 +146,8 @@ static RPCHelpMan getpeerinfo()
{RPCResult::Type::NUM, "n", "The heights of blocks we're currently asking from this peer"}, {RPCResult::Type::NUM, "n", "The heights of blocks we're currently asking from this peer"},
}}, }},
{RPCResult::Type::BOOL, "addr_relay_enabled", "Whether we participate in address relay with this peer"}, {RPCResult::Type::BOOL, "addr_relay_enabled", "Whether we participate in address relay with this peer"},
{RPCResult::Type::NUM, "addr_processed", "The total number of addresses processed, excluding those dropped due to rate limiting"},
{RPCResult::Type::NUM, "addr_rate_limited", "The total number of addresses dropped due to rate limiting"},
{RPCResult::Type::BOOL, "whitelisted", "Whether the peer is whitelisted"}, {RPCResult::Type::BOOL, "whitelisted", "Whether the peer is whitelisted"},
{RPCResult::Type::ARR, "permissions", "Any special permissions that have been granted to this peer", {RPCResult::Type::ARR, "permissions", "Any special permissions that have been granted to this peer",
{ {

View File

@ -306,7 +306,7 @@ class AddrTest(BitcoinTestFramework):
self.nodes[0].disconnect_p2ps() self.nodes[0].disconnect_p2ps()
def send_addrs_and_test_rate_limiting(self, peer, no_relay, new_addrs, total_addrs): def send_addrs_and_test_rate_limiting(self, peer, no_relay, *, new_addrs, total_addrs):
"""Send an addr message and check that the number of addresses processed and rate-limited is as expected""" """Send an addr message and check that the number of addresses processed and rate-limited is as expected"""
peer.send_and_ping(self.setup_rand_addr_msg(new_addrs)) peer.send_and_ping(self.setup_rand_addr_msg(new_addrs))
@ -324,41 +324,41 @@ class AddrTest(BitcoinTestFramework):
assert_equal(addrs_rate_limited, max(0, total_addrs - peer.tokens)) assert_equal(addrs_rate_limited, max(0, total_addrs - peer.tokens))
def rate_limit_tests(self): def rate_limit_tests(self):
self.restart_node(0, []) self.restart_node(0, [])
for contype, no_relay in [("outbound-full-relay", False), ("block-relay-only", True), ("inbound", False)]: for conn_type, no_relay in [("outbound-full-relay", False), ("block-relay-only", True), ("inbound", False)]:
self.log.info(f'Test rate limiting of addr processing for {contype} peers') self.log.info(f'Test rate limiting of addr processing for {conn_type} peers')
if contype == "inbound": if conn_type == "inbound":
peer = self.nodes[0].add_p2p_connection(AddrReceiver()) peer = self.nodes[0].add_p2p_connection(AddrReceiver())
else: else:
peer = self.nodes[0].add_outbound_p2p_connection(AddrReceiver(), p2p_idx=0, connection_type=contype) peer = self.nodes[0].add_outbound_p2p_connection(AddrReceiver(), p2p_idx=0, connection_type=conn_type)
# Send 600 addresses. For all but the block-relay-only peer this should result in addresses being processed. # Send 600 addresses. For all but the block-relay-only peer this should result in addresses being processed.
self.send_addrs_and_test_rate_limiting(peer, no_relay, 600, 600) self.send_addrs_and_test_rate_limiting(peer, no_relay, new_addrs=600, total_addrs=600)
# Send 600 more addresses. For the outbound-full-relay peer (which we send a GETADDR, and thus will # Send 600 more addresses. For the outbound-full-relay peer (which we send a GETADDR, and thus will
# process up to 1001 incoming addresses), this means more addresses will be processed. # process up to 1001 incoming addresses), this means more addresses will be processed.
self.send_addrs_and_test_rate_limiting(peer, no_relay, 600, 1200) self.send_addrs_and_test_rate_limiting(peer, no_relay, new_addrs=600, total_addrs=1200)
# Send 10 more. As we reached the processing limit for all nodes, no more addresses should be procesesd. # Send 10 more. As we reached the processing limit for all nodes, no more addresses should be procesesd.
self.send_addrs_and_test_rate_limiting(peer, no_relay, 10, 1210) self.send_addrs_and_test_rate_limiting(peer, no_relay, new_addrs=10, total_addrs=1210)
# Advance the time by 100 seconds, permitting the processing of 10 more addresses. # Advance the time by 100 seconds, permitting the processing of 10 more addresses.
# Send 200 and verify that 10 are processed. # Send 200 and verify that 10 are processed.
self.bump_mocktime(100) self.bump_mocktime(100)
peer.increment_tokens(10) peer.increment_tokens(10)
self.send_addrs_and_test_rate_limiting(peer, no_relay, 200, 1410) self.send_addrs_and_test_rate_limiting(peer, no_relay, new_addrs=200, total_addrs=1410)
# Advance the time by 1000 seconds, permitting the processing of 100 more addresses. # Advance the time by 1000 seconds, permitting the processing of 100 more addresses.
# Send 200 and verify that 100 are processed. # Send 200 and verify that 100 are processed.
self.bump_mocktime(1000) self.bump_mocktime(1000)
peer.increment_tokens(100) peer.increment_tokens(100)
self.send_addrs_and_test_rate_limiting(peer, no_relay, 200, 1610) self.send_addrs_and_test_rate_limiting(peer, no_relay, new_addrs=200, total_addrs=1610)
self.nodes[0].disconnect_p2ps() self.nodes[0].disconnect_p2ps()
if __name__ == '__main__': if __name__ == '__main__':
AddrTest().main() AddrTest().main()