Skip to content

fix: filter stale addresses from provider and peer responses#141

Draft
lidel wants to merge 1 commit intomainfrom
fix/filter-stale-upnp-addrs
Draft

fix: filter stale addresses from provider and peer responses#141
lidel wants to merge 1 commit intomainfrom
fix/filter-stale-upnp-addrs

Conversation

@lidel
Copy link
Member

@lidel lidel commented Mar 7, 2026
edited
Loading

Warning

Parking for now, but we may need this if we see the faulty DHT peers impacting the success/latency of https://inbrowser.link

Not a fan of extra complexity here, but we may not have other choice, as we don't control what people deploy on DHT, nor we control libp2p implementations.

some third-party DHT peers have a bug where they never clean up old addresses they observed for other peers. if a peer behind a consumer NAT gets a new port via UPnP, or the ISP rotates its IP, the old address stays in the DHT forever. over time a peer can end up with dozens of dead addresses in front of the one that actually works, so clients time out before they ever reach it. this mostly hurts direct retrieval from self-hosted peers on consumer networks with dynamic IPs or ports (UPnP, NAT-PMP, and similar).

this PR adds two layers of cleanup:

passive filtering runs inline on every response. when someguy has previously connected to a peer, it remembers which address worked and drops other addresses on the same IP and transport that have a different (stale) port.

active probing (SOMEGUY_CACHED_ADDR_BOOK_STALE_PROBING, on by default) kicks in for first-encounter peers whose address set looks suspicious: multiple ports on the same IP, or more than three IPs in one address family. each unique address is probed with a quick libp2p handshake in the background. records that don't need probing stream through right away; probed results show up at the end. if every probe fails the peer is probably offline and all addresses are returned as-is (fail-open).

also fixes a race in cached_addr_book where concurrent requests could clobber each other's peerCache updates (Peek + Add without a lock).

@lidel
fix: filter stale addresses from provider and peer responses
d313f64 
some third-party DHT peers have a bug where they never clean up old
addresses they observed for other peers. if a peer behind a consumer
NAT gets a new port via UPnP, or the ISP rotates its IP, the old
address stays in the DHT forever. over time a peer can end up with
dozens of dead addresses in front of the one that actually works, so
clients time out before they ever reach it. this mostly hurts direct
retrieval from self-hosted peers on consumer networks with dynamic IPs
or ports (UPnP, NAT-PMP, and similar).

this adds two layers of cleanup:

passive filtering runs inline on every response. when someguy has
previously connected to a peer, it remembers which address worked and
drops other addresses on the same IP and transport that have a
different (stale) port.

active probing (SOMEGUY_CACHED_ADDR_BOOK_STALE_PROBING, on by default)
kicks in for first-encounter peers whose address set looks suspicious:
multiple ports on the same IP, or more than three IPs in one address
family. each unique address is probed with a quick libp2p handshake in
the background. records that don't need probing stream through right
away; probed results show up at the end. if every probe fails the peer
is probably offline and all addresses are returned as-is (fail-open).

also fixes a race in cached_addr_book where concurrent requests could
clobber each other's peerCache updates (Peek + Add without a lock).
@lidel lidel force-pushed the fix/filter-stale-upnp-addrs branch from 026416e to d313f64 Compare March 7, 2026 01:46
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@lidel