IRCaBot 2.1.0
GPLv3 © acetone, 2021-2022
#i2p-dev
/2023/07/19
obscuratus eyedeekay: Re: Banning on Congestion caps in idk/i2p.i2p, I think this is a bad idea. We don't provide a guarantee that everyone one will have the latest RI. Quite the opposite.
obscuratus Banning someone because they don't have our latest RI will be a problem.
dr|z3d obscuratus: I've raised that with eyedeekay, because we're not sure how fresh the router's copy of our RI is.
eyedeekay obscuratus sure that's why it's an MR, we can walk it back if it doesn't help/does hurt
dr|z3d eyedeekay: there are some options. we could publish our RI more frequently, or send our RI to connected routers every x, or if our cap changes, whichever's sooner.
obscuratus If I'm not mistaken, we'll "publish" our RI every time we change it. But most routers won't update the RI until it starts to become old (I think it's an hour).
obscuratus Although it's not directly related to the topic of discussion, we still haven't implemented a solution for insuring that the RI we receive really is from that router.
obscuratus I'm still not 100% understanding how that exploit worked were someone was spoofing other poeples RI, but I'm pretty sure it's still there.
dr|z3d yeah, we need to get on top of RI spoofing
eyedeekay I've got some stuff in a branch, I'll fix it up and push it next week
eyedeekay What do you think about using a minimum threshold, say request a tunnel from a capped router X number of times before a ban for instance?
eyedeekay Currently I have it hardcoded at 10
dr|z3d request from a capped router? capped howso?
eyedeekay As in having the no more tunnels cap
dr|z3d so we're publishing G?
eyedeekay Also I wonder if it would be OK to send an updated RI with the updated caps as a reply to a refused tunnel build
dr|z3d I think that's a good idea. we reject, send new RI, if router keeps requesting thereafter, ban it.
eyedeekay That makes sense to me
obscuratus Does I2PD already know to avoid these routers also?
eyedeekay Hmmm. Tenative yes, but I'll verify their congestion cap handling myself, they should be sending no tunnels to G capped routers and IIRC they're also sending no tunnels to E capped routers
eyedeekay libi2pd/RouterInfo.cpp line 1122 is the check, looks like they avoid the G cap by default
eyedeekay Pretty interesting 19 lines of code actually