Networking: Add AutoNAT and NAT Traversal #398
Comments
bgins
added
enhancement
|
Related. |
bgins
changed the title
|
Adding some design notes for how the pieces fit together. Our goal is to improve connectivity in Homestar by implementing Homestar supports a few types of connections today:
We would like to extend this to include private to private connections. These connections can be made through relay or directly after hole punching. AutoNATThe first step is to determine whether a node is publicly reachable. If a node is publicly reachable, we can make a direct connection without a relay or NAT traversal. In general, this applies to nodes on the public Internet, but some routers may be configured to pass traffic directly to a private node. If a node cannot be be reached publicly, it is a private node and we need relay or hole punching. Circuit RelayRelay is the easiest and most reliable way to get traffic from one private node to another, but may result in low-bandwith, high-latency connections. DCUtR/Hole punchingWe would like to establish a direct connection between private nodes, traversing NATs where possible. This gives us a faster connection with less load on the relay server. Note that this won't always work out. Trautwein reports a 70-80% success rate for NAT hole punching in libp2p: https://www.youtube.com/watch?v=bzL7Y1wYth8. When we are unable to traverse NATs, we will fall back to circuit relay. Note that hole punching is generally considered unreliable. For example, the Iroh Hole Punching write up mentions their goal as:
The Tailscale NAT Traversal post mentions:
|
# Description This PR makes the following changes: - [x] Add AutoNAT behavior to probe for public listen addresses - [x] Update `external_addresses` with reported public addresses - [x] Add `StatusChangedAutonat` notification - [x] Add `NatStatus` extension trait with `to_tuple` helper - [x] Confirm addresses observed on identify events with an AutoNAT probe - [x] Minor refactoring in settings When the `NatStatus` changes to public, the reported address is added to `external_addresses`. If a previously reported address transitions from public to private or unknown, the address is removed from `external_addresses`. Note that `announce_addresses` are always kept in `external_addresses` and will not be removed by changes to `NatStatus`. ## Link to issue Implements #398 ## Type of change - [x] New feature (non-breaking change that adds functionality) - [x] Refactor (non-breaking change that updates existing functionality) - [x] This change requires a documentation update ## Test plan (required) This PR adds the following tests: - [x] AutoNAT confirms a reachable address - [x] `StatusAutoNat` notification to and from IPLD bytes and JSON tests - [x] Test `NatStatus` `to_tuple` returns expected tuples
Summary
Problem
We filter out private addresses because they are unreachable on the public Internet. This means Homestar behind a NAT or VPN are not reachable.
Impact
Limits where you can run a Homestar node.
Solution
Add AutoNAT behavior to probe for externally reachable addresses: https://libp2p.github.io/rust-libp2p/libp2p/autonat/index.html. If we cannot reach the node, it is behind a NAT.
We still want to connect to nodes that are behind a NAT. We can attempt hole punching using DCUtR or use circuit relay as a fallback when hole punching fails.
Tasks
The text was updated successfully, but these errors were encountered: