Duplicate peers can prevent the start of a node
marek22k opened this issue · comments
Hello,
after updating from Yggdrasil 4 to Yggdrasil 5 and adjusting the configuration files, two of my Yggdrasil nodes stopped starting because I had double configured a peer.
Maybe it is a bit paranoid thought, however this could be used for a DoS attack:
- A Yggdrasil user or node adds a non-trusted other node via DNS.
- After a time, the untrusted node changes its DNS to a known other node.
- All Yggdrasil nodes that have configured the known other node will not start after a reboot.
The following has been the error output:
Oct 28 22:07:33 p2p-node systemd[1]: Failed to start yggdrasil.service - Yggdrasil Network.
Oct 28 22:07:33 p2p-node systemd[1]: yggdrasil.service: Failed with result 'exit-code'.
Oct 28 22:07:33 p2p-node systemd[1]: yggdrasil.service: Start request repeated too quickly.
Oct 28 22:07:33 p2p-node systemd[1]: Stopped yggdrasil.service - Yggdrasil Network.
Oct 28 22:07:33 p2p-node systemd[1]: yggdrasil.service: Scheduled restart job, restart counter is at 5.
Oct 28 22:07:33 p2p-node systemd[1]: yggdrasil.service: Failed with result 'exit-code'.
Oct 28 22:07:33 p2p-node systemd[1]: yggdrasil.service: Main process exited, code=exited, status=2/INVALIDARGUMENT
Oct 28 22:07:33 p2p-node yggdrasil[17088]: /home/runner/work/yggdrasil-go/yggdrasil-go/cmd/yggdrasil/main.go:208 +0x21b1
Oct 28 22:07:33 p2p-node yggdrasil[17088]: main.main()
Oct 28 22:07:33 p2p-node yggdrasil[17088]: goroutine 1 [running]:
Oct 28 22:07:33 p2p-node yggdrasil[17088]: panic: failed to apply configuration option core.Peer: peer is already configured
Oct 28 22:07:33 p2p-node yggdrasil[17088]: 2023/10/28 22:07:33 Build version: 0.5.1
Oct 28 22:07:33 p2p-node yggdrasil[17088]: 2023/10/28 22:07:33 Build name: yggdrasil
Oct 28 22:07:32 p2p-node systemd[1]: Started yggdrasil.service - Yggdrasil Network.
Oct 28 22:07:32 p2p-node systemd[1]: Starting yggdrasil.service - Yggdrasil Network...
Oct 28 22:07:32 p2p-node systemd[1]: Stopped yggdrasil.service - Yggdrasil Network.
Oct 28 22:07:32 p2p-node systemd[1]: yggdrasil.service: Scheduled restart job, restart counter is at 4.
Oct 28 22:07:32 p2p-node systemd[1]: yggdrasil.service: Failed with result 'exit-code'.
Oct 28 22:07:32 p2p-node systemd[1]: yggdrasil.service: Main process exited, code=exited, status=2/INVALIDARGUMENT
The following has been my peer list:
Peers: [
tcp://94.130.203.208:5999
tls://ygg.mkg20001.io:443
tcp://ygg.mkg20001.io:80
tcp://01.ffm.deu.ygg.yt:80
tls://01.ffm.deu.ygg.yt:443
tcp://130.61.94.233:13338
tcp://phrl42.ydns.eu:8842
tls://vpn.ltha.de:443?key=0000006149970f245e6cec43664bce203f2514b60a153e194f31e2b229a1339d
tcp://195.123.245.146:7743
tcp://[2a05:9403::8b]:7743
tls://ygg.ace.ctrl-c.liu.se:9999?key=5636b3af4738c3998284c4805d91209cab38921159c66a6f359f3f692af1c908
tcp://ygg.ace.ctrl-c.liu.se:9998?key=5636b3af4738c3998284c4805d91209cab38921159c66a6f359f3f692af1c908
tcp://ygg.tomasgl.ru:61933?key=c5e0c28a600c2118e986196a0bbcbda4934d8e9278ceabea48838dc5d8fae576
tls://ygg.tomasgl.ru:61944?key=c5e0c28a600c2118e986196a0bbcbda4934d8e9278ceabea48838dc5d8fae576
tcp://176.215.237.83:8080?sni=irk.peering.flying-squid.host&key=f69da2c11d5fe8bcee7d026a6ed28dc7873db9ecb88c797b29348546e411d934
tls://176.215.237.83:8443?sni=irk.peering.flying-squid.host&key=f69da2c11d5fe8bcee7d026a6ed28dc7873db9ecb88c797b29348546e411d934
tcp://primary.mk16.de:1337?key=0000000087ee9949eeab56bd430ee8f324cad55abf3993ed9b9be63ce693e18a
tls://primary.mk16.de:1338?key=0000000087ee9949eeab56bd430ee8f324cad55abf3993ed9b9be63ce693e18a
tcp://third.mk16.de:1337?key=00000044887a2984ed2765b8aa03221f47bda3ea7f97210563f918e4ca3d3f18
tls://third.mk16.de:1338?key=00000044887a2984ed2765b8aa03221f47bda3ea7f97210563f918e4ca3d3f18
tcp://fourth.mk16.de:1337?key=00000104ee097472631b0a5cfbf6e94feeb45fcf46b229f079e3df534d4452f9
tls://fourth.mk16.de:1338?key=00000104ee097472631b0a5cfbf6e94feeb45fcf46b229f079e3df534d4452f9
tcp://third.mk16.de:1337
tls://third.mk16.de:1338
tcp://etro.mikaela.info:2577?key=2b1df8061255d6f3b4440f8636489264e56d91d02d4e19701d6f39c31663b0a0
tcp://193.111.114.28:8080
tls://193.111.114.28:1443
tls://94.140.114.241:4708
]
The peer third.mk16.de
is duplicated there.