P2P Monitoring
Date: April 9, 2024
Tags: Bitcoin core, P2p, Developer tools
Category: Core dev tech
- Started working on this about 2 years ago; in 2021. After we accidentally observed the address flooding anomaly/attack
- Primarily uses https://github.com/0xB10C/peer-observer to extract data from Bitcoin Core nodes with tracepoints.
- The infrastructure also includes a fork-observer connected to each node as well as an addrman-observer for each node. Additionally, detailed Bitcoin Core debug logs are avaliable. The main part are the Grafana dashboards.
- There’s a public version at public.peer.observer, which is redacted to not leak honeynode IP addresses. Happy to provide access to an internal version.
- Grafana dashboard shown, for example:
- in and outbound P2P messages per node
- observed drop in inbound version coming in when linking lion was down
- current inbound connections
- block connection duration
- transaction rejected from mempool
- in and outbound P2P messages per node
- More automated alerting and anomaly detection is a todo.