Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bind to IPv6 addresses if available #3488

Closed
olanod opened this issue Feb 27, 2024 · 3 comments · Fixed by #4792
Closed

Bind to IPv6 addresses if available #3488

olanod opened this issue Feb 27, 2024 · 3 comments · Fixed by #4792
Assignees

Comments

@olanod
Copy link
Contributor

olanod commented Feb 27, 2024

Original issue by @geigerzaehler:

If not explicilty set a node binds only to IPv4 addresses. This results in some usability issues. For example I cannot connect to the HTTP or Websocket RPC API endpoints if I use the host localhost if that host name resolves to ::1. Similarly, if I use --unsafe-rpc-external I cannot reach the RPC API from other machines over IPv6. The same applies to the P2P connection.

I’d suggest binding to ::1 if we’re also binding to 127.0.0.1 and to bind to :: if we’re also binding to 0.0.0.0

@olanod
Copy link
Contributor Author

olanod commented Feb 27, 2024

I have some IPv6 only nodes that would benefit from this feature, the current workaround is to have a reverse proxy that can bind to an IPv6 address and forward traffic to the RPC node bound to the IPv4 address.

@bkchr
Copy link
Member

bkchr commented Feb 27, 2024

Cc @niklasad1

@niklasad1
Copy link
Member

niklasad1 commented Feb 28, 2024

We can enable to listen to ipv4/ipv6 sockets on the JSON-RPC server, shouldn't be that hard :)

@niklasad1 niklasad1 self-assigned this Feb 28, 2024
github-merge-queue bot pushed a commit that referenced this issue Aug 28, 2024
…rpc-endpoint` CLI option (#4792)

Close #3488,
#4331

This changes/adds the following:

1. The default setting is that substrate starts a rpc server that
listens to localhost both Ipv4 and Ipv6 on the same port. Ipv6 is
allowed to fail because some platforms may not support it
2. A new RPC CLI option `--experimental-rpc-endpoint` which allow to
configure arbitrary listen addresses including the port, if this is
enabled no other interfaces are enabled.
3. If the local addr is not found for any of the sockets the server is
not started throws an error.
4. Remove the deny_unsafe from the RPC implementations instead this is
an extension to allow different polices for different interfaces/sockets
such one may enable unsafe on local interface and safe on only the
external interface.

So for instance in this PR it's now possible to start up three RPC
endpoints as follows:
```
$ polkadot --experimental-rpc-endpoint "listen-addr=127.0.0.1:9944,rpc-methods=unsafe" --experimental-rpc-endpoint "listen-addr=0.0.0.0:9945,rpc-methods=safe,rate-limit=100" --experimental-rpc-endpoint "listen-addr=[::1]:9944,optional=true"
```

#### Needs to be addressed

~1. Support binding to a random port if it's fails with the default
stuff for backward compatible reasons~
~2. How to sync that the rpc CLI params and that the rpc-listen-addr
align, hard to maintain...~
~3. Add similar warning prints for exposing unsafe methods on external
interfaces..~
~4. Inline todos + the hacky String conversion from rpc params.~

#### Cons with this PR

Manual strings parsing impl more error-prone than relying on clap....

//cc @jsdw @BulatSaif @PierreBesson @bkchr

---------

Co-authored-by: Sebastian Kunert <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
3 participants