Limiting sessions for benefit of lightclients

Author: Emilia Hane

discv5/discv5-theory.md

@@ -427,19 +427,34 @@ A node may at start-up be assigned an externally reachable socket to advertise a
 listen socket. If those sockets are not equivalent, the node is behind NAT and the
 [mechanism for keeping holes punched] is activated. Like so, a node assumes it is behind
 NAT if an externally reachable socket is omitted from the initial configuration and must
-activate the [mechanism for keeping holes punched]. The
-[external socket used by the local node is assessed] at runtime. Once a new externally
-reachable IP address is known, implementations will try to bind to the address at some
-number of randomly selected ports from a given range of probably unused ports. If binding
-succeeds with any port, the node is not behind NAT and the
-[mechanism for keeping holes punched] is
-deactivated. This solution assumes, in most scenarios where port-forwarding cannot be
-configured the local node host's address is private to the address realm of the device
-operating the NAT level furthest from the local node host[^1]. If the host and NAT device
-use the same IP address, binding will always succeed, so this method may give a false
-negative. However, this is not detrimental. A node behind NAT that deactivates the
-[mechanism for keeping holes punched] will more frequently have to re-establish sessions
-to its peers.
+activate the [mechanism for keeping holes punched]. [Runtime address discovery] asses the
+external socket used by the local node. Once a new externally reachable IP address is known,
+implementations will try to bind to the address at some number of randomly selected ports
+from a given range of probably unused ports. If binding succeeds with any port, the node is
+not behind NAT and the [mechanism for keeping holes punched] is deactivated. This solution
+assumes, in most scenarios where port-forwarding cannot be configured the local node host's
+address is private to the address realm of the device operating the NAT level furthest from
+the local node host[^1]. If the host and NAT device use the same IP address, binding will
+always succeed, so this method may give a false negative. However, this is not detrimental.
+A node behind NAT that deactivates the [mechanism for keeping holes punched] will more
+frequently have to re-establish sessions to its peers.
+
+### Limiting resource consumption of peers behind symmetric NATs, useful for light-clients
+
+Peers with non-contactable ENRs do not get inserted into kbuckets. Nodes that are behind
+symmetric NATs will naturally never succeed in pinpointing one external socket for peers
+to reach them on by [runtime address discovery] and therefore their non-contactable ENRs
+will never update to contactable ENRs. This means, these peers will never respond to
+requests, as only peers in kbucktes are sent requests. This does not cohere with the
+p2p-model, rather the server-client model where the peer with a non-contactable ENR acts
+as the client. This misalignment is especially bothersome for well behaving (externally
+reachable) light-clients operating on limited resources. Discv5.2 corrects this
+side-effect of [runtime address discovery] by setting introducing a configurable limit to
+the number of sessions at a time with peers with non-contactable ENRs, the lower limit
+being 1. Nodes must accept sessions with at least one peer with a non-contactable ENR to
+for [runtime address discovery] to be enabled on the discv5.2 network.
+
+### Fault tolerance
 
 [EIP-778]: ../enr.md
 [identity scheme]: ../enr.md#record-structure
@@ -457,7 +472,8 @@ to its peers.
 [UDP communication]: ./discv5-wire.md#udp-communication
 [Sessions]: ./discv5-theory.md#sessions
 [liveness check]: ./discv5-theory.md#table-maintenance-in-practice
-[external socket used by the local node is assessed]: ./discv5-theory.md#maintaining-the-local-node-record
+[Runtime address discovery]: ./discv5-theory.md#maintaining-the-local-node-record
+[runtime address discovery]: ./discv5-theory.md#maintaining-the-local-node-record
 [mechanism for keeping holes punched]: ./discv5-theory.md#job-of-keeping-the-hole-punched-falls-on-bob-and-bob's-incentive-to-do-so
 
 [^1]: https://pdos.csail.mit.edu/papers/p2pnat.pdf