Gavin Andresen - 2011-04-08 18:06:25

Limit-per-ip-range is an interesting idea.

I'd like to give the current not-yet-released solution a month or two to work before trying something else.  I see two possible directions:

+ Limit-per-{connection,ip-range}.  Trouble with this is an attacker who has multiple IPs (think botnet operator) can mount a distributed flood attack.

or/and

+ Take transaction priority into account when deciding what to drop.

I'd really like to talk to a p2p network researcher; it seems to me it might be possible to keep some statistics on what "typical" bitcoin network traffic looks like; perhaps nodes could drop neighbors if they notice network traffic from them looks way out of whack (e.g. sending a much-larger-than-typical number of addr messages or free transactions or...).