Is it allowed to run several different DHT nodes behind the same ip:port pair in Mainline DHT?

Question

Is it allowed to run several different DHT nodes behind the same ip:port pair in Mainline DHT? And which node should reply on the DHT query message? All or one of them?

Thank you in advance.

Answer 1

The short answer is: one of them. Each request is expected to yield a single response.

DHT nodes are assumed to have a persistent node-ID associated with their (IP, port)-pair. If the node ID changes (or as you phrase it, a different node responds) its entry in the remote node's routing table is likely to be removed and replaced by the new node ID.

It is probably a better idea to run the nodes on different ports, so that requests to the same port results in responses from the same node with the same node-ID.

As a side note, the Azureus has certain security features in its DHT to mitigate attacks that where an attacker owns a certain area of the node ID space by restricting which node IDs you can run on any given IP address. There is a proposal to do something similar for the mainline DHT (proposed by me) DHT security extension. With something like this deployed, you would be limited in how many nodes you could run behind a single IP address.