How can I obtain a better understanding of the P2P messages between my full node and its peers?


I am interested in how my full node interacts with its peers, what messages it exchanges (e.g. gossip about other nodes on the network, transactions, blocks) and why my full node disconnects with certain peers (is it my full node making the decision to disconnect or the peer?).

I know there is an open PR from Troy Giorshev (also covered in this Bitcoin Core PR review club) to make some of this possible to do within Bitcoin Core. What insights will I be able to garner from using this tool? For example will I be able to work out why a peer disconnected (e.g. because it went offline, because my full node was asking for too much information/too demanding, because I sent it transaction(s) it wasn't interested in?) What is possible currently with this PR and what is possible for future improvements of this tool?

(Also will playing around with this tool let me answer this question on falling back unnecessarily on DNS seeds?)

Michael Folkson

Posted 2021-01-24T13:54:07.970

Reputation: 4 963

I'm surprised that you introduced the new tag "Wireshark" here. Wireshark is just a tool that you are using to track the network messages, but as far as I can tell, Wireshark is neither subject of the question nor has anything to do with Bitcoin specifically itself. The actual topic of your question seems to be "network-messaging-analysis" or similar. Open to suggestions, because that sounds like a mouthful.—Maybe we should think about what distinguishes the tags [tag:network], [tag:p2p], [tag:peers], etc. – Murch – 2021-02-01T15:55:26.933

Just spotted there were a few Q&As on using Wireshark with Core and thought it would be useful to group them together with a label. An alternative to using Troy's tool is Wireshark as far as I understand so not entirely irrelevant to the question. I'm interested in what you can do with Wireshark, what you can do with Troy's tool and what you might be able to do in future. Maybe p2p-tools as the label rather than wireshark? – Michael Folkson – 2021-02-01T19:47:30.717

2I've merged [wireshark] into [network]. – Murch – 2021-02-01T20:02:19.667



Wireshark understands the Core protocol and it's one of the most popular packet capture tools.


Posted 2021-01-24T13:54:07.970

Reputation: 8 689

It doesn't really support the modern p2p network at all, so isn't that useful over just debug=net honestly. – Anonymous – 2021-01-24T22:14:07.767