Configure basic permissions¶
Basic network permissioning is a feature that controls which nodes can connect to a given node, and which nodes the given node can dial out to. Configure basic permissions by providing the –permissioned command line option when starting the node.
--permissioned is set, the node looks for a file named
<data-dir>/permissioned-nodes.json. This file contains the allowlist of enodes that this node can connect to and accept connections from. Only the nodes that are listed in the
permissioned-nodes.json file become part of the network.
--permissioned is specified but no nodes are added to the
permissioned-nodes.json file, this node can neither connect to any nodes nor accept any incoming connections.
permissioned-nodes.json file is structured as follows, which is similar to the
<data-dir>/static-nodes.json file that is used to specify the list of static nodes a given node always connects to:
You can use DNS names instead of IP addresses to specify nodes in
static-nodes.json. Only bootnodes need to be specified with IP addresses.
Every node has its own copy of the
permissioned-nodes.json file. If different nodes have different lists of remote keys, then each node may have a different list of permissioned nodes which may have an adverse effect on the network.