I'm setting up a private network with 10 geth nodes for my organization's own use, however I don't want outside nodes to accidentally (or intentionally) connect to our geth nodes. The nodes are hosted on public servers so we can access them anywhere, is there some way so the geth nodes in our private net will only allow peer connections from each other and block connections from other nodes. Currently we use the static-nodes.json to make the 10 geth nodes to connect to each other, disabled discovery, however I'm not sure if that's enough to block unwanted outside nodes connection attempts? Thanks.
Geth Connections – How to Allow Connections from Specified Nodes in Geth
connectionsgo-ethereumpeersprivate-blockchain
Best Answer
I'm not sure how deep into geth you want to go, but p2p/Server contains a property called "NetRestrict" that allows you to restrict connections to particular IP networks.
cmd/bootnode/main.go is a working example that accepts the "netrestrict" flag. It looks like Geth hasn't quite implemented this yet, but it should be fairly easy to implement yourself.