stellar · drebelsky · Feb 3, 2026 · Feb 4, 2026 · Feb 4, 2026 · drebelsky
diff --git a/docs/stellar-core_example.cfg b/docs/stellar-core_example.cfg
@@ -120,6 +120,10 @@ NETWORK_PASSPHRASE="Public Global Stellar Network ; September 2015"
 # The port other instances of stellar-core can connect to you on.
 PEER_PORT=11625
 
+# PEER_LISTEN_IP (string) default "" (bind to 0.0.0.0)
+# The IP address other instances of stellar-core can connect to you on.
+PEER_LISTEN_IP=""
+
 # TARGET_PEER_CONNECTIONS (Integer) default 8
 # This controls how aggressively the server will connect to other peers.
 # It will send outbound connection attempts until it is at this

diff --git a/src/main/Config.cpp b/src/main/Config.cpp
@@ -1094,6 +1094,8 @@ Config::processConfig(std::shared_ptr<cpptoml::table> t)
 #endif
                 {"PEER_PORT",
                  [&]() { PEER_PORT = readInt<unsigned short>(item, 1); }},
+                {"PEER_LISTEN_IP",
+                 [&]() { PEER_LISTEN_IP = readString(item); }},
                 {"HTTP_PORT",
                  [&]() { HTTP_PORT = readInt<unsigned short>(item); }},
                 {"HTTP_QUERY_PORT",

diff --git a/src/main/Config.h b/src/main/Config.h
@@ -695,6 +695,7 @@ class Config : public std::enable_shared_from_this<Config>
 
     // overlay config
     unsigned short PEER_PORT;
+    std::string PEER_LISTEN_IP; // IP address to listen on (empty = 0.0.0.0)
     unsigned short TARGET_PEER_CONNECTIONS;
     unsigned short MAX_PENDING_CONNECTIONS;
     int MAX_ADDITIONAL_PEER_CONNECTIONS;

diff --git a/src/overlay/OverlayManager.h b/src/overlay/OverlayManager.h
@@ -140,8 +140,8 @@ class OverlayManager
     virtual bool acceptAuthenticatedPeer(Peer::pointer peer) = 0;
 
     virtual bool isPreferred(Peer* peer) const = 0;
-    virtual bool isPossiblyPreferred(std::string const& ip) const = 0;
-    virtual bool haveSpaceForConnection(std::string const& ip) const = 0;
+    virtual bool isPossiblyPreferred(asio::ip::address const& ip) const = 0;
+    virtual bool haveSpaceForConnection(asio::ip::address const& ip) const = 0;
 
     // Return the current in-memory set of inbound pending peers.
     virtual std::vector<Peer::pointer> const&

diff --git a/src/overlay/OverlayManagerImpl.cpp b/src/overlay/OverlayManagerImpl.cpp
@@ -906,7 +906,7 @@ OverlayManagerImpl::maybeAddInboundConnection(Peer::pointer peer)
 }
 
 bool
-OverlayManagerImpl::isPossiblyPreferred(std::string const& ip) const
+OverlayManagerImpl::isPossiblyPreferred(asio::ip::address const& ip) const
 {
     return std::any_of(
         std::begin(mConfigurationPreferredPeers),
@@ -915,7 +915,7 @@ OverlayManagerImpl::isPossiblyPreferred(std::string const& ip) const
 }
 
 bool
-OverlayManagerImpl::haveSpaceForConnection(std::string const& ip) const
+OverlayManagerImpl::haveSpaceForConnection(asio::ip::address const& ip) const
 {
     auto totalAuthenticated = getInboundAuthenticatedPeers().size();
     auto totalTracked = *getLiveInboundPeersCounter();
@@ -947,7 +947,7 @@ OverlayManagerImpl::haveSpaceForConnection(std::string const& ip) const
         CLOG_DEBUG(
             Overlay,
             "Peer rejected - all pending inbound connections are taken: {}",
-            ip);
+            ip.to_string());
         CLOG_DEBUG(Overlay, "If you wish to allow for more pending "
                             "inbound connections, please update your "
                             "MAX_PENDING_CONNECTIONS setting in "

diff --git a/src/overlay/OverlayManagerImpl.h b/src/overlay/OverlayManagerImpl.h
@@ -206,8 +206,10 @@ class OverlayManagerImpl : public OverlayManager
     int availableOutboundAuthenticatedSlots() const;
     int nonPreferredAuthenticatedCount() const;
 
-    virtual bool isPossiblyPreferred(std::string const& ip) const override;
-    virtual bool haveSpaceForConnection(std::string const& ip) const override;
+    virtual bool
+    isPossiblyPreferred(asio::ip::address const& ip) const override;
+    virtual bool
+    haveSpaceForConnection(asio::ip::address const& ip) const override;
 
     void updateSizeCounters();
 

diff --git a/src/overlay/Peer.cpp b/src/overlay/Peer.cpp
@@ -131,7 +131,7 @@ static constexpr VirtualClock::time_point PING_NOT_SENT =
     VirtualClock::time_point::min();
 static constexpr uint32_t QUERY_RESPONSE_MULTIPLIER = 5;
 
-Peer::Peer(Application& app, PeerRole role)
+Peer::Peer(Application& app, PeerRole role, PeerBareAddress const& address)
     : mAppConnector(app.getAppConnector())
     , mNetworkID(app.getNetworkID())
     , mFlowControl(
@@ -145,6 +145,7 @@ Peer::Peer(Application& app, PeerRole role)
     , mState(role == WE_CALLED_REMOTE ? CONNECTING : CONNECTED)
     , mRemoteOverlayMinVersion(0)
     , mRemoteOverlayVersion(0)
+    , mAddress(address)
     , mCreationTime(app.getClock().now())
     , mRecurringTimer(app)
     , mDelayedExecutionTimer(app)
@@ -1719,7 +1720,6 @@ void
 Peer::updatePeerRecordAfterEcho()
 {
     releaseAssert(threadIsMain());
-    releaseAssert(!getAddress().isEmpty());
 
     PeerType type;
     if (mAppConnector.getOverlayManager().isPreferred(this))
@@ -1745,7 +1745,6 @@ void
 Peer::updatePeerRecordAfterAuthentication()
 {
     releaseAssert(threadIsMain());
-    releaseAssert(!getAddress().isEmpty());
 
     if (mRole == WE_CALLED_REMOTE)
     {
@@ -1801,12 +1800,6 @@ Peer::recvHello(Hello const& elo)
     // mAddress is set in TCPPeer::initiate and TCPPeer::accept. It should
     // contain valid IP (but not necessarily port yet)
     auto ip = mAddress.getIP();
-    if (ip.empty())
-    {
-        drop("failed to determine remote address",
-             Peer::DropDirection::WE_DROPPED_REMOTE);
-        return;
-    }
     mAddress =
         PeerBareAddress{ip, static_cast<unsigned short>(elo.listeningPort)};
 
@@ -1853,7 +1846,7 @@ Peer::recvHello(Hello const& elo)
         return;
     }
 
-    if (elo.listeningPort <= 0 || elo.listeningPort > UINT16_MAX || ip.empty())
+    if (elo.listeningPort <= 0 || elo.listeningPort > UINT16_MAX)
     {
         sendErrorAndDrop(ERR_CONF, "bad address");
         return;
@@ -1989,14 +1982,7 @@ Peer::recvPeers(StellarMessage const& msg)
                        peer.port);
             continue;
         }
-        if (peer.ip.type() == IPv6)
-        {
-            CLOG_DEBUG(Overlay,
-                       "ignoring received IPv6 address (not yet supported)");
-            continue;
-        }
 
-        releaseAssert(peer.ip.type() == IPv4);
         auto address = PeerBareAddress{peer};
 
         if (address.isPrivate())

diff --git a/src/overlay/Peer.h b/src/overlay/Peer.h
@@ -349,7 +349,7 @@ class Peer : public std::enable_shared_from_this<Peer>,
   public:
     /* The following functions must all be called from the main thread (they all
      * contain releaseAssert(threadIsMain())) */
-    Peer(Application& app, PeerRole role);
+    Peer(Application& app, PeerRole role, PeerBareAddress const& address);
 
     void cancelTimers();