First of all thanks for reading this post.
I am having a problem with one of my relay nodes, most probably caused by malicious inbound traffic that makes the cardano-node work at more than 100% CPU capacity.
The node worked seamlessly from its initial setup, about 3 weeks ago, but over the past 2 days, I noticed an unusual increase in inbound traffic with an average of 500Kb/s.
I have temporarily resolved the situation by whitelisting incoming traffic only from trusted IP addresses, but I was wondering if there was a more efficient solution and if anybody else experienced this problem in the past before.
As far as my understanding goes, I need to allow incoming connections on the relay port from anywhere to make sure I maintain a healthy number of peers and get the chance to process transactions that could eventually lead to producing blocks. Am I completely wrong here?
Your help is very much appreciated!