How to restrict DHT routing table servers

Hi guys, is there a way to enforce DHT client mode for all peers other than a specified set of server peers?

I want to only allow a “privileged” set of peers on my network (who are known to everyone beforehand) to run as DHT servers. The convention is that all other peers should start the DHT module in “client” mode, but since this is a permissionless network, there is no way to guarantee that they will all obey this convention.

Is there a way to enforce this “defensively”? For example, some way to specify a filter / validator that checks each new peer that is added to our routing table, and only allow it to be added if it is one of the “privileged” set of peers?

My worry is that some unprivileged peer will run as DHT server, resulting in it being added to other peers’ routing tables.

If you’re using go-libp2p-kad-dht check out the available options for building your network (and remember to set a custom protocol prefix). There are both routing table and query filters that should be able to help you out here.

Could you point me to the exact fields / methods in the godocs or code by any chance?

Were you referring to peerdiversity package - -