[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Sks-devel] sks recon: IP-address
From: |
Yaron M. Minsky |
Subject: |
Re: [Sks-devel] sks recon: IP-address |
Date: |
Thu, 19 Feb 2004 18:31:35 -0500 |
Here's a patch that I think should solve the problem. I basically just
added bind commands in the relevant cases. I haven't tried this out
yet, so it might completely blow up, but I wanted to get some feedback.
If this seems to work, it will make it into CVS tonight.
y
Index: common.ml
===================================================================
RCS file: /cvsroot/sks/sks/common.ml,v
retrieving revision 1.24
diff -c -r1.24 common.ml
*** common.ml 24 Dec 2003 02:56:42 -0000 1.24
--- common.ml 19 Feb 2004 22:57:46 -0000
***************
*** 213,215 ****
--- 213,219 ----
| Unix.ADDR_INET (inet_addr,port) -> Unix.ADDR_INET (inet_addr,port + 1)
+ let get_recon_addr () =
+ Unix.ADDR_INET (Unix.inet_addr_of_string recon_address,recon_port)
+ let get_recon_addr =
+ Utils.unit_memoize get_recon_addr
Index: reconCS.ml
===================================================================
RCS file: /cvsroot/sks/sks/reconCS.ml,v
retrieving revision 1.7
diff -c -r1.7 reconCS.ml
*** reconCS.ml 12 Oct 2003 20:20:19 -0000 1.7
--- reconCS.ml 19 Feb 2004 22:57:48 -0000
***************
*** 139,144 ****
--- 139,145 ----
~protocol:0
in
let run () =
+ Unix.bind s ~addr:(get_recon_addr ());
Unix.connect s ~addr:partner;
let cin = Channel.sys_in_from_fd s
and cout = Channel.sys_out_from_fd s in
Index: reconComm.ml
===================================================================
RCS file: /cvsroot/sks/sks/reconComm.ml,v
retrieving revision 1.2
diff -c -r1.2 reconComm.ml
*** reconComm.ml 12 Oct 2003 20:20:19 -0000 1.2
--- reconComm.ml 19 Feb 2004 22:57:48 -0000
***************
*** 73,79 ****
~kind:Unix.SOCK_STREAM
~protocol:0 in
protect ~f:(fun () ->
! let () = Unix.connect s ~addr in
let cin = Channel.sys_in_from_fd s
and cout = Channel.sys_out_from_fd s in
--- 73,80 ----
~kind:Unix.SOCK_STREAM
~protocol:0 in
protect ~f:(fun () ->
! Unix.bind s ~addr:(get_recon_addr ());
! Unix.connect s ~addr;
let cin = Channel.sys_in_from_fd s
and cout = Channel.sys_out_from_fd s in
Index: reconserver.ml
===================================================================
RCS file: /cvsroot/sks/sks/reconserver.ml,v
retrieving revision 1.26
diff -c -r1.26 reconserver.ml
*** reconserver.ml 12 Oct 2003 20:20:19 -0000 1.26
--- reconserver.ml 19 Feb 2004 22:57:48 -0000
***************
*** 48,54 ****
(******************************************************************)
! let recon_addr = Unix.ADDR_INET (Unix.inet_addr_of_string
recon_address,recon_port)
let reconsock = Eventloop.create_sock recon_addr
let () =
--- 48,54 ----
(******************************************************************)
! let recon_addr = get_recon_addr ()
let reconsock = Eventloop.create_sock recon_addr
let () =
On Thu, 2004-02-19 at 12:08, Olaf Gellert wrote:
> Hi all,
>
> hopefully the last question before I put our SKS
> into production: My recon server seems to use the
> second IP address of the system for gossiping
> with the other servers. It is configured like this:
>
> # set the hostname of your server
> hostname: pgpkeys.pca.dfn.de
> # set the ip address for the server
> hkp_address: 193.174.13.74
> # port for synchronising with other SKS via gossip protocol
> recon_port: 11370
> # ip-address for the synchronisation via gossip
> recon_address: 193.174.13.74
>
> So it should use 193.174.13.74 for gossip. But I
> see this in our firewall logs:
>
> Feb 19 17:59:24 magic kernel: iptables:OUTchainIN= OUT=eth0 SRC=193.174.13.73
> DST=129.24.244.40 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=29885 DF PROTO=TCP
> SPT=32913 DPT=11370 WINDOW=5840 RES=0x00 SYN URGP=0 OPT
> (020405B40402080AE41EF3F80000000001030300)
>
> So it really tries the wrong address. This is, what log.recon
> says:
>
> 2004-02-19 17:47:58 Starting event loop
> 2004-02-19 17:50:42 Added 1 hash-updates. Caught up to 1077209438.192824
> 2004-02-19 17:52:30 Added 1 hash-updates. Caught up to 1077209545.206984
> 2004-02-19 17:53:06 Recon partner: <ADDR_INET 212.242.169.198:11370>
> 2004-02-19 17:53:51 <recon as client> callback timed out.
> 2004-02-19 17:53:59 Added 2 hash-updates. Caught up to 1077209637.388646
> 2004-02-19 17:55:49 Added 2 hash-updates. Caught up to 1077209744.027596
> 2004-02-19 17:58:39 Recon partner: <ADDR_INET 129.24.244.40:11370>
> 2004-02-19 17:59:24 <recon as client> callback timed out.
> 2004-02-19 17:59:48 Added 2 hash-updates. Caught up to 1077209979.838450
> 2004-02-19 18:04:34 Recon partner: <ADDR_INET 129.24.244.40:11370>
> 2004-02-19 18:05:19 <recon as client> callback timed out.
> 2004-02-19 18:06:11 Added 1 hash-updates. Caught up to 1077210353.187839
> 2004-02-19 18:07:05 Beginning recon as server, client: <ADDR_INET
> 62.116.124.106
> :47557>
> 2004-02-19 18:07:05 Joining reconciliation
>
> So "recon as server" seems to work, "recon as client" seems
> to use the wrong IP address.
>
> Cheers,
>
> Olaf
--
|--------/ Yaron M. Minsky \--------|
|--------\ http://www.cs.cornell.edu/home/yminsky/ /--------|
Open PGP --- KeyID B1FFD916
Fingerprint: 5BF6 83E1 0CE3 1043 95D8 F8D5 9F12 B3A9 B1FF D916