[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Sks-devel] sks recon: IP-address
|
From: |
Yaron M. Minsky |
|
Subject: |
Re: [Sks-devel] sks recon: IP-address |
|
Date: |
Fri, 20 Feb 2004 07:19:06 -0500 |
Ok, that was a dumb patch, since I'm binding to the port as well.
Anyone know how to bind just the IP address of a socket used for
outgoing connections? I don't have my copy of Stevens in front of me.
y
On Thu, 2004-02-19 at 18:31, Yaron M. Minsky wrote:
> Here's a patch that I think should solve the problem. I basically just
> added bind commands in the relevant cases. I haven't tried this out
> yet, so it might completely blow up, but I wanted to get some feedback.
>
> If this seems to work, it will make it into CVS tonight.
>
> y
>
> Index: common.ml
> ===================================================================
> RCS file: /cvsroot/sks/sks/common.ml,v
> retrieving revision 1.24
> diff -c -r1.24 common.ml
> *** common.ml 24 Dec 2003 02:56:42 -0000 1.24
> --- common.ml 19 Feb 2004 22:57:46 -0000
> ***************
> *** 213,215 ****
> --- 213,219 ----
> | Unix.ADDR_INET (inet_addr,port) -> Unix.ADDR_INET (inet_addr,port + 1)
>
>
> + let get_recon_addr () =
> + Unix.ADDR_INET (Unix.inet_addr_of_string recon_address,recon_port)
> + let get_recon_addr =
> + Utils.unit_memoize get_recon_addr
> Index: reconCS.ml
> ===================================================================
> RCS file: /cvsroot/sks/sks/reconCS.ml,v
> retrieving revision 1.7
> diff -c -r1.7 reconCS.ml
> *** reconCS.ml 12 Oct 2003 20:20:19 -0000 1.7
> --- reconCS.ml 19 Feb 2004 22:57:48 -0000
> ***************
> *** 139,144 ****
> --- 139,145 ----
> ~protocol:0
> in
> let run () =
> + Unix.bind s ~addr:(get_recon_addr ());
> Unix.connect s ~addr:partner;
> let cin = Channel.sys_in_from_fd s
> and cout = Channel.sys_out_from_fd s in
> Index: reconComm.ml
> ===================================================================
> RCS file: /cvsroot/sks/sks/reconComm.ml,v
> retrieving revision 1.2
> diff -c -r1.2 reconComm.ml
> *** reconComm.ml 12 Oct 2003 20:20:19 -0000 1.2
> --- reconComm.ml 19 Feb 2004 22:57:48 -0000
> ***************
> *** 73,79 ****
> ~kind:Unix.SOCK_STREAM
> ~protocol:0 in
> protect ~f:(fun () ->
> ! let () = Unix.connect s ~addr in
> let cin = Channel.sys_in_from_fd s
> and cout = Channel.sys_out_from_fd s in
>
> --- 73,80 ----
> ~kind:Unix.SOCK_STREAM
> ~protocol:0 in
> protect ~f:(fun () ->
> ! Unix.bind s ~addr:(get_recon_addr ());
> ! Unix.connect s ~addr;
> let cin = Channel.sys_in_from_fd s
> and cout = Channel.sys_out_from_fd s in
>
> Index: reconserver.ml
> ===================================================================
> RCS file: /cvsroot/sks/sks/reconserver.ml,v
> retrieving revision 1.26
> diff -c -r1.26 reconserver.ml
> *** reconserver.ml 12 Oct 2003 20:20:19 -0000 1.26
> --- reconserver.ml 19 Feb 2004 22:57:48 -0000
> ***************
> *** 48,54 ****
>
> (******************************************************************)
>
> ! let recon_addr = Unix.ADDR_INET (Unix.inet_addr_of_string
> recon_address,recon_port)
> let reconsock = Eventloop.create_sock recon_addr
>
> let () =
> --- 48,54 ----
>
> (******************************************************************)
>
> ! let recon_addr = get_recon_addr ()
> let reconsock = Eventloop.create_sock recon_addr
>
> let () =
>
>
>
>
>
> On Thu, 2004-02-19 at 12:08, Olaf Gellert wrote:
> > Hi all,
> >
> > hopefully the last question before I put our SKS
> > into production: My recon server seems to use the
> > second IP address of the system for gossiping
> > with the other servers. It is configured like this:
> >
> > # set the hostname of your server
> > hostname: pgpkeys.pca.dfn.de
> > # set the ip address for the server
> > hkp_address: 193.174.13.74
> > # port for synchronising with other SKS via gossip protocol
> > recon_port: 11370
> > # ip-address for the synchronisation via gossip
> > recon_address: 193.174.13.74
> >
> > So it should use 193.174.13.74 for gossip. But I
> > see this in our firewall logs:
> >
> > Feb 19 17:59:24 magic kernel: iptables:OUTchainIN= OUT=eth0
> > SRC=193.174.13.73 DST=129.24.244.40 LEN=60 TOS=0x00 PREC=0x00 TTL=64
> > ID=29885 DF PROTO=TCP SPT=32913 DPT=11370 WINDOW=5840 RES=0x00 SYN URGP=0
> > OPT (020405B40402080AE41EF3F80000000001030300)
> >
> > So it really tries the wrong address. This is, what log.recon
> > says:
> >
> > 2004-02-19 17:47:58 Starting event loop
> > 2004-02-19 17:50:42 Added 1 hash-updates. Caught up to 1077209438.192824
> > 2004-02-19 17:52:30 Added 1 hash-updates. Caught up to 1077209545.206984
> > 2004-02-19 17:53:06 Recon partner: <ADDR_INET 212.242.169.198:11370>
> > 2004-02-19 17:53:51 <recon as client> callback timed out.
> > 2004-02-19 17:53:59 Added 2 hash-updates. Caught up to 1077209637.388646
> > 2004-02-19 17:55:49 Added 2 hash-updates. Caught up to 1077209744.027596
> > 2004-02-19 17:58:39 Recon partner: <ADDR_INET 129.24.244.40:11370>
> > 2004-02-19 17:59:24 <recon as client> callback timed out.
> > 2004-02-19 17:59:48 Added 2 hash-updates. Caught up to 1077209979.838450
> > 2004-02-19 18:04:34 Recon partner: <ADDR_INET 129.24.244.40:11370>
> > 2004-02-19 18:05:19 <recon as client> callback timed out.
> > 2004-02-19 18:06:11 Added 1 hash-updates. Caught up to 1077210353.187839
> > 2004-02-19 18:07:05 Beginning recon as server, client: <ADDR_INET
> > 62.116.124.106
> > :47557>
> > 2004-02-19 18:07:05 Joining reconciliation
> >
> > So "recon as server" seems to work, "recon as client" seems
> > to use the wrong IP address.
> >
> > Cheers,
> >
> > Olaf
--
|--------/ Yaron M. Minsky \--------|
|--------\ http://www.cs.cornell.edu/home/yminsky/ /--------|
Open PGP --- KeyID B1FFD916
Fingerprint: 5BF6 83E1 0CE3 1043 95D8 F8D5 9F12 B3A9 B1FF D916