Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Repo info
Activity
  • 18:28
    thomas-mangin commented #927
  • 16:46
    pguibert6WIND commented #927
  • 16:44
    pguibert6WIND commented #927
  • 14:41
    pguibert6WIND edited #929
  • 14:38
    pguibert6WIND opened #929
  • 11:12
    ykondratov commented #926
  • 11:00
    thomas-mangin commented #926
  • 08:13
    ykondratov commented #926
  • Oct 21 22:34
    thomas-mangin closed #538
  • Oct 21 22:34
    thomas-mangin commented #538
  • Oct 21 22:17
    thomas-mangin commented #507
  • Oct 21 22:12
    thomas-mangin commented #538
  • Oct 21 21:57
    thomas-mangin commented #926
  • Oct 21 21:42
    thomas-mangin commented #927
  • Oct 21 21:41
    thomas-mangin commented #927
  • Oct 21 21:39
    thomas-mangin commented #923
  • Oct 21 21:37

    thomas-mangin on master

    complete work for #927, correct… (compare)

  • Oct 21 21:32
    elindsey commented #927
  • Oct 21 20:30
    thomas-mangin commented #927
  • Oct 21 20:30
    thomas-mangin commented #927
Thomas Mangin
@thomas-mangin
We have a couple of new software/systems developer roles now available to join our existing R&D team at Exa. This is a great chance to work with some amazing people and help us develop existing software used by some of the biggest companies in the world and of course work on new software, products and systems that will help shape the future of our company. If you are interested get in touch with me directly
That sound pompous … Made me smile to find this on my co director LinkedIn board :-)
sanjmonkey
@sanjmonkey
hi @thomas-mangin - any luck with the MD5 problem? Did you manage to see how those other implementations see it?
Thomas Mangin
@thomas-mangin
I have not been able to work on it this week
Perhaps this week-end
I am at loss tho and want to ask Andrej if he knows why
sanjmonkey
@sanjmonkey
ok no problem - thanks for letting me know :)
Thomas Mangin
@thomas-mangin
I wish I could be more useful but we are trying to migrate ERP and have hard deadlines on our content filtering software … So I am quite overloaded atm.
well, we are migrating but it takes the time it takes to get it 100% right and last minutes issues are always fun !
Thomas Mangin
@thomas-mangin
@sanjmonkey not forgotten about MD5 .. Just slow ….
sanjmonkey
@sanjmonkey
@thomas-mangin no problemo. I had a free hour this afternoon and started to look again. What is the significance of MD5SIG and 14? Is this OS specific implementation (linux/tcp.h I assume) I missed?
Thomas Mangin
@thomas-mangin
I was not available this afternoon - going to have a look
Thomas Mangin
@thomas-mangin
Yes, it is
sanjmonkey
@sanjmonkey
Im not afraid to admit it @thomas-mangin, I’m a bit stumped. At least I’ve learnt a bit about socket programming today if nothing else :) I’m not able to prove this, but I’m not convinced python socket correctly handles the access into the socket interface for TCP_MD5SIG. (side note; socket.socket.getsockopt(6,14) always returns '[Errno 92] Protocol not available' which is less than helpful.) I see EXA uses exactly the same function to set MD5 .setsockopt() for the correctly functioning outgoing packet (I agree with the packing too), so my doubt is with perhaps how this option is interpreted by socket.socket.listen()
Last time I looked they did how we did
I will have to look at their BSD support at some point to see if I can learn something
I can not see anything wrong with the code neither ...
sanjmonkey
@sanjmonkey
hi @thomas-mangin
re: MD5. a colleage of mine (Dave Overton) and I looked at it again this afternoon. He proved capacilities of linux MD5 listener with a quick c socket server / client setup. so that squashed some doubts in my mind, and we turned back to the python implementation
and we have a patch for exa
Thomas Mangin
@thomas-mangin
Hi @sanjmonkey - ohhh a patch :-) very very welcome :-)
sanjmonkey
@sanjmonkey
email ok?
Thomas Mangin
@thomas-mangin
@sanjmonkey
thomas-mangin/exabgp@a0b880e
Let me know if it does the trick - if so I will add an entry in CHANGELOG
sanjmonkey
@sanjmonkey
tested patch on a fresh clone of mainline 3.4.9 and its working for both active and passive ends. all good. cheers @thomas-mangin
Thomas Mangin
@thomas-mangin
@sanjmonkey Great :-)
sanjmonkey
@sanjmonkey
hi, me again :)
suppose you have multiple sessions you want to be passive for (listen on the same IP), I notice exa fails because if all local-addresses are the same IP, the lucky guy who goes first gets to bind (briefly) and the remainder bork
have you considered SO_REUSEPORT ?
Thomas Mangin
@thomas-mangin
Hi, That would not work
Sorry ..
It may work ...
sanjmonkey
@sanjmonkey
But it's not good practice ?
Thomas Mangin
@thomas-mangin
But if you run multiple ExaBGP the behaviour would become extremely unpredictable with the connection going to one of the application
The same will happen within one application - a random socket will get the connection which may not be the one you are expecting ...
Unless I am not fully understanding what you are trying to achieve ..
sanjmonkey
@sanjmonkey
Yes, I understand. But bind() seems to be limiting in this case as even when supplied with MD5 SO's (making it unique) it only takes into account local IP + port
Thomas Mangin
@thomas-mangin
You want to have something like
neighborg ( local ip A, remote ip B, passive )
neighbour ( local ip A, remote ip C, passive )
sanjmonkey
@sanjmonkey
I'll try passing multiple MD5 SO's to it for each of my neighbors before calling bind
Thomas Mangin
@thomas-mangin
Can I call you .. it would be simpler to understand your use case
I think I would need to change the listening code to :
  • allow more than one peer per listening IP
  • on connection reception, lookup the remote IP and dispatch to the right peer
Correct ?