First IPv6 recon peers seen

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

First IPv6 recon peers seen

Phil Pennock-17
One failure, one success.

2009-03-05 08:02:35 Reconciliation attempt from unauthorized host
  <ADDR_INET 2001:610:1108:5011:230:48ff:fe12:2794:58222>.  Ignoring

Reverse DNS says "mud.stack.nl"; I peer with "keyserver.stack.nl" which
does not have an AAAA record, therefore membership test rejected it.

Sometime after the first membership reload after the DNS is updated,
things will start working.  Meh, I should have added "sks
reload-membership" after all -- if the file hasn't changed, membership
is unlikely to update.

2009-03-05 08:14:49 Hashes recovered from
  <ADDR_INET 2001:41d0:1:e812:1c:c0ff:fe65:2cd4:11371>
2009-03-05 08:14:49     E777242870C967B237036376696862FC
2009-03-05 08:14:59 Requesting 1 missing keys from
  <ADDR_INET 2001:41d0:1:e812:1c:c0ff:fe65:2cd4:11371>,
  starting with E777242870C967B237036376696862FC
2009-03-05 08:14:59 1 keys received
2009-03-05 08:14:59 Added 1 hash-updates. Caught up to 1236240899.478994

So the first IPv6 recon to exchange a key was ... with kim.kim-minh.com.
:)  What do you know, they work together.  ;)

-Phil

_______________________________________________
Sks-devel mailing list
[hidden email]
http://lists.nongnu.org/mailman/listinfo/sks-devel

attachment0 (169 bytes) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: First IPv6 recon peers seen

Johan van Selst
Hi Phil,

Phil Pennock wrote:
> 2009-03-05 08:02:35 Reconciliation attempt from unauthorized host
>   <ADDR_INET 2001:610:1108:5011:230:48ff:fe12:2794:58222>.  Ignoring
> Reverse DNS says "mud.stack.nl"; I peer with "keyserver.stack.nl" which
> does not have an AAAA record, therefore membership test rejected it.

Ah good point. I have added the AAAA record now. I suppose it will start
peering automatically after a while now.

On the whole your patch seems to work just fine (using it on FreeBSD-7.1)


Ciao,
Johan

_______________________________________________
Sks-devel mailing list
[hidden email]
http://lists.nongnu.org/mailman/listinfo/sks-devel

attachment0 (169 bytes) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: First IPv6 recon peers seen

Kim Minh Kaplan
In reply to this post by Phil Pennock-17
Phil Pennock:

> Sometime after the first membership reload after the DNS is updated,
> things will start working.  Meh, I should have added "sks
> reload-membership" after all -- if the file hasn't changed, membership
> is unlikely to update.

Juste touch the membership file, that forces a reload.

> So the first IPv6 recon to exchange a key was ... with kim.kim-minh.com.
> :)  What do you know, they work together.  ;)

Yes, things seem to be working great on this side too.  I have not had a
chance to look at your patch yet as upgrading to Debian 5 brought my
server down yesterday.  I'll do it, I promise, especially since I think
your approach of opening distinct sockets is better.  But I am a bit
worried about concurrency woes.  The recon server seems to disable
gossiping at some point, I do not yet know the reason yet.  May be
Yaron Minsky could tell us some more on this point.

Regarding access to your repository it seems you can publish it with a
bare web server as described there
http://www.selenic.com/mercurial/wiki/index.cgi/StaticHTTP

Kim Minh.


_______________________________________________
Sks-devel mailing list
[hidden email]
http://lists.nongnu.org/mailman/listinfo/sks-devel