[Spread-users] RE: set ip to listen to
Jonathan Stanton
jonathan at cnds.jhu.edu
Wed Mar 12 12:03:04 EDT 2008
Hello,
I thought it was a bit odd at first to, so I looked into it. I'll give
an example from my machine and what each socket is used for. In your
case, I think the extra UDP socket that is showing up is a socket used
to 'send' udp datagrams from Spread, but is never used to receive, so it
is not bound to a specific interface or port.
Here is my full list. I used lsof instead of netstat as the Mac version
of netstat doesn't show the program name like the linux netstat -lp
does.
Goldberry:mac jonathan$ lsof -n -i | grep spread
spread 40116 jonathan 3u IPv4 0x3bbf518 0t0 UDP 10.0.1.150:4803
spread 40116 jonathan 4u IPv4 0x3bc2380 0t0 UDP 10.0.1.150:4804
spread 40116 jonathan 5u IPv4 0x3bbfd88 0t0 UDP *:*
spread 40116 jonathan 6u IPv4 0x3dfc66c 0t0 TCP 10.0.1.150:4803 (LISTEN)
spread 40116 jonathan 7u unix 0x7ff46e8 0t0 /tmp/4803
spread 40116 jonathan 8u IPv4 0x3bbf5f0 0t0 UDP *:*
First line (file descriptor 3) is the main socket for receiving
daemon-to-daemon data messages. If you have a multi-node configuration
you will also see a UDP/IP socket bound to your "broadcast" address and
port 4803. This is needed on most unixes to receive broadcast/multicast
traffic when you are binding to specific interfaces. This is controlled
by the configuration file "D" option.
Second line (fd 4) is the main socket for the daemon receiving the Token
that controls flow and reliablity. This is controlled by the
configuration file "D" option
Third line (fd 5) is the UDP Sending socket, so 'bind()' is never called
for it as it is only used to send outgoing udp datagrams. Since it is
only sending, it is not bound to a specific interface.
Fourth line (fd 6) is the socket listening for TCP client connections.
This is controlled by the configuration file "C" option.
Fifth line (fd 7) is used for the UNIX domain socket for client
connections on the local machine.
Sixth line (fd 8) is a UDP socket created to SEND status reports to the
monitor program. The incoming datagrams from the monitor program are
received on the main daemon socket (4803), but sending the status report
messages back uses it's own socket. This is not controlled by the
configuration file, but is only used for sending and the port number is
assigned from the ephermeal ports when a datagram is sent.
So I think there is not any problem with the extra udp socket existing,
as it is only used to send. The only reason it shows up in your list is
that we don't 'create' the socket only when we want to send traffic, but
leave it up all the time.
If you still think that's a problem or want to talk about it just let me
know.
Cheers,
Jonathan
On Fri, Mar 07, 2008 at 11:25:01AM +0100, Stefan Becker wrote:
> Hi daniel (and jonathan),
>
> Thanks for your replies. I did what you said and netstat -lpn got a little better. But there is still one entry which shouldnot be there:
>
> m1:~# netstat -lpn | grep spread
> tcp 0 0 10.10.100.10:4803 0.0.0.0:* LISTEN 12168/spread
> udp 0 0 10.10.100.10:4803 0.0.0.0:* 12168/spread
> udp 0 0 10.10.100.10:4804 0.0.0.0:* 12168/spread
> udp 0 0 0.0.0.0:47086 0.0.0.0:* 12168/spread
> unix 2 [ ACC ] STREAM HÖRT 798406539 12168/spread /tmp/4803
> m1:~#
>
> Here is my spread config:
>
> Spread_Segment 10.10.100.255 {
>
> m1 10.10.100.10 {
> D 10.10.100.10
> C 10.10.100.10
> }
>
> }
>
> Other than that i didnot change the default spread config. I am using spread Version 3.17.02 Built 5/March/2004 (debian package). I start spread with:
>
> m1:~# spread -n m1
>
> I use supervise for process monitoring just for info.
>
> Any other ideas?
>
> Greets,
> stefan
>
> -----Ursprüngliche Nachricht-----
> Von: Daniel F. Savarese [mailto:dfs at savarese.org]
> Gesendet: Donnerstag, 14. Februar 2008 18:08
> An: Stefan Becker
> Betreff: Re: [Spread-users] set ips to listen on
>
>
> I wrote:
> >If you don't want to hack spread to bind to a specific interface, then
> >you have to install firewall rules to prevent outside access. That's
>
> Sorry for replying. Obviously, I didn't know what I was talking about.
> As Jonathan indicated, the following works to force binding only to
> a specific interface (in this case, localhost):
>
> Spread_Segment 127.0.0.255:4803 {
> localhost 127.0.0.1 {
> D 127.0.0.1
> C 127.0.0.1
> }
> }
>
> _______________________________________________
> Spread-users mailing list
> Spread-users at lists.spread.org
> http://lists.spread.org/mailman/listinfo/spread-users
--
-------------------------------------------------------
Jonathan R. Stanton jonathan at cs.jhu.edu
Dept. of Computer Science
Johns Hopkins University
-------------------------------------------------------
More information about the Spread-users
mailing list