You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@kudu.apache.org by "Todd Lipcon (JIRA)" <ji...@apache.org> on 2017/08/22 05:02:00 UTC
[jira] [Commented] (KUDU-1900) Localhost connections to single-host
clusters on Ubuntu don't skip TLS
[ https://issues.apache.org/jira/browse/KUDU-1900?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16136284#comment-16136284 ]
Todd Lipcon commented on KUDU-1900:
-----------------------------------
Yea, I think if the remote address is in that loopback subnet that you mentioned we can skip TLS. No need for IPv6 since we don't currently support ipv6 sockets :)
> Localhost connections to single-host clusters on Ubuntu don't skip TLS
> ----------------------------------------------------------------------
>
> Key: KUDU-1900
> URL: https://issues.apache.org/jira/browse/KUDU-1900
> Project: Kudu
> Issue Type: Bug
> Components: perf, security
> Reporter: Todd Lipcon
>
> On Ubuntu, it seems like we sometimes end up with connections from 127.0.1.1 to 127.0.0.1 when running a local cluster and connecting to to it from the same machine. This is because Ubuntu puts an entry with the host's external hostname in /etc/hosts as 127.0.1.1, and the tablet server ends up registering with that name. The code that detects loopback connections sees the "127.0.0.1 -> 127.0.1.1" and decides it's not loopback.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)