You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@qpid.apache.org by "Alan Conway (JIRA)" <ji...@apache.org> on 2016/06/14 15:47:01 UTC
[jira] [Comment Edited] (DISPATCH-244) SASL library generates
un-necessary DNS and LDAP requests
[ https://issues.apache.org/jira/browse/DISPATCH-244?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15329694#comment-15329694 ]
Alan Conway edited comment on DISPATCH-244 at 6/14/16 3:46 PM:
---------------------------------------------------------------
The unexpected DNS/LDAP traffic may be related to the SASL failures in PROTON-224. In both cases the problems are observed on a system with Kerberos authentication via VPN. Running an old qpid 0.34 client gives the following client-side error:
{code}
qpid-send: internal-error: Sasl error: SASL(-1): generic failure: GSSAPI Error: Unspecified GSS failure. Minor code may provide more information (Server krbtgt/LOCALDOMAIN@REDHAT.COM not found in Kerberos database) (/home/aconway/rh-qpid-0.34mc/qpid/cpp/src/qpid/SaslFactory.cpp:318)
{code}
was (Author: aconway):
The unexpected DNS/LDAP traffic may be related to the SASL failures in PROTON-223. In both cases the problems are observed on a system with Kerberos authentication via VPN. Running an old qpid 0.34 client gives the following client-side error:
{code}
qpid-send: internal-error: Sasl error: SASL(-1): generic failure: GSSAPI Error: Unspecified GSS failure. Minor code may provide more information (Server krbtgt/LOCALDOMAIN@REDHAT.COM not found in Kerberos database) (/home/aconway/rh-qpid-0.34mc/qpid/cpp/src/qpid/SaslFactory.cpp:318)
{code}
> SASL library generates un-necessary DNS and LDAP requests
> ---------------------------------------------------------
>
> Key: DISPATCH-244
> URL: https://issues.apache.org/jira/browse/DISPATCH-244
> Project: Qpid Dispatch
> Issue Type: Bug
> Components: Tests
> Affects Versions: 0.5
> Reporter: Alan Conway
> Assignee: Alan Conway
> Fix For: 0.7.0
>
>
> The dispatch system tests (e.g. system_tests_management) run very slowly when connected to a VPN.
> - about 10x slower on VPN configured to use TCP connection
> - about 5x slower on VPN configured for UDP connection
> Wireshark shows unexpected LDAP and DNS queries on the VPN interface. `wallace` below is the local host name, but is not mentioned in any tests so must be picked up by proton or dispatch at runtime:
> {code}
> 1 0.000000000 10.3.113.108 10.11.6.1 LDAP 242 searchRequest(11) "dc=redhat,dc=com" wholeSubtree
> 2 0.035161000 10.3.113.108 10.5.30.160 DNS 72 Standard query 0xd03f A wallace.lab.bos.redhat.com
> {code}
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@qpid.apache.org
For additional commands, e-mail: dev-help@qpid.apache.org