Suppose I have a mobile device, and I roam from one peer to another in
the same organization. The old peer will continue to believe that I'm
connected through it until it notices, some time later, that pings
aren't getting through to me; it will therefore be sending packets to me
through its broken tunnel. Suppose further that the organization is
using some dynamic routing protocol in order to propagate information
about how packets to me ought to be routed: then, this old peer will be
continuing to advertise its broken route to me, and all hosts closer to
the old peer than the new one will use the wrong route, until the
connection gets pinged out.
We can fix this by having the mobile peer send some explicit
notification. It doesn't have to be completely reliable, fortunately.
This change touches a fair few pieces of the code, but in simple ways.
* `connect' grows a new command to map a user name to a peer name.
* `watch' grows the ability to issue a `disconnect' command.
* The default `peers.in' file passes an explicit argument in its
`connect' SSH rune, and adds a `disconnect' rune with a different
action argument.
* The contributed `knock' script knows about these new actions, and
how to pass them about. This is pretty much a rewrite, but it was a
very simple program before.
: ${tripectl=$bindir/tripectl}
export TRIPEDIR TRIPESOCK
: ${tripectl=$bindir/tripectl}
export TRIPEDIR TRIPESOCK
-case "$#,$1,$2" in
-
- 2,-c,*:*)
- ## Proxy through to another server.
- server=${2%:*} user=${2##*:}
- exec ssh "$server" "$user"
+## Make sure we're being called properly, and figure out the peer identity.
+case "$#,$1" in
+ 2,-c) ;;
+ *)
+ echo >&2 "usage: $0 -c '[SERVER:]PEER [hello|goodbye]'"
+ exit 1
- 2,-c,*)
- ## Connect to the local tripe server.
- exec $tripectl SVCSUBMIT connect passive "$2"
- ;;
+## SSH has smushed all of our arguments together, so let's split them apart
+## again.
+set -- $2
+
+## Examine the peer identifier and work out how to proceed.
+case "$#,$1" in
+ 0,*) echo >&2 "$0: missing peer identifier"; exit 1 ;;
+ *:*) mode=proxy server=${1%:*} user=${1##*:} ;;
+ *) mode=local user=$1 ;;
+esac
+shift
+## If there's no action then check to see whether SSH has hidden one
+## somewhere. Make sure the command looks sensible.
+case "$#" in 0) set -- $SSH_ORIGINAL_COMMAND ;; esac
+case "$#,$1" in
+ 0, | 1,hello) act=hello ;;
+ 1,goodbye) act=goodbye ;;
+ *) echo >&2 "$0: unknown action spec \`$*'"; exit 1 ;;
+esac
+
+## Now actually do something.
+case "$mode,$act" in
+ proxy,*)
+ exec ssh "$server" "$user" "$act"
+ ;;
+ local,hello)
+ exec $tripectl SVCSUBMIT connect passive "$user"
+ ;;
+ local,goodbye)
+ peer=$($tripectl SVCSUBMIT connect userpeer "$user")
+ exec $tripectl KILL "$peer"
+ ;;
- ## Anything else is an error.
- echo >&2 "usage: $0 -c [SERVER:]PEER"
+ echo >&2 "$0: unknown mode/action $mode/$act"
+tripe (1.0.0pre12) experimental; urgency=low
+
+ * tripe-peer-services: Add machinery for notifying a peer that we no
+ longer require its services.
+
+ -- Mark Wooding <mdw@distorted.org.uk> Sat, 05 Jan 2013 07:50:33 +0000
+
tripe (1.0.0pre11.1) experimental; urgency=low
* tripe: Fix segfault from PEERINFO command.
tripe (1.0.0pre11.1) experimental; urgency=low
* tripe: Fix segfault from PEERINFO command.
;; connect: shell command to use to wake up the remote peer and establish the
;; connection.
;; connect: shell command to use to wake up the remote peer and establish the
;; connection.
-connect = ssh -q $(ssh-user)@$[$(host)]
+connect = ssh -q $(ssh-user)@$[$(host)] hello
+
+;; disconnect: shell command to use to shut the remote peer down.
+disconnect = ssh -q $(ssh-user)@$[$(host)] goodbye
;; keepalive: how often to send NOP packets to keep the connection alive, at
;; least in the minds of intermediate stateful firewalls and NAT routers.
;; keepalive: how often to send NOP packets to keep the connection alive, at
;; least in the minds of intermediate stateful firewalls and NAT routers.
Don't initiate immediate key exchange. Used by
.BR connect (8).
.TP
Don't initiate immediate key exchange. Used by
.BR connect (8).
.TP
+.B disconnect
+Shell command for closing down connection to this peer. Used by
+.BR watch (8).
+.TP
.B every
Interval for checking that the peer is still alive and well. Used by
.BR watch (8).
.B every
Interval for checking that the peer is still alive and well. Used by
.BR watch (8).
seconds are assumed.
.\"-opts
.RE
seconds are assumed.
.\"-opts
.RE
+.SP
+.BI "userpeer " user
+Output a single
+.B INFO
+line identifying the peer corresponding to the
+.I user
+name.
.
.\"--------------------------------------------------------------------------
.SH "ERROR MESSAGES"
.
.\"--------------------------------------------------------------------------
.SH "ERROR MESSAGES"
.SP
.BI "unknown-user " user
(For
.SP
.BI "unknown-user " user
(For
+.B passive
+and
+.BR userinfo .)
There is no record of
.I user
in the database.
There is no record of
.I user
in the database.
for i in items:
T.svcinfo('%s=%s' % (i, peer.get(i)))
for i in items:
T.svcinfo('%s=%s' % (i, peer.get(i)))
+def cmd_userpeer(user):
+ """
+ userpeer USER: Report the peer name for the named user.
+ """
+ try:
+ peer = CDB.init(opts.cdb)['U' + user]
+ except KeyError:
+ raise T.TripeJobError('unknown-user', user)
+ T.svcinfo(peer)
+
## Dictionary mapping challenges to waiting passive-connection coroutines.
chalmap = {}
## Dictionary mapping challenges to waiting passive-connection coroutines.
chalmap = {}
'passive': (1, None, '[OPTIONS] USER', cmd_passive),
'active': (1, 1, 'PEER', cmd_active),
'info': (1, 1, 'PEER', cmd_info),
'passive': (1, None, '[OPTIONS] USER', cmd_passive),
'active': (1, 1, 'PEER', cmd_active),
'info': (1, 1, 'PEER', cmd_info),
- 'list': (0, 0, '', cmd_list)
+ 'list': (0, 0, '', cmd_list),
+ 'userpeer': (1, 1, 'USER', cmd_userpeer)
})]
if __name__ == '__main__':
})]
if __name__ == '__main__':
where
.I our-name
is the remote peer's name for this host.
where
.I our-name
is the remote peer's name for this host.
+.PP
+Similarly, if the database record has a
+.B disconnect
+entry, then
+.B watch
+will use this to give the peer explicit notification that its services
+are no longer needed. The value f the
+.B disconnect
+key is invoked as a Bourne shell command. This ought to result in a
+.B KILL
+command being issued to the peer's server.
.SS "Operation"
On startup,
.B watch
.SS "Operation"
On startup,
.B watch
A child spawned in order to establish a dynamic connection with
.IR peer .
.SP
A child spawned in order to establish a dynamic connection with
.IR peer .
.SP
+.BI "disconnect " peer
+A child spawned in order to shut down a dynamic connection with
+.IR peer .
+.SP
.BI "ifdown " peer
A child spawned to deconfigure the network interface for
.IR peer .
.BI "ifdown " peer
A child spawned to deconfigure the network interface for
.IR peer .
q.get()
potwatch('connect', peer, q)
q.get()
potwatch('connect', peer, q)
+def disconnect(peer, disconn = None):
+ """
+ Start the job of disconnecting from a passive PEER.
+
+ The DISCONN string is a shell command which will disconnect from the peer.
+ """
+ if disconn is None:
+ try:
+ conn = peerinfo(peer)['disconnect']
+ except KeyError:
+ return
+ q = T.Queue()
+ cmd = Command(['disconnect', peer], q, 'disconnect',
+ ['/bin/sh', '-c', disconn], None)
+ potwatch('disconnect', peer, q)
+
_pingseq = 0
class PingPeer (object):
"""
_pingseq = 0
class PingPeer (object):
"""
pinger.kill(peer)
except KeyError:
pass
pinger.kill(peer)
except KeyError:
pass
+ if 'disconnect' in info:
+ T.Coroutine(disconnect, name = 'disconnect %s' % peer) \
+ .switch(peer, info['disconnect'])
if 'ifdown' in info:
T.Coroutine(ifupdown, name = 'ifdown %s' % peer) \
.switch('ifdown', peer, info)
if 'ifdown' in info:
T.Coroutine(ifupdown, name = 'ifdown %s' % peer) \
.switch('ifdown', peer, info)