LVS
lvs-users
[Top] [All Lists]
Google
 
Web LinuxVirtualServer.org
<prev [Date] next> <prev [Thread] next>

[lvs-users] Bug: With checktype=negotiate, check_pop() always thinks a r

from [Tom Connell] [Permanent Link]
To: "'lvs-users@xxxxxxxxxxxxxxxxxxxxxx'" <lvs-users@xxxxxxxxxxxxxxxxxxxxxx>
Subject: [lvs-users] Bug: With checktype=negotiate, check_pop() always thinks a real server is working.
From: Tom Connell <TConnell@xxxxxxxxxxxxx>
Date: Thu, 4 Oct 2012 16:49:28 -0600 
Greetings:

We have been using ldirectord in our HA implementation for many years.  Whoa, 
now that I think about it, we could be coming up on a decade of use!  Thank you 
for a great program.

A while back, I noticed a problem within the check_pop() sub.  When our real 
servers' POP3 would stop responding, ldirectord did not remove those servers 
from the cluster.  That's not good!  We are using checktype=negotiate.  
checktype=connect works as I expect.

After a few months I finally got around to looking into it, as it was a problem 
of some importance.  You know, service failures, whatever.  ;)   After poking 
around a bit, I discovered that the constructor for the Mail::POP3Client always 
returns an object, even if it cannot connect to the server.  
http://search.cpan.org/~sdowd/Mail-POP3Client-2.16/POP3Client.pm says: "new 
returns a valid Mail::POP3Client object in all cases."  So the code that does

if (!$pop)

is never going to trigger.

Our system is using the ldirectord version that came with Debian 6, 1:1.0.3-3.  
I did check the newest version to see if the code had the same flaw.

Since it did, I figured I would attempt fix the problem on my own, with the 
patch below:

--- ldirectord  2010-07-08 04:21:56.000000000 -0600
+++ ldirectord.new      2012-10-04 16:37:02.000000000 -0600
@@ -2807,7 +2807,7 @@
                                        DEBUG => 0,
                                        TIMEOUT => $$v{negotiatetimeout});
-       if (!$pop) {
+       if ( $pop->Count() == -1 ) {
                service_set($v, $r, "down", {do_log => 1});
                return $SERVICE_DOWN;
        }

This patch works, but only when I provide a valid login= and passwd=.  Based on 
my reading of the Mail::POP3Client documentation and my experiments, it does 
not look like there is a way to use this pop3 perl module without a username 
and password for login.  The man page for ldirectord says that lack of a 
username "denotes that case authentication will not be attempted."  This makes 
me think that check_pop() should work with or without credentials, but since 
that does not seem possible with any simple code changes, I do not know how I 
should further patch this function.

For us, using checktype=connect will be sufficient, but I wanted to let the 
list know about this bug, my patch and the conundrum it revealed.  Hopefully 
the powers that be can make the call on what to do from here.

Here is the debug output from Mail::POP3Client's new(), when I have not 
provided login credentials:
==================================================================
DEBUG2: Checking pop server=10.10.10.53 port=110 ssl=0
POP3 <- +OK mfe6 Cyrus POP3 Murder v2.2.13-Debian-2.2.13-19+squeeze3 server 
ready
 at /usr/sbin/ldirectord.new line 2802
POP3 -> CAPA
at /usr/sbin/ldirectord.new line 2802
POP3 <- +OK List of capabilities follows
at /usr/sbin/ldirectord.new line 2802
POP3 <- STLS
at /usr/sbin/ldirectord.new line 2802
POP3 <- EXPIRE NEVER
at /usr/sbin/ldirectord.new line 2802
POP3 <- LOGIN-DELAY 0
at /usr/sbin/ldirectord.new line 2802
POP3 <- TOP
at /usr/sbin/ldirectord.new line 2802
POP3 <- UIDL
at /usr/sbin/ldirectord.new line 2802
POP3 <- PIPELINING
at /usr/sbin/ldirectord.new line 2802
POP3 <- RESP-CODES
at /usr/sbin/ldirectord.new line 2802
POP3 <- AUTH-RESP-CODE
at /usr/sbin/ldirectord.new line 2802
POP3 <- USER
at /usr/sbin/ldirectord.new line 2802
POP3 <- IMPLEMENTATION Cyrus POP3 Murder server 
v2.2.13-Debian-2.2.13-19+squeeze3
at /usr/sbin/ldirectord.new line 2802
POP3 <- .
at /usr/sbin/ldirectord.new line 2802
POP3 -> USER
 at /usr/sbin/ldirectord.new line 2802
POP3 <- -ERR Syntax error
at /usr/sbin/ldirectord.new line 2802
==================================================================

Thanks for your time, and let me know if I was not clear on anything,

Tom


--
Thomas Connell
Internet Administrator
[cid:image005.png@01CDA250.3842AEB0]<http://modwest.com/>[cid:image003.png@01CDA249.6BA721C0]
Modwest
1221 North Russell Street
Missoula, MT  59808
Phone: 406-541-5796
Mobile: 406-531-5520
Email: tconnell@xxxxxxxxxxx<mailto:tconnell@xxxxxxxxxxx>
Web: modwest.com<http://modwest.com/>
[cid:image004.gif@01CDA249.6BA721C0]<http://twitter.com/modwest>Engage & Learn: 
Follow us on Twitter @modwest<http://twitter.com/modwest>

PNG image

GIF image

PNG image

_______________________________________________
Please read the documentation before posting - it's available at:
http://www.linuxvirtualserver.org/

LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
or go to http://lists.graemef.net/mailman/listinfo/lvs-users
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
  • [lvs-users] Bug: With checktype=negotiate, check_pop() always thinks a real server is working., Tom Connell <=
Previous by Date:  Re: [lvs-users] IPVS, linux containers, virtual bridge, Graeme Fowler
Next by Date:  [lvs-users] Persistence Confusion, Jason Ledford
Previous by Thread:  [lvs-users] 2 IPs routing to same servers, Alan Morais
Next by Thread:  [lvs-users] Persistence Confusion, Jason Ledford
Indexes:  [Date] [Thread] [Top] [All Lists]