perfsonar-user - [perfsonar-user] Pollution of service directory
Subject: perfSONAR User Q&A and Other Discussion
List archive
- From: Brian Candler <>
- To: "" <>
- Subject: [perfsonar-user] Pollution of service directory
- Date: Tue, 9 Oct 2018 17:41:16 +0100
- Domainkey-signature: a=rsa-sha1; c=nofws; d=pobox.com; h=to:from:subject :message-id:date:mime-version:content-type :content-transfer-encoding; q=dns; s=sasl; b=MrZO6IyoVRwPRYcogrs n7smGwqgaW2swCnbxFs2boKfSSfV2zD5ZxWtX6QtpUB+l/FKmqLFYdMHsz7Zhd9Q EuuL2TwZvMtTE03hcC3CjoRmeMBh+G8dzssTsQqyuooKngQ5CHmnXbP4n8q+eiht 0+sWRFmJW+JziimDTgRK/kBA=
- Ironport-phdr: 9a23:aNmP2BIeCzygX59w9dmcpTZWNBhigK39O0sv0rFitYgRLfnxwZ3uMQTl6Ol3ixeRBMOHs60C07KempujcFRI2YyGvnEGfc4EfD4+ouJSoTYdBtWYA1bwNv/gYn9yNs1DUFh44yPzahANS47xaFLIv3K98yMZFAnhOgppPOT1HZPZg9iq2+yo9JDffwdFiCChbb9uMR67sRjfus4KjIV4N60/0AHJonxGe+RXwWNnO1eelAvi68mz4ZBu7T1et+ou+MBcX6r6eb84TaFDAzQ9L281/szrugLdQgaJ+3ART38ZkhtMAwjC8RH6QpL8uTb0u+ZhxCWXO9D9QLYpUjqg8qhrUgflhjkHOTAk82/ZhMJ/g61HrxyuvBF/35fUbZuJOPZicK7Qf9UXTndBUMZLUCxBB5uxYpYVD+oAJ+lYqZT2qkUUohu4GAasAP3gyiVVjXLxxqI2yfguHhvA3AM9G9IBrm7Uoc7tNKcVSu+1y6bJwS/fYPNR3Dfw8Y7FeQ0ir/GURb99cMXcxVMyGw7KjFics5HpMy+W2+gXsWWX8/JsWOGghmI9rwx9vCKjy8gyhoXTm44Yy1HJ+CNky4gvP9K4UlR0Ydu8HZtQqS6aM4x2T9s6Q25zoSo60bgGuYKjfCQX0pgn3xnfZOeAc4mH+B7sSOGRITJgiHJkfrKwmQqy/FChx+DzTMW4zVlHoyhfntXRqnwA1Abf58qbRvdl+0euwzeP1wTd6uFeJkA0kLLWJIU7zrEsjJUTt1nMHivol0Xsl6KWbkIk9fOv6+XoeLnpupicN4pshgHkLqsugtC/Afg/MgUWR2iU5/681LP4/U3+RrVFlOc2nrDEsJDBO8sbvLW0AwtU0oY49xa/FCmq3M4ZnXkBMFJKZgiHj473NFHSPvz0F+mwjEmxkGQj+/eTdKXsGJvWKX7KivL8Zrtnw09a1Acpy91DvdRZBqxLaKbrV1X/r9veBwV8Lhe52c7mDslwzIUTRTjJD6OEZvD8q1iNs8g1IuCKLKQcvjr5JuJts/SohnY/lVsQZ4Gx2pEQeDazGfEwcBbRWmblntpUSTRChQE5VuG/0FA=
My apologies...
I have been creating some test perfsonar instances for a workshop, using unroutable RFC6598 address space (100.64.0.0/10) - these are basically private addresses but they look like real ones.
Unfortunately it seems these test instances have ended up in the global services directory, with addresses 100.64.0.200-206.
I've now disabled the registration daemon, but you may want to purge this junk out of your database - I don't know if it auto-expires, and if so how long that takes.
I notice a few RFC1918 addresses in the database (e.g. 192.168.20.192, 192.168.7.153), so it might be worth having a filter to exclude those and other unroutable addresses.
There is a wider issue which I expect you've already considered: whether it would be better for perfsonar nodes to register themselves only when some of the host administration information has been configured, because at the moment it seems to be registering immediately even when this is all blank, and with a node access policy of "public" pre-selected. This means that the moment you create a new node on the network you may be unwittingly inviting people to use it, even if this wasn't something you intended.
Having said that, I acknowledge that the majority of perfsonar nodes *are* intended to be discoverable public resources, and you don't want to make it any harder than necessary for this to happen.
Regards,
Brian.
- [perfsonar-user] Pollution of service directory, Brian Candler, 10/09/2018
- Re: [perfsonar-user] Pollution of service directory, Andrew Lake, 10/10/2018
Archive powered by MHonArc 2.6.19.