Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add IP address configuration analysis #28

Open
WadeBarnes opened this issue Mar 21, 2021 · 2 comments
Open

Add IP address configuration analysis #28

WadeBarnes opened this issue Mar 21, 2021 · 2 comments
Labels
enhancement New feature or request good first issue Good for newcomers help wanted Extra attention is needed

Comments

@WadeBarnes
Copy link
Member

WadeBarnes commented Mar 21, 2021
edited
Loading

In order to ensure established best practices we want to ensure a node has been configured to use separate NICs for node and client communications, and they have been configured with different IP addresses on different subnets.

There can be two levels to this:

  • The public level which is reported in the node summary of each node (client-address and node-address fields). This data is based on the registration information for the node on the ledger.
  • The private level which is reported by a node during an authenticated validator-info call (Node_ip and Client_ip fields). This data is based on the configuration of the node itself.

This is to address Network interfaces (IPs and Ports) discussions here; #24 (comment)

The implementation should build on the analysis plugin once merged; #26

Requirements:

  • Ensure the public IPs for a given node are different, and are on different subnets. Generate descriptive warning report(s) (in the warnings list) for any detected issues.
  • Ensure the private IPs for a given node are different, and are on different subnets. Generate descriptive warning report(s) (in the warnings list) for any detected issues.
  • Ensure the private IPs are bound to separate NICs. Requires; Add more detailed hardware metrics to the collection and output of validator-info indy-node#1669
@WadeBarnes WadeBarnes added enhancement New feature or request good first issue Good for newcomers help wanted Extra attention is needed labels Mar 21, 2021
@WadeBarnes WadeBarnes mentioned this issue Mar 21, 2021
Closed
@lohanspies
Copy link

@WadeBarnes can we maybe also include an indicator from a tool like netstat and ifconfig to ensure the two IPs bind to the validator and client ports respectively. Not sure if this is really needed, but purely testing if there are two IPs on different subnets don't necessarily indicate that the services are bound to different NICs.

@WadeBarnes
Copy link
Member Author

@WadeBarnes can we maybe also include an indicator from a tool like netstat and ifconfig to ensure the two IPs bind to the validator and client ports respectively. Not sure if this is really needed, but purely testing if there are two IPs on different subnets don't necessarily indicate that the services are bound to different NICs.

@lohanspies, I've updated the related tickets to address this.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request good first issue Good for newcomers help wanted Extra attention is needed
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@WadeBarnes @lohanspies