Archive for the ‘Code’ Category
Windows Server 2008 appears to ignore GARPs entirely. There are some sketchy details here:
(Seems like a daft solution to a problem that need not exist if the bizarre “checking for ip already in use” behaviour was simply dropped).
On top of that, if an ARP entry is in continual use it appears to never drop it from its ARP cache — the intention here is sensible, less delay to having to send/wait for ARP responses, however it doesn’t seem to do this via making the odd ARP request and checking for a reply. I’m not sure how it does do it, but I’ve observed that on a router role transition the ARP cache entry just sits there, even though the router no longer answers ARP requests for the old IP, and the behaviour appears to be indefinite (I observed an entry stuck for 10 hours).
My first workaround for this was to dump the ARP cache every so often by a scheduled task on the windows machine, which isn’t very elegant but does at least work. This has quite a long delay on switchover though, or a performance hit if you dump the ARP cache quite frequently, and I wanted to avoid that.
So my second work around involves two bits of software that let the router force the Windows machines to clear their ARP caches. The first part is a Windows service (called ArpFlush) that basically just sits and listens for UDP packets sent to a specific port. When it sees one, it clears the ARP caches for all the interfaces on the machine. The second bit of software is a simple application that sends UDP packets to the ArpFlush service and causes the ARP caches to be cleared. To glue this up to a role transition in keepalived I simply attach a notify_master script that causes an ARP flush request to be sent to a network broadcast address.
As a vague attempt at security, the ARP flush request simply contains a password, and the ArpFlush service only accepts packets that contain a correct password. (These random UDP packets definitely ought to be dropped by the firewall though if from an external source so I’m not too worried about them). In addition, since UDP is unreliable, the client sends (by default) 5 UDP packets at 1 second intervals. To avoid clearing the cache multiple times, the ArpFlush service stops listening for (by default) 10 seconds after it sees a flush request.
If you want to set this up:
With any luck it should all be funky after that.
Note that the above software is licensed under GPLv2, and you can get a copy of the source code for the Windows service from the svn repository linked on the right. It relies on a set of libraries I use for sockets/services/etc; this is called OW32 and is licensed under LGPLv2. The code for OW32 is in the same place. To build it I used MS VC2005, and Wix for the installer packages.
I’ve made a small, but important update to CAsyncResolver in OW32. This adds a local “hosts” file cache, which dramatically speeds up looking up the obvious (localhost) as well as all the rest of the entries using a couple of STL maps. Basically I did this for Yam, my MTA-in-development, as it was proving the biggest bottleneck for looping messages around between a pair of them. In order to use the cache, you need to create and pass a CFileWatcher to CAsyncResolver::initialise. I suppose strictly, this doesn’t need to be a requirement, but it will do for now — I can’t imagine a situation under which you _wouldn’t_ want the hosts file cache to get updated when the hosts file changes.
Next will be more IMAP, I think, although I might write some notes up on a few historical bits of code first.
It’s now at version 0.85.1 (here), so no longer out of date.
I also fixed:
Oh well, nearly 5am so time for bed I suppose…
I spent the last few days doing a native Win32 port of ClamAV, to support Yam (my MTA, which is a work in progress but getting there, see SVN for the code). It wasn’t too hard, but I really need some test suites to see if the detection rate has been affected at all.
Hopefully, I’ll be able to get some interest from the maintainers. The clamav-devel list seems pretty silent to me, although there’s enough activity to tell me that the project isn’t dead (the engine version is already out of date for example!).
Oh, nearly forgot, I added an MSI installer (playing with WiX, which is kind of love/hate at the moment although most of the latter is to do with MSI), here.
I’ve also put the code in SVN (http://svnbook.red-bean.com/ let me know how to do a vendor import), so see the SVN post for details on how to peruse that. Patches are updated and uploaded here.
http://www.redstilts.com/events.php?p=3-8848 rlidtaD tryraVeu Toamtroe eanr
sell used rolex
bergeon brush pen 2834 rolex
rolex daytona chronograph
rolex new watches
antiquorum rolex red dial
rolex wave dials
replica rolex box
rolex date just roman numerals ss
rolex gold watches
rolex stainless steel black dial
uk rolex retail shops
rolex for sale uk
rolex oyster royal dial
airline tickets flights paris france madrid spain
coach class airfares low cost airline tickets