Re: [RFC][PATCH 0/9] Network receive deadlock prevention for NBD

Peter Zijlstra wrote:
On Wed, 2006-08-09 at 16:54 -0700, David Miller wrote:
People are doing I/O over IP exactly for it's ubiquity and
flexibility. It seems a major limitation of the design if you cancel
out major components of this flexibility.

We're not, that was a bit of my own frustration leaking out; I think this whole push to IP based storage is a bit silly. I'm just not going to help the admin who's server just hangs because his VPN key expired.

Running critical resources remotely like this is tricky, and every hop/layer you put in between increases the risk of something going bad.
The only setup I think even remotely sane is a dedicated network in the
very same room - not unlike FC but cheaper (which I think is the whole
push behind this, eth is cheap)

Indeed. The rest of the corner cases like netfilter, layered protocol and
so on need to be handled, however they do not need to be handled right now
in order to make remote storage on a lan work properly. The sane thing for
the immediate future is to flag each socket as safe for remote block IO or
not, then gradually widen the scope of what is safe. We need to set up an
opt in strategy for network block IO that views such network subsystems as
ipfilter as not safe by default, until somebody puts in the work to make
them safe.

But really, if you expect to run reliable block IO to Zanzibar over an ssh
tunnel through a firewall, then you might also consider taking up bungie
jumping with the cord tied to your neck.

Regards,

Daniel
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Relevant Pages

  • Re: Clever lockbox design needed
    ... Connect them in parallel to the contacts of the push ... button on your remote. ... Here in TN not even locksmiths have a key, but I took the TVA ... lock to my locksmith and he got a lock that would ...
    (rec.crafts.metalworking)
  • Re: Site VPN failed between Checkpoint AI R55 gateways
    ... In fact i can push the policies without any problem. ... :>> We are configuring new firewall in our local and remote office. ... Information Technology - Baylor College of Medicine ...
    (comp.security.firewalls)
  • Re: How to access system information?
    ... > When a technician came out to check on a problem, he used my remote ... > control and brought up a screen with dozens and dozens of lines of ... How can I access this screen listing? ... What do I push to make it go away? ...
    (alt.tv.tech.hdtv)
  • Re: Question: Choosing/Using an SSR
    ... The existing remote is nothing more than 3 push buttons ... I'm having some trouble interfacing the RF remote circuitry with the ... The SSR was behaving ...
    (sci.electronics.basics)
  • Re: Synchronizing to a network
    ... to the remote host if so. ... Push works better for a centralized authority while push works better ... but behind a "hard firewall" they're fine. ... rsync runs on MacOS X and will update remote MacOS X directories. ...
    (comp.sys.mac.system)