Re: [Sks-devel] peering with non-standard hkp

sks-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Sks-devel] peering with non-standard hkp_port [was: pool.sks-keyser

From:	John Marshall
Subject:	Re: [Sks-devel] peering with non-standard hkp_port [was: pool.sks-keyservers.net in seahorse]
Date:	Thu, 7 Apr 2011 08:21:54 +1000
User-agent:	Mutt/1.4.2.3i

On Wed, 06 Apr 2011, 11:03 -0400, Jonathon Weiss wrote:
> Knocking a hole in the firewall is an option, but I'd like to try one or
> two other things first.  I've made an attempt to convince my recon
> server to report port 11371 as the hkp port.  I'd appreciate it if one
> of you could touch your membership file, and see if key retrevals are
> now working.

My recon process is still being directed to port 17311 to fetch keys.
Timestamps are UTC +1000, so what I show below is what happened during
the past hour or so.

-rw-r--r--  1 sks  sks  95139 Apr  7 06:40 diff-18.9.60.141_17311.txt

2011-04-07 06:40:08 2883 hashes recovered from <ADDR_INET [18.9.60.141]:17311>
2011-04-07 06:40:28 Requesting 100 missing keys from <ADDR_INET 
[18.9.60.141]:17311>, starting with 000976444E315A481336F6CC11B3E4ED
2011-04-07 06:41:43 Error getting missing keys: Unix error: Operation timed out 
- connect()
...
2011-04-07 07:15:30 Requesting 100 missing keys from <ADDR_INET 
[18.9.60.141]:17311>, starting with F019BD47C4DF225C44938EF08538A0E0
2011-04-07 07:16:45 Error getting missing keys: Unix error: Operation timed out 
- connect()
2011-04-07 07:16:50 Requesting 83 missing keys from <ADDR_INET 
[18.9.60.141]:17311>, starting with F94BD5C89E2624C2E9A34CEDCE8B5920
2011-04-07 07:18:04 Error getting missing keys: Unix error: Operation timed out 
- connect()

> Additionally, if there's any way for me to externally probe my recon
> server to see what it is reporting, I'd be interested in hearing about
> it.

Whatever you have configured in sksconf or on the command line as the
hkp_port should be it.  You can see what your server thinks it is by
looking on your stats page at the HTTP port value.

  SKS OpenPGP Keyserver statistics
  Taken at 2011-04-06 03:01:57 EST
  Settings
  Hostname:     pgp.mit.edu
  Version:      1.1.0
  HTTP port:    17311
  Recon port:   11370
  Debug level:  4 

Other than that, I think you'd need to set up a peer and watch its recon
log.  If you probe from a host which isn't in you membership file, the
probe will be ignored.

-- 
John Marshall

pgpxocAKOndEC.pgp
Description: PGP signature

[Prev in Thread]

Current Thread

[Next in Thread]

Re: [Sks-devel] pool.sks-keyservers.net in seahorse, Jonathon Weiss, 2011/04/01
- Re: [Sks-devel] pool.sks-keyservers.net in seahorse, John Clizbe, 2011/04/02
  - Re: [Sks-devel] pool.sks-keyservers.net in seahorse, Jonathon Weiss, 2011/04/04
    - Re: [Sks-devel] pool.sks-keyservers.net in seahorse, John Clizbe, 2011/04/04
    - Re: [Sks-devel] pool.sks-keyservers.net in seahorse, Kim Minh Kaplan, 2011/04/05
    - Re: [Sks-devel] pool.sks-keyservers.net in seahorse, John Clizbe, 2011/04/05
    - Re: [Sks-devel] pool.sks-keyservers.net in seahorse, John Marshall, 2011/04/06
    - Re: [Sks-devel] pool.sks-keyservers.net in seahorse, Jonathon Weiss, 2011/04/06
    - Re: [Sks-devel] peering with non-standard hkp_port [was: pool.sks-keyservers.net in seahorse], John Marshall <=

Prev by Date: Re: [Sks-devel] Are IPv6-only keyservers acceptable in the pool?
Next by Date: [Sks-devel] sks.teanfordhouse.com
Previous by thread: Re: [Sks-devel] pool.sks-keyservers.net in seahorse
Next by thread: [Sks-devel] keyserver.serviz.fr = down
Index(es):
- Date
- Thread