[DRBD-user] encryption and compression ?!?

Lars Ellenberg Lars.Ellenberg at linbit.com
Fri Jul 23 15:36:50 CEST 2004

Note: "permalinks" may not be as permanent as we would like,
direct links of old sources may well be a few messages off.

/ 2004-07-23 15:18:06 +0200
\ Bruno Depero:
> Thank you for answer but still not clear... Surely I'm not understanding...
> 
> I made two tunnels... before starting drbd.
> Let's call host1 and host2 my test pc's.
> On host1 I have a server on port 7791 who redirects any request to the 
> port 7788 on the host2.
> On host2 the same: every request on port 7791 will be redirected to the 
> 7788 on host1.
> So I guess there is a double-way tunnel.
> 
> Host2 will be the secondary drbd machine. So there I start drbsetup 
> /dev/nb1 disk /dev/hda4 internal -1 ... drbdsetup /dev/nb1 net 
> host2:7788 host2:7791
> In this way I set local machine as host2 on port 7788, remote on the 
> same but port 7791... it will be redirected on host1:7788 by ssh or zebedee.
> 
> Host1: drbdsetup /dev/nb1 disk /dev/hda8 internal -1 ... drbdsetup 
> /dev/nb1 net host1:7788 host1:7791 so the same...
> Logs on ssh or zebedee reports that there is no server on port 7788 on 
> both machines ! So a machine tunnels correcylt, but to the other machine 
> the software cannot find anything on that port.
> 
> If I do this things with a sql server, e.g. interbase, it works fine. 
> Ssh (port 22) works fine too. But these are simply server-client 
> connections.
> With drbd no server on 7788 neither on host1 nor host2.
> I guess drbd works in the same way... both hosts has a server and a 
> client, isn't ?!?
> 
> I'm really sorry to bother you about this... if you have a minute please 
> try to explain me what's wrong in my mind. Maybe drbd doesn't work in 
> server/client I guess to be....


this all sounds a little bit confused.
I'd rather setup something "transparent" on the layer below ...
but if you want to try to do it with your "redirect" server:
 you want to make sure drbd traffic goes not directly over the wire.
 so you have your encrytion/compression server listening on the
 localhost, and after encryption/compression proxy things through to the
 peers E/C server, which will decrypt/decrompress and forward locally
 there again.
 so, you need to point drbd to two local adresses.
 even the "remote" address for drbd is a local one, right?

for the question what connection drbd uses:
it uses _two_ tcp connections.

so you have
  drbd  7788       --------  someport  drbd
  drbd otherport   --------    7788    drbd

and you want to have
  drbd                     drbd
   7788 otherport           7788 otherport
    |    |                   |    |
    |    |                   |    |
     your      ==========     your  
  E/C server    "tunnel"   E/C server



hth.

	Lars Ellenberg

-- 
please use the "List-Reply" function of your email client.

More information about the drbd-user mailing list