[zeromq-dev] SOLUTION-- Encryption failure problem and wireless connectivity

Steve Murphy murf at parsetree.com
Thu Dec 11 16:17:21 CET 2014


Hello, fellow zeromq devs!

Some months ago, I posted a problem I was having,
that was quite vexing. Since then, I figured it out, and
thought I should share before it completely gets forgotten.

The problem appeared at first blush, to be an incompatibility
​between Ubuntu and CentOS. My home node is running
Ubuntu, and all my other nodes were mostly CentOS. All
the CentoOS nodes were behaving normally, with CURVE
encryption between them. But on my home Ubuntu machine,
the same code would not establish an encrypted connection.

At last, after wiresharking the back and forth protocol of CURVE
encryption, I saw that the protocol seemed to get to a certain
stage, and then just quit. I delved deeper and deeper into the code
underneath, and still, no particular failure point!

Then it hit me: My home is connected to the internet via a wireless
connection. Could it be my connection? I did an MTR betwen my home
machine and the other centOS mechines, and sure enough, I was
seeing a 50% packet loss! I had not noticed any performance drop
in my connection; no slowdowns. Normally mtr between my home and
the internet is pretty clean, but that week, it was a bit shaky.

Moved the testing off my machine and no problem.

So, I think I may have a found a packet loss percentage at which
CURVE encryption will no longer operate (but unencrypted connections will),
but, to be fair, the connection is via Motorola Canopy hardware, and the
other end of the link is somewhere near 6 miles away. Packet losses
in that environment could get somewhat selective as to size or timing.

Just a heads-up to the other newbies on this mailing list, of a possible
pitfall, and how to detect it.

murf


​

-- 

Steve Murphy
ParseTree Corporation
57 Lane 17
Cody, WY 82414
✉  murf at parsetree dot com
☎ 307-899-5535
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.zeromq.org/pipermail/zeromq-dev/attachments/20141211/75a7f12f/attachment.htm>


More information about the zeromq-dev mailing list