[zeromq-dev] SOLUTION-- Encryption failure problem and wireless connectivity

Steve Murphy murf at parsetree.com
Sun Dec 14 02:47:47 CET 2014


Pieter--

C
​ould you elaborate a little on the coincidence?
I, and maybe others, could benefit by your thoughts,
I believe!

murf

​

On Thu, Dec 11, 2014 at 10:45 AM, Pieter Hintjens <ph at imatix.com> wrote:
>
> Since CurveZMQ runs over TCP, and the encryption is entirely
> abstracted from the network, this is probably coincidence.
>
> On Thu, Dec 11, 2014 at 4:17 PM, Steve Murphy <murf at parsetree.com> wrote:
> > Hello, fellow zeromq devs!
> >
> > Some months ago, I posted a problem I was having,
> > that was quite vexing. Since then, I figured it out, and
> > thought I should share before it completely gets forgotten.
> >
> > The problem appeared at first blush, to be an incompatibility
> > between Ubuntu and CentOS. My home node is running
> > Ubuntu, and all my other nodes were mostly CentOS. All
> > the CentoOS nodes were behaving normally, with CURVE
> > encryption between them. But on my home Ubuntu machine,
> > the same code would not establish an encrypted connection.
> >
> > At last, after wiresharking the back and forth protocol of CURVE
> > encryption, I saw that the protocol seemed to get to a certain
> > stage, and then just quit. I delved deeper and deeper into the code
> > underneath, and still, no particular failure point!
> >
> > Then it hit me: My home is connected to the internet via a wireless
> > connection. Could it be my connection? I did an MTR betwen my home
> > machine and the other centOS mechines, and sure enough, I was
> > seeing a 50% packet loss! I had not noticed any performance drop
> > in my connection; no slowdowns. Normally mtr between my home and
> > the internet is pretty clean, but that week, it was a bit shaky.
> >
> > Moved the testing off my machine and no problem.
> >
> > So, I think I may have a found a packet loss percentage at which
> > CURVE encryption will no longer operate (but unencrypted connections
> will),
> > but, to be fair, the connection is via Motorola Canopy hardware, and the
> > other end of the link is somewhere near 6 miles away. Packet losses
> > in that environment could get somewhat selective as to size or timing.
> >
> > Just a heads-up to the other newbies on this mailing list, of a possible
> > pitfall, and how to detect it.
> >
> > murf
> >
>
-- 

Steve Murphy
ParseTree Corporation
57 Lane 17
Cody, WY 82414
✉  murf at parsetree dot com
☎ 307-899-5535
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.zeromq.org/pipermail/zeromq-dev/attachments/20141213/895c54a8/attachment.htm>


More information about the zeromq-dev mailing list