Re: [RFC][PATCH 0/9] Network receive deadlock prevention for NBD
From: Peter Zijlstra <hidden>
Date: 2006-08-14 06:46:54
Also in:
linux-mm, lkml
On Mon, 2006-08-14 at 09:13 +0400, Evgeniy Polyakov wrote:
On Sun, Aug 13, 2006 at 01:16:15PM -0700, Daniel Phillips (phillips@google.com) wrote:quoted
Indeed. The rest of the corner cases like netfilter, layered protocol and so on need to be handled, however they do not need to be handled right now in order to make remote storage on a lan work properly. The sane thing for the immediate future is to flag each socket as safe for remote block IO or not, then gradually widen the scope of what is safe. We need to set up an opt in strategy for network block IO that views such network subsystems as ipfilter as not safe by default, until somebody puts in the work to make them safe.Just for clarification - it will be completely impossible to login using openssh or some other priveledge separation protocol to the machine due to the nature of unix sockets. So you will be unable to manage your storage system just because it is in OOM - it is not what is expected from reliable system.quoted
But really, if you expect to run reliable block IO to Zanzibar over an ssh tunnel through a firewall, then you might also consider taking up bungie jumping with the cord tied to your neck.Just pure openssh for control connection (admin should be able to login).
These periods of degenerated functionality should be short and infrequent albeit critical for machine recovery. Would you rather have a slower ssh login (the machine will recover) or drive/fly to Zanzibar to physically reboot the machine?