[volunteergrid2-l] NAT/Firewall problems

[Shawn Willden]

As is very common when setting up a grid or adding nodes to it, there's a
node on volunteergrid2 that isn't fully accessible.  This got me to
thinking.  It's likely that this issue has been discussed previously, but if
so I haven't heard the rationale for the solution, and I'll bet others
haven't either.

The way Tahoe works now, two nodes can communicate with one another if
either of them can reach the other.  So if one is hidden behind a firewall
or a NATing router, they can still communicate just fine.  On the surface,
this seems like a feature, but I think it may be a bug.

It would absolutely be a feature if it weren't for the fact that eventually
a second hidden node will be added to the grid, and the two hidden nodes can
communicate with every other node, but not with each other.  Then we
struggle to figure out why.  To old Tahoe hands, it's obvious, of course,
but to newbies it's another non-obvious bump in the learning curve.

This makes me wonder if we wouldn't actually be better off if Tahoe "failed
fast" in this situation, making the problem immediately clear and also
providing a clear error message to the user.

-- 
Shawn
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://tahoe-lafs.org/cgi-bin/mailman/private/volunteergrid2-l/attachments/20110119/dafd8d3a/attachment.html>