[
https://issues.apache.org/jira/browse/CASSANDRA-15727?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Jon Meredith updated CASSANDRA-15727:
-------------------------------------
Description:
This was discovered while testing upgrading an SSL enabled cluster from 3.0 to
4.0. The 3.0 cluster was configured to only listen on the ssl storage port.
When the upgraded 4.0 node started it received a gossip messsage that triggered
a shadow round before it had correctly set the messaging versions for the other
endpoints.
Sending the message created the connection, but because the endpoint defaulted
to {{VERSION_40}} the initial connect attempt was to the regular
{{storage_port}}. The 3.0 node was only listening on the {{ssl_storage_port}},
so the connection was refused and the {{OutboundConnection.onFailure}} handler
was called. As the shadow
gossip round had queued up a message, the {{hasPending}} branch was followed
and the connection was rescheduled, however the port is never recalculated as
the original settings are used so it always fails.
Meanwhile, the node discovered information about peers through inbound
connection and gossip updating the messaging version for the endpoint which
could have been used to make a valid connection.
was:
This was discovered while testing upgrading an SSL enabled cluster from 3.0 to
4.0. The 3.0 cluster was configured to only listen on the ssl storage port.
When the upgraded 4.0 node started it received a gossip messsage that triggered
a shadow round before it had correctly set the messaging versions for the other
endpoints.
Sending the message created the connection, but because the endpoint defaulted
to {code}VERSION_40{code} the initial connect attempt was to the regular
{code}storage_port{code}. The 3.0 node was only listening on the
{code}ssl_storage_port{code}, so the connection was refused and the
{code}OutboundCOnnection.onFailure{code} handler was called. As the shadow
gossip round had queued up a message, the {code}hasPending{code} branch was
followed and the connection was rescheduled, however the port is never
recalculated as the original settings are used so it always fails.
Meanwhile, the node discovered information about peers through inbound
connection and gossip updating the messaging version for the endpoint which
could have been used to make a valid connection.
> Internode messaging connection setup between 4.0 and legacy SSL 3.0 fails if
> initial connection version incorrect
> -----------------------------------------------------------------------------------------------------------------
>
> Key: CASSANDRA-15727
> URL: https://issues.apache.org/jira/browse/CASSANDRA-15727
> Project: Cassandra
> Issue Type: Bug
> Components: Messaging/Internode
> Reporter: Jon Meredith
> Assignee: Jon Meredith
> Priority: Normal
> Labels: pull-request-available
> Fix For: 4.0-beta
>
> Time Spent: 10m
> Remaining Estimate: 0h
>
> This was discovered while testing upgrading an SSL enabled cluster from 3.0
> to 4.0. The 3.0 cluster was configured to only listen on the ssl storage
> port. When the upgraded 4.0 node started it received a gossip messsage that
> triggered a shadow round before it had correctly set the messaging versions
> for the other endpoints.
> Sending the message created the connection, but because the endpoint
> defaulted to {{VERSION_40}} the initial connect attempt was to the regular
> {{storage_port}}. The 3.0 node was only listening on the
> {{ssl_storage_port}}, so the connection was refused and the
> {{OutboundConnection.onFailure}} handler was called. As the shadow
> gossip round had queued up a message, the {{hasPending}} branch was followed
> and the connection was rescheduled, however the port is never recalculated as
> the original settings are used so it always fails.
> Meanwhile, the node discovered information about peers through inbound
> connection and gossip updating the messaging version for the endpoint which
> could have been used to make a valid connection.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
