[
https://issues.apache.org/jira/browse/KUDU-1900?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16763017#comment-16763017
]
Greg Solovyev commented on KUDU-1900:
-------------------------------------
The problem with fixing this bug is that security-itest relies on this bug to
verify that when an external client connects on a non-encrypted connection,
master does not send a non-encrypted token over that connection. The test
"fools" master into thinking that the client is external, because client's
loopback IP does not match master's loopback IP.
> Localhost connections to single-host clusters on Ubuntu don't skip TLS
> ----------------------------------------------------------------------
>
> Key: KUDU-1900
> URL: https://issues.apache.org/jira/browse/KUDU-1900
> Project: Kudu
> Issue Type: Bug
> Components: perf, security
> Reporter: Todd Lipcon
> Priority: Major
> Labels: newbie
>
> On Ubuntu, it seems like we sometimes end up with connections from 127.0.1.1
> to 127.0.0.1 when running a local cluster and connecting to to it from the
> same machine. This is because Ubuntu puts an entry with the host's external
> hostname in /etc/hosts as 127.0.1.1, and the tablet server ends up
> registering with that name. The code that detects loopback connections sees
> the "127.0.0.1 -> 127.0.1.1" and decides it's not loopback.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
