[Nfd-dev] Auto prefix propagation and clock sync
jlee700 at illinois.edu
Thu Mar 23 09:52:59 PDT 2017
Auto prefix propagation finally works.
The problem was clock synchronization. My machine is about 30 seconds off-synced with the Illinois forwarder.
I did not know the relation between auto prefix propagation and clock synchronization.
After synching my machine to one of NTP servers, auto prefix works just fine.
Thanks for pointing it out, Junxiao.
Jongdeog Lee (JD)
Department of Computer Science
University of Illinois at Urbana-Champaign
From: Junxiao Shi [shijunxiao at email.arizona.edu]
Sent: Wednesday, March 22, 2017 9:54 AM
To: Lee, Jongdeog
Cc: nfd-dev at lists.cs.ucla.edu
Subject: Re: [Nfd-dev] Auto prefix propagation on multiple machines
“authorization reject” is the message used in the management dispatcher on ControlResponse with code 403.
NFD-RIB commands on /localhop/nfd/rib prefix is verified by the trust schema defined on rib.localhop_security config section.
If you are getting 403 in reply to a prefix registration command, this means the command is not authenticated or authorized by that trust schema.
It’s intentional to hide the detailed error from the client, to prevent leaking sensitive information.
Currently, the detailed error isn’t logged on the server (router) side either. You may try to add logging to the authorization function<https://github.com/named-data/NFD/blob/d396b61ba14a84b34d3ae65db4530062f7d43301/rib/rib-manager.cpp#L331>, and install the re-compiled version on the router.
On Mar 17, 2017, at 1:59 PM, Lee, Jongdeog <jlee700 at illinois.edu<mailto:jlee700 at illinois.edu>> wrote:
what are the conditions that the NDN node replies this error message to the producer regarding auto prefix registration: "authorization rejected"
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Nfd-dev