[
https://issues.apache.org/jira/browse/HADOOP-7104?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12981537#action_12981537
]
Hadoop QA commented on HADOOP-7104:
-----------------------------------
+1 overall. Here are the results of testing the latest attachment
http://issues.apache.org/jira/secure/attachment/12468304/c7104-01.patch
against trunk revision 1058343.
+1 @author. The patch does not contain any @author tags.
+1 tests included. The patch appears to include 3 new or modified tests.
+1 javadoc. The javadoc tool did not generate any warning messages.
+1 javac. The applied patch does not increase the total number of javac
compiler warnings.
+1 findbugs. The patch does not introduce any new Findbugs (version 1.3.9)
warnings.
+1 release audit. The applied patch does not increase the total number of
release audit warnings.
+1 core tests. The patch passed core unit tests.
+1 contrib tests. The patch passed contrib unit tests.
+1 system test framework. The patch passed system test framework compile.
Test results:
https://hudson.apache.org/hudson/job/PreCommit-HADOOP-Build/180//testReport/
Findbugs warnings:
https://hudson.apache.org/hudson/job/PreCommit-HADOOP-Build/180//artifact/trunk/build/test/findbugs/newPatchFindbugsWarnings.html
Console output:
https://hudson.apache.org/hudson/job/PreCommit-HADOOP-Build/180//console
This message is automatically generated.
> Remove unnecessary DNS reverse lookups from RPC layer
> -----------------------------------------------------
>
> Key: HADOOP-7104
> URL: https://issues.apache.org/jira/browse/HADOOP-7104
> Project: Hadoop Common
> Issue Type: Improvement
> Components: ipc, security
> Reporter: Kan Zhang
> Assignee: Kan Zhang
> Attachments: c7104-01.patch
>
>
> RPC connection authorization needs to verify client's Kerberos principal name
> matches what specified for the protocol. For service clients like DN's, their
> Kerberos principal names can be specified in the form of
> "datanode/[email protected]". To get the expected
> client principal name, the server needs to substitute "_HOST" with the
> client's fully qualified domain name, which requires a reverse DNS lookup
> from client IP address. However, for connections from clients whose principal
> name are either unspecified or specified not using the "_HOST" convention,
> the substitution is not required and the reverse DNS lookup should be
> avoided. Currently the reverse DNS lookup is done for all clients, which
> could slow services like NN down, when local named cache is not available.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
