Harsh J has posted comments on this change. Change subject: KUDU-1875: Refuse unauthenticated connections from publicly routable IP addrs ......................................................................
Patch Set 1: (1 comment) http://gerrit.cloudera.org:8080/#/c/6514/1/src/kudu/rpc/negotiation.cc File src/kudu/rpc/negotiation.cc: Line 68: DEFINE_bool(allow_unauthenticated_public_connections, false, Checking against the range of (datacenter/cloud infra mix) cluster IPs of the various customers I work with, the use of IPs outside the range labelled as private is rather significant (~15% in a small sample of ~500 clusters). I therefore don't think this blockage should be enabled by default, as Kudu would simply not work out of the box for such environments? I'd be more comfortable knowing this was an opt-in, and also had a configurable IP range so users can self-exclude their network admins' choices of numbering when applying this useful restriction. -- To view, visit http://gerrit.cloudera.org:8080/6514 To unsubscribe, visit http://gerrit.cloudera.org:8080/settings Gerrit-MessageType: comment Gerrit-Change-Id: I6c3fbb5491785874c5701d6c9d866949cfac905e Gerrit-PatchSet: 1 Gerrit-Project: kudu Gerrit-Branch: master Gerrit-Owner: Hao Hao <hao....@cloudera.com> Gerrit-Reviewer: Harsh J <ha...@harshj.com> Gerrit-Reviewer: Kudu Jenkins Gerrit-HasComments: Yes
