Hi, looking at https://github.com/apache/couchdb/blob/master/dev/run#L195 they should all run on 127.0.0.1. I would assign an individual IP to each instance. I am not sure whether it is possible to block traffic between 127.0.x.1 and 127.0.y.1. This would be my first approach though.
regards, Stefan 2018-05-15 21:42 GMT+02:00 Diana Thayer <[email protected]>: > Hello! > > Would anyone have any ideas about how to artificially bisect a CouchDB > cluster? > > I am trying to bisect a 5-node dev cluster to induce a split-brain scenario > for demonstration purposes, but I am having trouble blocking traffic > between nodes because they use random ports to communicate and will switch > ports if they detect one has become blocked. > > To start the cluster, I am using the dev/run script in the source for > version 2.1.1: > > ```bash > $ ./dev/run -n 5 --with-admin-party-please > ``` > > This works fine. I then tried to block communication between each node's > public (*5984) and private (*5986) ports, but nodes communicate with each > other over random ports after finding each other using port 4369 such that > blocking the public and private ports does not prevent nodes from > communicating with each other. > > If I sniff TCP traffic to find those random ports and block traffic to > and/or from them, the cluster reports instability and the affected node > switches ports to get around the damage. This makes it difficult to write > iptables rules to block this inter-node traffic. > > Anyone have any ideas? Thank you for your help :) > > Best regards, > Diana
