logo Home Login - Register Downloads Developers, news & Help Donate
Lazy . Admins . Do . It . Yourself  Project areas:     Routines    Cluster networking    Control Panel    Web Site related    Work Log
  Style: Light / Dark      Server time: Sep 04 2010  20:25:33

Cluster networking

LADIY as a self-monitoring cron manager is already enough to run any multitude of tasks but an advancement needed in version 2 was the ability for LADIY to communicate with other LADIY machines elsewhere.

If LADIY was to communicate at all it would have to take advantage of the most basic communication available in order to stay as compatible as possible across the OS board. Using the fsockopen() function was a natural choice with already being support to generate Headers within PHP as default, by using fsockopen() we instantly have support for POST and GET send techniques (which are both supported) .

Network discovery

Network Discovery (discovery.php) is a default plug-in with LADIY, Using this tool you can scan network IP ranges or leave values blank to scan your own IP range. This tool scans every IP given to check to see if the IP exists as on-line, primary port scan for essential services and if port 80 is detected as open will check if IP is a LADIY system. The output of the report is saved as a session with a full report after the scan is complete (including a text only version for direct copy paste usage).

The scan report will show how many machines where detected, LADIY count, services found, Time To Live and the option to generate a Network diagram of the scan itself:

Discovery homeScan outputScan Diagram example
network scan home
Click to view full size image		 network scan output example
Click to view full size image		 network scan diagram
Click to view full size image


The scan automatically translates all the Time To Lives into ranges and plots each machine within it's range as distance from host. Diagrams can be re-generated with random "range" placement and options to generate with or without connection lines. When you generate a diagram a full image map is created with it for use when displaying the map, By hovering over IP nodes in the diagram title texts will appear showing the full IP and ports discovered. The diagram image size itself can be changed as all diagram code is totally dynamic allowing resizing to suit.

Network abilities

When LADIY is first ran you will be required to "name" your LADIY machine and enter a network password if your setting up a new network or if your joining an existing network using that network password. If any LADIY network is password protected then not having the correct password will result in failure from any LADIY machine. Finally LADIY can operate in 2 ways:
  1. Listen and report errors ONLY: LADIY will not execute any requests of any kind.
  2. Listen/Report and Allow operations: Allowed to execute requests.
Of course LADIY doesn't have to be network enabled at all so the option to disable the network is given in options and at first setup.

In order for LADIY to join any network you must first use the invite system provided in the network control panel to enter a remote IP of an existing LADIY machine, The process will take you through checking the remote IP is detected as on-line, port 80 is open and that it is indeed a LADIY system. When the process of checks is complete it will then contact the remote IP asking to be added to it's system via the following stages:

Failure at any 1 stage results in instant abort request
  • Contact remote IP with encrypted request
  • Remote attempts to decrypt data
  • Data is then parsed and segments taken
  • Operation request is checked
  • Handshake is verified to ensure host is who it says it is.
  • If set, The network password sent is verified against that stored.
  • Now the request is allowed to be carried out
In order to keep network traffic down and because using fsockopen() already retrieves data, LADIY uses the initial request to output any data needed straight back so the whole data exchange takes place in 1 transaction.

Network homeInvite homeInvite result
network home
Click to view full size image		 network invite home
Click to view full size image		 network invite result
Click to view full size image
Comm.php

Comm.php is LADIYs communication file for all incoming data communications from other LADIY machines, While LADIY can reside in any directory above root Comm.php must always be accessible via root. For this reason Comm_ROOT.php is provided which can be placed in the web root of your web server, you can simply edit the file to include the location of the real Comm.php in your LADIY directory ensuring that no matter where LADIY is on your server network operations can always continue.

Security

Of course having passwords and handshakes or any other method for that matter only gets you so far, All this data would be as standard sent plain text by LADIY. This means anyone with network knowledge could sniff network traffic and directly read information being passed around!

Those who want to test this I suggest you use Wireshark, It's an excellent piece of software and totally free!. Using this software you can prioritize by header types and view all HTTP traffic directly to check exactly what's being sent, I encourage you to try this.

LADIY takes advantage of it's new encryption/decryption engine Muddle() which is a single function engine allowing any Network operation to use it for data transfer and receiving data. Muddle() brakes down like so:
  • Has 26 keys sets to use, Randomly using a key for every data send

  • Each key consists of 79 characters including none alphanumeric ASCII

  • In total 92 characters are allowed in any type of data send

  • Using a Factorial calculation there are:
    894,618,213,078,297, 291,394,536,105,678 ,124,660,091,699, 861,979,864,830,895,281 ,485,890,971,416,487, 504,167,917,951 ,760,559,283,842,969, 422,038,852,173,824 ( 117 digits ) possible key combinations.

  • LADIY comes with a KeyGen.php to create your own key sets to use, KeyGen.php outputs keys in format so that you may copy paste 26 full key sets in 1 go

  • All LADIY machines on the same network must use the same keys

  • Keys are retained in their own NetKeys.php file which can be copied to any other machine needing updating.

  • There is no limit to how many times you change keys
Once LADIY is connected to a network it will automatically update it's own network information and hosts table. This means if a new LADIY machine were to join any other LADIY network machine then the LADIY IP would be passed between the systems. Each LADIY system only takes the new IP, this way LADIY is forced to contact the host and go through all security checks to become verified.

While LADIY does all these tasks itself the network abilities is available to any task you set as the Muddle() engine is applied without you having to select or specify it. The end result of all this can be seen here from a direct Wireshark sniff session:

Contact=1&hs=-1062731419&v=YFx6];x6jYVj9ccLT1mM1LQTL.@mmBTMmDQLCLmB9@m)L1@)L@@LjYVjBZzZ@ZM:cZ@ZDZM:cQ@Zc.zZcZcL@d596fdf1765487d06bf02b4bb0c0e2449&t=1&j=1255643153

The above is a request for a self IP update, the data contains: Handshake, Password, Data, Encryption key used and verify hash. Using 26 keys this exact same data would appear totally different on the very next data send, Also by allowing higher ASCII in encryption characters such as = in the above data won't mean value or any other character you would usually associate with.

The idea is to have a engine people can look at, learn from and use but be secure too. Simply by applying a network password and using KeyGen.php to create your own key sets LADIYs network traffic instantly becomes secure.

PHP mysql open source Open Source www.LADIY.info     About mac solaris Windows freeBSD linux