Beefy Boxes and Bandwidth Generously Provided by pair Networks
Just another Perl shrine
 
PerlMonks  

Re^2: Double Click of Death on Perl Web Server

by Anonymous Monk
on Oct 04, 2018 at 16:59 UTC ( [id://1223542]=note: print w/replies, xml ) Need Help??


in reply to Re: Double Click of Death on Perl Web Server
in thread Double Click of Death on Perl Web Server

You might want to consider switching to IO::Socket::IP. Should be pretty much a plug in replacement, but will enable you to run dual stack (IPv4, IPv6) whenever you need it.

Thank you for that nugget of wisdom. It's good to know if IP6 is needed. Replacing IO::Socket::INET with IO:Socket::IP only requires a slight change to the settings: 


IO::Socket::INET 

   Reuse => 1,

Becomes:

IO::Socket::IP

   ReuseAddr => 1,
   ReusePort => 1,
OTOH IO::Socket::INET buys 14 years of backwards compatability: 

corelist IO::Socket::INET
IO::Socket::INET was first released with perl v5.6.0 (2000-Mar-22)

corelist IO::Socket::IP
IO::Socket::IP was first released with perl v5.19.8  (2014-Jan-20)
  • Comment on Re^2: Double Click of Death on Perl Web Server

Replies are listed 'Best First'.
Re^3: Double Click of Death on Perl Web Server
by hippo (Bishop) on Oct 05, 2018 at 08:11 UTC
    OTOH IO::Socket::INET buys 14 years of backwards compatability:

    Don't be so sure. Just because it buys you 14 years of being in core doesn't mean that much. The current version of IO::Socket::IP has full test passes on perls as old as 5.8.1, so you are only buying something like three and a half years of extra backwards compatibility. Contrast that with how much forwards compatibility you would be buying with IO::Socket::IP in terms of transparent IPv6 support.

[reply]
Re^3: Double Click of Death on Perl Web Server
by cavac (Parson) on Oct 05, 2018 at 06:27 UTC

    OTOH IO::Socket::INET buys 14 years of backwards compatability

    I'm aware of that. But frankly, any system too old to run at least Perl 5.20 with IO::Socket::IP and IPv6 (at least have support for it) is probably a major security disaster waiting to happen. For one thing, it probably still uses SSLv1 or no encryption at all.

    I know there are always legitimate business reasons to run such old systems, but these days they they become overshadowed by the risk involved. Just thinking of Facebook here. Because they didn't patch a data leak when they first noticed the possibility, they might have to pay the EU a penalty of over a billion Euros. And thats just the government side, civil lawsuits may follow. That was a somewhat recent security issue, i somewhat doubt government would be more lenient if you run code that has issues for which patches are out for over a decade...

    "For me, programming in Perl is like my cooking. The result may not always taste nice, but it's quick, painless and it get's food on the table."
[reply]
Re^3: Double Click of Death on Perl Web Server
by Anonymous Monk on Oct 05, 2018 at 19:58 UTC
    Thanks for pointing out the limitations of IO::Socket::INET vs IO::Socket::IP. I have experience writing secure web applications. These modules are also used in desktop applications to provide the controller for Perl models viewed in a web browser. In such cases network encryption is irrelevant and compatability and portability are the ultimate goals.

    I like to use Perl::MinimumVersion to see how far back my code can be pushed without breaking. :-)

[reply]

In Section Seekers of Perl Wisdom

Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?

www.com | www.net | www.org
Node Status?
node history
Node Type: note [id://1223542]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this?Last hourOther CB clients
Other Users?
Others perusing the Monastery: (3)
As of 2024-04-25 10:18 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    No recent polls found