12.3.2 Cookies (third edition)

[tisdall]

Cookies provide a bare minimum of security and also help prevent a fully connected cluster in which all nodes can directly talk to each other. For example, let's say you want to connect node A to B and B to C, but you don't want to connect A and C. This can be done by assigning different cookies to all nodes and then, in A and C, using the Node.set_cookie/2 function, which allows you to explicitly set different cookies that need to be used when connecting to different nodes.

I've read this several times and am still very confused. My understanding is that 2 nodes are able to communicate if they have the same cookie value. If A is able to talk to B then they must have the same cookie value. If B can talk to C, then same cookie. By the transitive property, A and C must have the same cookie value and can communicate. If you explicitly make it so A and C have different cookie values then either the A/B connection stops working or the B/C does, no?

Also, the text says "assigning different cookies to all nodes" and then says to set different cookies to A and C, so don't all the nodes all have different cookies at every point?

[sasa1977]

Each node can set its own cookie, and that's used by default to connect to other nodes. However, you can override this by setting the cookie for each node with set_cookie/2.

[tisdall]

Ah... I thought set_cookie only defined the cookie to be used on the local node. Earlier it only showed examples of set_cookie/1 and I completely missed the /2 in the quoted text. So, on B you would call set_cookie/2 to define what cookie to use to connect to A and then again for C. Is that correct?