|
> >To recall:
> >We decided to implement a kernel daemon like
> >kflushd that would periodically send new connection
> >template entries from the master director to the
> >backup (blaster) over a dedicated heartbeat based
> >on UDP packets. This is a good basic concept, however, > Would this cause
any security concerns? Any critical
> data cross the network should be encrypted to protect
> the integrity, but that will be a lot of overhead.
I don't think there'd be a lot of security to worry about. That is -- not
much secure information is contained in those templates, I think. And any of
that information could probably be extracted if you had access to the
network anyway... how many real servers... which people are being scheduled
to which real servers... etc... Nothing too important or crucial.
> >I'suggest not to send the updates via UDP but rather
> >define a own easy protocoll and run it over the
> >parallel port, since this needs no IP-stack
> Why don't use serial port? It seems easier than
> parallel port.
Personally I would rather not go for an out of band solution...
LinuxDirectors won't necessarily be next to each other and eventually there
might be a need to have more than two of them.
Doing some sort of LinuxDirector multicast exchange of information seems
like a decent idea. Perhaps we could borrow some of the advertising
solutions used in some of the various interior routing protocols... <?>
All the best --
Ted
|
