|
At 08:22 PM 8/6/00 +0200, Ratz wrote:
>Hi Wensong,
>
>I've been thinking about our talk at OLS on a possible
>kernel-2-kernel masq table syncing (kmasqsd) design.
>
>To recall:
>We decided to implement a kernel daemon like
>kflushd that would periodically send new connection
>template entries from the master director to the
>backup (blaster) over a dedicated heartbeat based
>on UDP packets. This is a good basic concept, however,
Would this cause any security concerns? Any critical
data cross the network should be encrypted to protect
the integrity, but that will be a lot of overhead.
>I'suggest not to send the updates via UDP but rather
>define a own easy protocoll and run it over the
>parallel port, since this needs no IP-stack
Why don't use serial port? It seems easier than
parallel port.
>processing and will also work if there is a stack
>problem. And in case of a failover and a shutdown
>of the interfaces, the daemon could still sync
>without being interupted and so providing to
>best syncing state. The amount of lost connections
>would definitely very small, if not even zero.
>
>Just a thought ...
>Suggestions, flames :) ?
>
>best regards,
>Roberto Nibali, ratz
>
>
>--
>mailto: `echo NrOatSz@xxxxxxxxx | sed 's/[NOSPAM]//g'`
>
|
