[ale] Multi-homed server networking
Jim Kinney
jim.kinney at gmail.com
Mon May 11 14:49:56 EDT 2009
The samba portion should listen to networks, not nic hardware. So
putting vips in place for backchannel won't conflict. Just use a
private IP space that doesn't overlap the samba network(s).
Be sure to not allow cross-ip-space traffic in iptables on each
machines. Tunnelling packets can be a real problem with this setup if
they enter as network foo, become backchannel bar and emerge across
the LAN as baz looking for connections in foo. Basically only pass
backchannel ip's to backchannel ip's.
On Mon, May 11, 2009 at 2:34 PM, Jeff Hubbs <jeffrey.hubbs at gmail.com> wrote:
> I have a series of Linux servers that, for reasons beyond my control, have
> only 10/100 Ethernet for connecting to their clients. Because the servers
> are multi-homed, however, I have the option of connecting them to each other
> via a 10/100/1000 switch on a private IP range and that's what I would like
> to do. However, I don't want doing so to make this "backchannel" visible to
> the client population in an untoward way.
>
> For instance, if one of the servers is a Samba server and Samba
> listens/talks over both eth0 and eth1, I don't want machines on either eth0
> or eth1 see the Samba server twice, i.e., once directly and again "through"
> the server itself to the other side. I don't want Windows or other Samba
> clients to freak.
>
> - Jeff
>
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://mail.ale.org/mailman/listinfo/ale
>
>
--
--
James P. Kinney III
Actively in pursuit of Life, Liberty and Happiness
More information about the Ale
mailing list