[ale] Remote file systems and tunnels

Alex Carver agcarver+ale at acarver.net
Mon Sep 16 16:05:49 EDT 2013


On 9/16/2013 12:49, JD wrote:
> On 09/16/2013 02:41 PM, Alex Carver wrote:
>> I'm working on setting up a pair of systems that will need to have the storage
>> volumes on one (file server) mounted by the other (application server).  The
>> first problem is they're both going to be on different subnets (no choice).
>>
>> I'd like to have a secure link between the two.  I could set up NFS though that
>> exposes the NFS server's ports to all machines (although I suppose I could also
>> run iptables and allow only the app server through).  I was thinking it might be
>> possible to tunnel NFS (or something similar and suitable) via SSH.  Then I only
>> need the SSH port open on the server.
>>
>> The problem is that any document I find for tunneling NFS seems to be several
>> years old.
>>
>> Thoughts?
>
> Dedicated storage network ... er ... you know, a SAN. In a business of any size,
> DO NOT run storage traffic over the same links as other traffic.
> Lots of reasons. VLANs are not enough either.
>
> In a home, you could make a case for sharing the physical network, but I still
> wouldn't, not when cheap GigE switches are just $20.

Ah, other problem:  two machines, two different buildings.



More information about the Ale mailing list