> > Also, could you explain how it is possible to use a different address than > the > one which is "assigned" to your computer? >
In most shops, in almost all but the most basic configurations, the generally accepted practice is to create abstraction between the "system" and the "service" provided by it. Even if a system has a single service/function, it still binds the service to a "Service VIP", or "IP Alias (BSD)". I.e., almost all machines have a "Management Address" and "Service VIP", especially in non-RFC1918-space-only shops. To give you an idea why this is a policy in most places: For example, if a system crashes, you can pick up the VIP and move it to a different system in the same VLAN. ...OR, if that service VIP has a CNAME pointing to it, you can simply cut over the CNAME destination to a service VIP in a different VLAN without breaking all your clients. Thus, "System-Service Abstraction" This becomes especially paramount in High Availability configurations where at service VIP dangles between two or more servers. It is also extremely important when you're trying to manage firewall rule growth. At present, if you have multiple VIPs/IP Aliases on Bacula, you can control which one "Listening Sockets" bind to, but say for example, when writing rules that would permit the Director to send control messages to File Daemons, or Storage Daemons to send messages to Directors, or Consoles to Directors, you want your rules to reflect the source address of the service VIP for "new client sockets". ~BAS ------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys -- and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV _______________________________________________ Bacula-users mailing list Bacula-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bacula-users
