Michael Schwartzkopff wrote: > Am Dienstag, 8. September 2009 21:45:14 schrieb Christoph Lechner: > (...) >> What I wrote is maybe a little bit confusing. >> To clearify: The two machines aren't firewalls. They're web and mail >> servers mounted in a collocation rack. There's no DMZ or something linke >> that. Unfirewalled Internet on the Ethernet plugs. But every machine has >> an IPTables firewall to block unwanted access from the Internet. Of >> course the replication link has no strict firewall policy. >> But given the case I make a mistake when changing the firewall settings, >> the replication links and the Heartbeat communication might break. > > Ok. That clarifies the situation. > >>> If you want to use DRBD use two independend etherner channels and make a >>> bond interface. >> Again, messing the local firewall would break it. > > What about two dedicated crossover cables between the machines? No need for a > firewall in these interfaces. Well that should work as well.
- cl _______________________________________________ Linux-HA mailing list [email protected] http://lists.linux-ha.org/mailman/listinfo/linux-ha See also: http://linux-ha.org/ReportingProblems
