Let me prefix this: I don't really know what I'm talking about, double check anything I say.
On Mon, 2003-06-02 at 09:16, Jon Biddell wrote: > 2. Servers must be physically located on different campuses - > because we connect tot he 'net through AARNET, we want them on > different RNO's. > > 3. There must be NO DISCERNABLE INTERRUPTION TO SERVICE when one > fails. Doing a "shift-reload" in the browser is NOT an option. It > must be TOTALLY TRANSPARENT. Wow. Well, point 3 makes it pretty hard. As I understand it, that's an intentional design decision of tcp/ip -- if it were easy to have another computer interrupt an existing tcp connection and just take it over, then I'm sure it would be exploited. Thus to keep a tcp connection open you need to have a certain amount of state information; I think it does this through so-called "sequence numbers", but I'm not a network ninja, so I'm not sure. The point is that to be able to have another computer step in half way through a transaction, you'll need to have state information being transferred between the two computers constantly. Now, the other option is to have some sort of proxying server which just farms requests out to each server, but then you have a single point of failure and you're right back where you started. I believe that there are boxes that do this, but they're hugely expensive. Like hundreds of thousands of dollars. So, I suppose you need to analyze the risks that you're trying to minimise. It would be easier to have a single box in a single building with multiple connections that were arbitrated by bgp. I still think you'd need to do a reload in most real situations. I'll be interested to hear what you come up with. Sorry I can't be more help. James. -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
