[GLLUG] good to be back

[Melson, Paul]

My recommendation to anyone doing clustering (with any OS, really), is
to have a separate network segment for traffic between cluster nodes.
This means having at least one dual-homed cluster node, but it generally
makes your HP/HA/FT-based services more fault tolerant. (You might be
surprised at how easy it is to knock over a cluster, even accidentally,
when you have access to the same segment that heartbeat and sync traffic
use.)

Stuart, this might solve your dilemma of managing access to the cluster.
At the very least, setting up a separate segment will mean that you only
have one interface to write iptables rules for.  Good luck!

PaulM

-----Original Message-----
From: Sean [mailto:picasso@madflower.com]
Sent: Wednesday, December 11, 2002 1:10 PM
To: Stuart C
Cc: gllug
Subject: Re: [GLLUG] good to be back


On Tue, 10 Dec 2002, Stuart C wrote:
<snip>
> 2) i am going to be putting together a
> beowulf soon *crosses fingers* and i want to limit access.  Is there a
> way i can have people connect to a machine, then have the cluster
master
> node only except connections from that one machine and no other ip? im
> guessing you can do this with iptables, just wasn't sure how.  Well
its
> good to be back on the mailing list and hope for some good
> conversations.

You are indeed looking at iptables or ipchains. You are also looking at 
about 12 other things when you set this up as far as networking goes as
it is highly dependent on the software you are using for your cluster.. 



_______________________________________________
linux-user mailing list
linux-user@egr.msu.edu
http://www.egr.msu.edu/mailman/listinfo/linux-user