On Wed, 2007-12-19 at 18:54 -0500, Anand Capur wrote: > > The reason for all of this is the firewall in place at the PHX > colo. If > that wasn't there we wouldn't need any of the games at all. We > could > just have foo.fedoraproject.org be resolveable from anywhere > and > foo.vpn.fedoraproject.org just mean 'go over the vpn to get to > it'. > > seth 'big fan of simple networking' vidal > -sv > > +1, but do we still need the firewall for other things? So the firewall is something that came with the space. It's red hat's firewall and I don't think we have any choice for the hosts inside phx. In general, I'm a much bigger fan of hosts-based firewalling and clamping down on exposure paths that way than an edge firewall for a network. In this case it would also make our setup a good bit simpler if we didn't have the edge firewall at all. -sv _______________________________________________ Fedora-infrastructure-list mailing list Fedora-infrastructure-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-infrastructure-list
