In the past, I've made the "public" network another vlan that only has servers that need to talk to the storage back end included in it. That way you don't open it up to anything that doesn't need to have it and if a server needs to talk on it that should only be on restricted vlans, then you satisfy that as well.
On Tue, Apr 25, 2017 at 10:58 AM Ronny Aasen <ronny+ceph-users@xxxxxxxx> wrote:
hello
i want to connect 3 servers to cephfs. The servers are normally not in
the public network.
is it best practice to connect 2 interfaces on the servers to have the
servers directly connected to the public network ?
or to route between the networks, via their common default gateway.
the machines are vm's so it's easy to add interfaces, and the servers
lan and the clusters public networks is on the same router so it's also
easy to route between them. there is a separate firewall in front of the
routed networks so the security aspect is quite similar one way or the
other.
what is the recommended way to connect clients to the public network ?
kind regards
Ronny Aasen
_______________________________________________
ceph-users mailing list
ceph-users@xxxxxxxxxxxxxx
http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com
_______________________________________________ ceph-users mailing list ceph-users@xxxxxxxxxxxxxx http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com
