On Wed, 2007-11-14 at 13:00 -0800, Scott Becker wrote: > What's the general consensus of security risks of cman communications > over a public subnet? > The faq only briefly mentions it. cman is pretty important. If it's on a public subnet, someone could spoof IPs and screw with your locks, spew garbage (e.g. floodping) on the wire and lots of other nefarious things. I'd keep it private. If possible, I'd tend to keep it on its own VLAN as well. You really only want cluster-centric traffic on those wires. ---------------------------------------------------------------------- - Rick Stevens, Principal Engineer rstevens@xxxxxxxxxxxx - - CDN Systems, Internap, Inc. http://www.internap.com - - - - Beware of programmers who carry screwdrivers - ---------------------------------------------------------------------- -- Linux-cluster mailing list Linux-cluster@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/linux-cluster
