On 11/11/06, Brad Nicholson <bnichols@xxxxxxxxxxxxxxx> wrote:
On Fri, 2006-11-10 at 15:07 -0500, Tom Lane wrote: > "Brendan Jurd" <direvus@xxxxxxxxx> writes: > > So, my question for the list is: is Slony + log shipping the direction > > I should be investigating, or is there something else out that I ought > > to consider? > > Those are two different methods: you'd use one or the other, not both. Slony has its own log shipping, I think that was what he was referring to.
Indeed I was; sorry if my terminology caused confusion. The reason I am looking at Slony with log shipping is that it can operate across a one-way connection, whereas plain Slony requires communication in both directions. A bi-directional connection would negate the purpose of having two separate databases, which is to protect the internal database (and the internal network as a whole) from a compromised external system. If we were willing to have a bi-directional connection, I don't see any further disadvantage in allowing the external application(s) to connect straight into our internal postgres database over the IPsec tunnel, and ignoring the replication issue entirely.
