I'm on the verge of reimplementing fence_apc in C to use ssh. Before I
spend the time on this to be able to fence securely, I wanted to see if
there's any compelling reasons I needed a private subnet anyway. I
don't have any GFS, each node will have it's own copy of the web
I control all the hosts on the subnet so outside interference would be sending in the blind or exploiting a weakness.
I believe the luci to ricci communication uses ssh so that should be OK. Does cman ever send root passwords?
Rick Stevens wrote:
On Wed, 2007-11-14 at 13:00 -0800, Scott Becker wrote:What's the general consensus of security risks of cman communications over a public subnet? The faq only briefly mentions it.cman is pretty important. If it's on a public subnet, someone could spoof IPs and screw with your locks, spew garbage (e.g. floodping) on the wire and lots of other nefarious things. I'd keep it private. If possible, I'd tend to keep it on its own VLAN as well. You really only want cluster-centric traffic on those wires.