vrs-development
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Vrs-development] Cluster image security/privacy question

From: Chris Smith
Subject: Re: [Vrs-development] Cluster image security/privacy question
Date: Thu, 2 May 2002 12:11:47 +0100 
On Thursday 02 May 2002 08:28, address@hidden wrote:

> Each LDS gets a node id when joining the VRS. If any LDS requires
> information from any other LDS, it will use the node id to request
> information. The LDS which needs the information will use some thing
> similiar to ARP and the LDS providing the info will use RARP for
> authentication.
>
> Does this make sense

Yes it does, but it goes against the architecture I've been working on.

Why is the IP address of an LDS node regarded as 'sensitive' ?


The way I've been putting the Cluster together is through Goldwater Domains, 
because they inherrently form clusters - and Goldwater internally holds the 
IP addresses of the other domains in internal tables.  It provides 
transparent message routing and automatic failover (if configured that way),
so it needs the IP addresses.

Each domain (ie an LDS node) is namespaced (like the ID you talk about, but 
assigned by the owner of the LDS to be something unique such as 
'BillsLDS.somewhere.bill.has.his.machine.com'), so when one LDS sends a 
message or requests a resource from another LDS, it does so through 
namespacing. ie Sending the data request 
'BillsLDS.<snip>.com:/LDS/CM/GetSomeResource' causes Goldwater to route that 
straight to whatever LDS is identified by the BillsLDS namespace.... and you 
can even send messages to '*:/LDS/CM/WhoWantsThisMsg' (which is the same as 
sending to '/LDS/CM/WhoWantsThisMsg') - there are no IP addresses involved, 
Goldwater does it all in the background - but it has to maintain an IP <-> 
namespace table at each node.


Is this going to be a problem?  It really stuffs things up if it is as I was 
kind of hoping that the whole Goldwater Domain concept would allow us to 
build the cluster without ever having to think about the network, and be 
comfortable that if Goldwater says that an LDS is present, then it IS 
present, because of all the sanity checks and polling that Goldwater does in 
the background.

I suppose I could get Goldwater to 'hide' the IP addresses (so they can't be 
viewed through the administration tool), or even look them up on demand - but 
they've got to be stored 'somewhere' ultimately.

Thoughts guys?

Chris

-- 
Chris Smith
  Technical Architect - netFluid Technology Limited.
  "Internet Technologies, Distributed Systems and Tuxedo Consultancy"
  E: address@hidden  W: http://www.nfluid.co.uk
reply via email to
[Prev in Thread] Current Thread [Next in Thread]