| 1 |
On Aug 29, 2013 7:13 PM, "Randy Barlow" <randy@×××××××××××××××××.com> wrote: |
| 2 |
> |
| 3 |
> Honestly, I think the best solution is to switch the company to using |
| 4 |
domain names to access these resources. This makes it much easier to |
| 5 |
silently introduce things like load balancers later on if you ever need to |
| 6 |
scale. It's also much easier to communicate to new users how to find this |
| 7 |
resource. Once you migrate to IPv6 it becomes a very long address to tell |
| 8 |
people as well. |
| 9 |
> |
| 10 |
|
| 11 |
I agree, but considering that the split is Really Urgent™, I'll just have |
| 12 |
to make do with redirection for the time being. |
| 13 |
|
| 14 |
> To answer your specific question, I would just do it with iptables if you |
| 15 |
must continue accessing it by IP address. I will point out that the service |
| 16 |
on the new IP address now has doubled its chances of going out of service, |
| 17 |
because it depends on both machines running, even though the first has |
| 18 |
nothing to do with it. Also, doing this with firewall rules isn't very nice |
| 19 |
from a systems management perspective for the future, as it's not very |
| 20 |
obvious what's going on with some server rewriting packets for another one. |
| 21 |
If someone sees that in two years, are they going to know what to do? What |
| 22 |
if they want to take server 1 down, and forget that it also disrupts 2? |
| 23 |
Using DNS is much cleaner for these reasons. |
| 24 |
|
| 25 |
Again , I agree 100%. |
| 26 |
|
| 27 |
Fortunately, nobody is allowed to bring down a server without my team's |
| 28 |
blessing, so if they ever need to bring the server down, we will force them |
| 29 |
to arrange a schedule with the other team. |
| 30 |
|
| 31 |
Rgds, |
| 32 |
-- |
Archives