1 |
On Aug 29, 2013 7:13 PM, "Randy Barlow" <randy@×××××××××××××××××.com> wrote: |
2 |
> |
3 |
> Honestly, I think the best solution is to switch the company to using |
4 |
domain names to access these resources. This makes it much easier to |
5 |
silently introduce things like load balancers later on if you ever need to |
6 |
scale. It's also much easier to communicate to new users how to find this |
7 |
resource. Once you migrate to IPv6 it becomes a very long address to tell |
8 |
people as well. |
9 |
> |
10 |
|
11 |
I agree, but considering that the split is Really Urgent™, I'll just have |
12 |
to make do with redirection for the time being. |
13 |
|
14 |
> To answer your specific question, I would just do it with iptables if you |
15 |
must continue accessing it by IP address. I will point out that the service |
16 |
on the new IP address now has doubled its chances of going out of service, |
17 |
because it depends on both machines running, even though the first has |
18 |
nothing to do with it. Also, doing this with firewall rules isn't very nice |
19 |
from a systems management perspective for the future, as it's not very |
20 |
obvious what's going on with some server rewriting packets for another one. |
21 |
If someone sees that in two years, are they going to know what to do? What |
22 |
if they want to take server 1 down, and forget that it also disrupts 2? |
23 |
Using DNS is much cleaner for these reasons. |
24 |
|
25 |
Again , I agree 100%. |
26 |
|
27 |
Fortunately, nobody is allowed to bring down a server without my team's |
28 |
blessing, so if they ever need to bring the server down, we will force them |
29 |
to arrange a schedule with the other team. |
30 |
|
31 |
Rgds, |
32 |
-- |