[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Thinking cfenginely about network interfaces
From: |
Systems Administrator |
Subject: |
Thinking cfenginely about network interfaces |
Date: |
Wed, 24 Dec 2003 14:32:02 +1100 (EST) |
Hi all. I've been using multiple IPs on my servers for different
purposes. For example, say I have something that does DNS,
authentication, and web. I'd have the following address mappings:
fred 10.0.0.1 # base machine name
dns 10.0.0.100 # DNS server IP
www 10.0.0.101 # Web server IP
auth 10.0.0.102 # Authentication IP
The main reason I did this was for extra security. For example,
if someone scans www, they might not realise that it has a DNS server on
the other IP, and therefore not be able to use combined security holes to
attack.
Anyway, I'm wondering what's the best way to set things up in
cfengine so that, if I set up a machine and give it the IP 10.0.0.1, it
will automatically install the other interfaces.
In case it helps, I'm using Fedora Core 1 and cfengine 2.1.0.
Thanks all...
--
Tim Nelson
Systems Administrator
Sunet Internet
Tel: +61 3 5241 1155
Fax: +61 3 5241 6187
Web: http://www.sunet.com.au/
Email: sysadmin@sunet.com.au
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- Thinking cfenginely about network interfaces,
Systems Administrator <=