Re: NIC to NIC connection

From: Bruno Wolff III <bruno(at)wolff(dot)to>
To: Matt Clark <matt(at)ymogen(dot)net>
Cc: 'Kent Anderson' <kenta(at)ezyield(dot)com>, "'Pgsql-Admin(at)Postgresql(dot) Org'" <pgsql-admin(at)postgresql(dot)org>
Subject: Re: NIC to NIC connection
Date: 2004-10-19 22:01:33
Message-ID: 20041019220133.GA2957@wolff.to
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-admin

On Tue, Oct 19, 2004 at 17:37:43 +0100,
Matt Clark <matt(at)ymogen(dot)net> wrote:
> You would assign a different subnet to the connection, and then tell the
> servers to connect to the PG server's address on that subnet. No other
> changes required. Very odd setup though. If you want a 'private'
> connection then use a switch, rather than needing umpty NICs in the PG
> server.

Switches are not security devices. While it is harder to sniff packets on
switches, you can't count on them to prevent hostile machines on the
switch from playing games with the arp protocol. Also I believe that if
a switch doesn't remember where a particular mac address is it will send
the packet to all of the attached ports.

In response to

Responses

Browse pgsql-admin by date

  From Date Subject
Next Message Matt Clark 2004-10-19 22:13:44 Re: NIC to NIC connection
Previous Message Stephan Szabo 2004-10-19 20:09:55 Re: pgsql database .1 .2 .3 file names