Nous avons créé un réseau local privé (LAN), dans chaque centre de données, sur lequel les Linodes peuvent se connecter, sans avoir à se soucier du fait que le transfert soit comptabilisé dans leur quota mensuel de réseau. Cette fonctionnalité offre des possibilités intéressantes. Par exemple, la création d'ensembles de Linodes de serveur web frontal et de Linodes de serveur de base de données dorsal qui communiquent sur ce réseau privé. La réplication des bases de données, les sauvegardes et rsync viennent également à l'esprit. Oh, et le basculement d'IP fonctionne à la fois pour les IP publiques et privées.
Pour en profiter, connectez-vous au site des membres et rendez-vous sur cette page. Cliquez sur le bouton pour qu'une adresse IP privée soit attribuée à votre Linode. Redémarrez votre Linode et affichez la nouvelle IP sur eth1 - un exemple de commande est fourni sur la page. Vous devrez effectuer ces étapes pour chaque Linode que vous souhaitez pouvoir communiquer sur le réseau dorsal.
Cela ne fonctionne que pour les nœuds de connexion d'un même centre de données. Les Linodes ne doivent pas nécessairement être sous un même compte/lien.
Combien coûte cette fonction ? Vous l'avez deviné : GRATUIT!
Bonne lecture !
Commentaires (13)
Sweet. Wondered when this would come about, remember a mention about it a long time ago
This is really great; I was recently thinking that something like this would be a great feature to add 🙂
I couldn’t find a link to this within the Linode manager. Am I looking in the wrong place (e.g. Utilities) or is there a reason this wasn’t added to the manager yet?
@marvinp the link is…linked in the article text. You’ll know when you get there. It’s the page titled “Lassie” lol.
Heh, thanks for the heads up jharrison, I’ve corrected that. The Private IP page is now linked from the Utilities page as well.
Mike
interesting feature 🙂 just wondering though whats the story with security? is this safe enough to treat like your average “internal LAN”? or should it be firewalled as well? you say they dont have to be apart of the same account, im guessing its one big subnet for everyone? just wondering if i should consider firewalling it or not 🙂
We filter traffic based on MAC and IP addresses. You can’t sniff traffic on the back-end LAN. You won’t see other people’s traffic. The only packets you’ll receive are those that are destined for your Linode. It works no differently from our public-networking filtering.
A follow up to the last security question:
‘The only packets you’ll receive are those destined for your Linode’.
This would include port scanning packets and connections from other Linode customers in the same data center correct?
Is there a way to form a vpn using the private IPs of just the nodes within your Linode account – to get LAN speed, no bandwidth charges for local traffic AND security?
It’s an open local network, so others in your facility can connect to services running on your local IP. You’ll want to firewall or ACL appropriately.
You can form VPNs as you typically would — openvpn for example.
I know this is a very old post but Is there any possibility of having my two linodes connected if they are on a different DC now? I would really love to have that since if a DC has a problem the other DC would still be working.
I’d like to see this feature improved to be available only between your own hosts and between DCs.
Hi,
I am trying to use this feature.
I use two vm in the same DC, one is for web app and other for MariaDB.
I bind the maria db server do private ip. When I try to connect to my db server from myweb I can’t connect.
I try a talnet command and the result is: No route to host
I do a nmap and only port 22 is open. I Don’t use any fw rules.
Hey Paulo. You’ll want to make sure that both Linodes have private IPs assigned to them; this is how they can both send and receive information over the private network.
This Community post does a nice job explaining how Linodes communicate with private IPs:
https://www.linode.com/community/questions/174/how-do-i-connect-two-linodes-by-private-ip
Otherwise, if you suspect there is an issue, I would recommend opening a ticket with our Support team so they can take a look.