Pular para o conteúdo principal
BlogTrabalho em redeApoio à rede de retaguarda privada

Apoio à rede de retaguarda privada

Criamos uma Rede Local (LAN) privada, em cada datacenter, à qual a Linodes pode aderir, sem ter que se preocupar com a transferência contando com sua cota mensal de rede. Esta característica permite algumas possibilidades interessantes. Por exemplo, a criação de conjuntos de Linodes front-end de servidor web e Linodes de servidor de banco de dados back-end que se comunicam através desta rede privada. A replicação de banco de dados, backups e rsync também vêm à mente. Ah, e o IP Failover funciona tanto para IPs públicos quanto privados.

Para entrar na diversão, faça o login no site dos membros e dirija-se a esta página. Clique no botão para ter um endereço IP privado atribuído ao seu Linode. Reinicie seu Linode e traga o novo IP no eth1 - um comando de exemplo para fazer isso é fornecido na página. Você precisará completar estes passos para cada Linode que você deseja poder se comunicar através da rede back-end.

Isto só funciona para Linodes dentro do mesmo datacenter. Os Linodes não precisam estar sob uma conta/ligados.

Então, qual é o valor desta característica? Você adivinhou: GRÁTIS!

Aproveite!

Comentários (13)

  1. Author Photo

    Sweet. Wondered when this would come about, remember a mention about it a long time ago

  2. Author Photo

    This is really great; I was recently thinking that something like this would be a great feature to add 🙂

  3. Author Photo

    I couldn’t find a link to this within the Linode manager. Am I looking in the wrong place (e.g. Utilities) or is there a reason this wasn’t added to the manager yet?

  4. Author Photo

    @marvinp the link is…linked in the article text. You’ll know when you get there. It’s the page titled “Lassie” lol.

  5. Author Photo

    Heh, thanks for the heads up jharrison, I’ve corrected that. The Private IP page is now linked from the Utilities page as well.

    Mike

  6. Author Photo

    interesting feature 🙂 just wondering though whats the story with security? is this safe enough to treat like your average “internal LAN”? or should it be firewalled as well? you say they dont have to be apart of the same account, im guessing its one big subnet for everyone? just wondering if i should consider firewalling it or not 🙂

  7. Christopher Aker

    We filter traffic based on MAC and IP addresses. You can’t sniff traffic on the back-end LAN. You won’t see other people’s traffic. The only packets you’ll receive are those that are destined for your Linode. It works no differently from our public-networking filtering.

  8. Author Photo

    A follow up to the last security question:

    ‘The only packets you’ll receive are those destined for your Linode’.

    This would include port scanning packets and connections from other Linode customers in the same data center correct?

    Is there a way to form a vpn using the private IPs of just the nodes within your Linode account – to get LAN speed, no bandwidth charges for local traffic AND security?

  9. Christopher Aker

    It’s an open local network, so others in your facility can connect to services running on your local IP. You’ll want to firewall or ACL appropriately.

    You can form VPNs as you typically would — openvpn for example.

  10. Author Photo

    I know this is a very old post but Is there any possibility of having my two linodes connected if they are on a different DC now? I would really love to have that since if a DC has a problem the other DC would still be working.

  11. Author Photo

    I’d like to see this feature improved to be available only between your own hosts and between DCs.

  12. Author Photo

    Hi,

    I am trying to use this feature.
    I use two vm in the same DC, one is for web app and other for MariaDB.
    I bind the maria db server do private ip. When I try to connect to my db server from myweb I can’t connect.

    I try a talnet command and the result is: No route to host

    I do a nmap and only port 22 is open. I Don’t use any fw rules.

Deixe uma resposta

Seu endereço de e-mail não será publicado. Os campos obrigatórios estão marcados com *