On Aug 29, 2013 7:13 PM, "Randy Barlow" <ra...@electronsweatshop.com> wrote: > > Honestly, I think the best solution is to switch the company to using domain names to access these resources. This makes it much easier to silently introduce things like load balancers later on if you ever need to scale. It's also much easier to communicate to new users how to find this resource. Once you migrate to IPv6 it becomes a very long address to tell people as well. >
I agree, but considering that the split is Really Urgentâ„¢, I'll just have to make do with redirection for the time being. > To answer your specific question, I would just do it with iptables if you must continue accessing it by IP address. I will point out that the service on the new IP address now has doubled its chances of going out of service, because it depends on both machines running, even though the first has nothing to do with it. Also, doing this with firewall rules isn't very nice from a systems management perspective for the future, as it's not very obvious what's going on with some server rewriting packets for another one. If someone sees that in two years, are they going to know what to do? What if they want to take server 1 down, and forget that it also disrupts 2? Using DNS is much cleaner for these reasons. Again , I agree 100%. Fortunately, nobody is allowed to bring down a server without my team's blessing, so if they ever need to bring the server down, we will force them to arrange a schedule with the other team. Rgds, --
