On May 7, 2008, at 3:48 PM, Yael Goldberg wrote:
Is it OK for the daemon to listen on all IPs, instead of specifying
one IP
address? Is there any issues with that? Performance? Security?
It is generally a good habit to not expose ports or services to the
outside world unless the outside world needs access. Memcache has
virtually no security - so one generally binds it very specifically to
an 'inside' interface which is not visible from the 'outside' - and it
is common to use non-routable IP space (fc 1918) for these inside
interfaces. See any of the diagam's about facebook, 37signals,
twitter, flickr, et.al highscalability.com or http://www.webweaving.org/tmp/3tier.png
Thanks,
Dw
