Thejaswini Singarajipura wrote: > > > Darren J Moffat wrote: >> I'm missing the bigger picture here, or failing to see where it is >> covered in the materials. >> >> Can someone draw me a simple picture of a multi node cluster using >> this showing which IKE the client connects to originally and where and >> how the SADB's are passed between the nodes. > > Attached below is a diagram of a 2-node cluster and a brief description > of how the client connections are handled. >> >> I think I understand how the failover happens with the switch from >> IDLE to MATURE. The part I'm missing is how all the SC nodes get the >> SADB entries in the first place and how that is done securely. > > The SADB is synchronized over SC private interconnects, which is a > private LAN and is detached from all other network. > Hence I do not think we add any more vulnerability by this project.
I thought that SC could be deployed in such away that the nodes were physically quite far away from each other. How is that private interconnect protected in that case ? While this might sound like I'm asking about existing architecture of SC I don't believe that today highly sensitive key material is passed over this "private" SC interconnect. How do customers *really* deploy this ? Is it always true that only cluster nodes are connected ? Are all the switches etc completely private or can VLANing be used to support multiple clusters or make a "private" interconnect over existing infrastructure ? -- Darren J Moffat
