Hi,
we were discussing for an installation whether it is good practice to
run one node of a cluster on a different VM host: if the VM host fails
all of the network might break, because packetfence fails, too.
Let's say that the network is used primarily to connect clients to a VM
host running the services used inside the network.
Also the network connects components like firewalls, proxies and VPN
gateways.
The idea has been to run at least one packetfence cluster node on its
own hardware to be prepared for a possible failure of the central VM host.
This one node is supposed to allow admins to use the local network or
connect from the internet via VPN to the organizations network.
Also servers for services used externally from the internet that are
hosted on their own hardware or on another VM host running in some DMZ
should still work.
Another way to achieve this would be to make the network connections
needed for the above not dependend on packetfence.
Comments, discussion and references to literature for the best way to
handle this would be very welcome!
Chris
--
Packetfence Matrix Room
https://matrix.to/#/%23packetfence:matrix.org
_______________________________________________
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users
