[Date Prev][Date Next]
RE: OL 2.2 and syncrepl vs slurpd
I think that slurpd is still required for security reasons :
In my project I install the master in the internal secure network and the
replica(s) in the in DMZs exposed to risks.
As incoming TCP Connections (external --> internal) are prohibited I cannot
use syncrepl to syncronise the replicas.
But slurpd is a good solution for this situation because the TCP connections
are outgoing (from the master to the replica).
De : owner-openldap-software@OpenLDAP.org
[mailto:owner-openldap-software@OpenLDAP.org]De la part de Howard Chu
Envoyé : jeudi 29 décembre 2005 00:30
À : Francis Swasey
Cc : OpenLDAP software list
Objet : Re: OL 2.2 and syncrepl vs slurpd
Francis Swasey wrote:
> Good day, folks;
> It appears the handwriting is on the wall that slurpd is going to be
> dropped fairly soon (since it hasn't been updated since 2.0 and
> doesn't work with the config backend in 2.3).
> I'm still working with OL 2.2 (on RedHat Enterprise Linux 3 and 4 --
> locally built RPM's though) and seeing that Howard has posted that
> syncrepl should not be used with 2.2 back in the summer -- I'm
> wondering if that is still the prevailing thought or if syncrepl has
> been improved in the 2.2.30 release enough that I could convert to
> using syncrepl now and convert to OL 2.3 in the spring or summer (the
> next time the student body is gone for a length of time).
Just to add to Ando's reply - using the OL 2.2 consumer with an OL 2.3
provider should be safe.
I may push for dropping slurpd from OL 2.4, based on some replication
refactoring that Ando has suggested.
-- Howard Chu
Chief Architect, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc
OpenLDAP Core Team http://www.openldap.org/project/