[Date Prev][Date Next]
Re: OL 2.2 and syncrepl vs slurpd
Ali Pouya wrote:
I think that slurpd is still required for security reasons :
In my project I install the master in the internal secure network and the
replica(s) in the in DMZs exposed to risks.
As incoming TCP Connections (external --> internal) are prohibited I cannot
use syncrepl to syncronise the replicas.
But slurpd is a good solution for this situation because the TCP connections
are outgoing (from the master to the replica).
No, slurpd is not required, there are other ways to provide that. Yes,
we will have a working solution for replication with outgoing
connections; it is already being developed. It is merely a combination
of syncrepl and back-ldap.
De : owner-openldap-software@OpenLDAP.org
[mailto:owner-openldap-software@OpenLDAP.org]De la part de Howard Chu
Envoyé : jeudi 29 décembre 2005 00:30
À : Francis Swasey
Cc : OpenLDAP software list
Objet : Re: OL 2.2 and syncrepl vs slurpd
Francis Swasey wrote:
Good day, folks;
It appears the handwriting is on the wall that slurpd is going to be
dropped fairly soon (since it hasn't been updated since 2.0 and
doesn't work with the config backend in 2.3).
I'm still working with OL 2.2 (on RedHat Enterprise Linux 3 and 4 --
locally built RPM's though) and seeing that Howard has posted that
syncrepl should not be used with 2.2 back in the summer -- I'm
wondering if that is still the prevailing thought or if syncrepl has
been improved in the 2.2.30 release enough that I could convert to
using syncrepl now and convert to OL 2.3 in the spring or summer (the
next time the student body is gone for a length of time).
Just to add to Ando's reply - using the OL 2.2 consumer with an OL 2.3
provider should be safe.
I may push for dropping slurpd from OL 2.4, based on some replication
refactoring that Ando has suggested.
-- Howard Chu
Chief Architect, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc
OpenLDAP Core Team http://www.openldap.org/project/