24 Jun
2008
24 Jun
'08
9:40 a.m.
Martin Simovic wrote:
Hi,
I have the following setup
LAN --- slapd 2.4.7 (master) --- DMZ ---slapd 2.3.30 (slave)
I'm trying to achieve replication from master to slave. the firewall policy is LAN-->DMZ allow DMZ-->LAN reject
this was actually very easy with slurpd (removed from 2.4) as the only need was to allow TCP traffic from master to slave
with syncrepl it seems to me that no matter if I use push/pull method the client (slave) is the one that binds to the master (provider). this means that firewall rule that allows TCP traffic to LAN is needed - this is very ugly.
is there a way to workaround this (or did i just misunderstand the whole problem)
See the configuration used in test045 in the test suite.
--
-- Howard Chu
CTO, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc/
Chief Architect, OpenLDAP http://www.openldap.org/project/