From owner-freebsd-questions Fri Aug 10 12:24:33 2001 Delivered-To: freebsd-questions@freebsd.org Received: from w2xo.pgh.pa.us (18.gibs5.xdsl.nauticom.net [209.195.184.19]) by hub.freebsd.org (Postfix) with ESMTP id 1DA5237B406 for ; Fri, 10 Aug 2001 12:24:21 -0700 (PDT) (envelope-from durham@w2xo.pgh.pa.us) Received: from localhost (localhost [127.0.0.1]) by w2xo.pgh.pa.us (8.11.3/8.11.3) with ESMTP id f7AJeVm95348; Fri, 10 Aug 2001 15:40:31 -0400 (EDT) (envelope-from durham@w2xo.pgh.pa.us) Date: Fri, 10 Aug 2001 15:40:31 -0400 (EDT) From: Jim Durham To: Duncan Sayers Cc: freebsd-questions@FreeBSD.ORG Subject: Re: Re[2]: backup server In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Fri, 10 Aug 2001, Duncan Sayers wrote: > On Thu, 9 Aug 2001, Jim Durham wrote: > > > On Sun, 5 Aug 2001, Alvin Sim wrote: > > > Sunday, August 05, 2001, 02:51:00 AM, Christoph Sold wrote: > > > > > > > Alvin Sim wrote: > > > >> > > > >> i'm looking into implementing 2 servers for a dept. and am looking for > > > >> ways to to "mirror" a server -- ie, if one fails, all clients will > > > >> automagically connect to the second server -- ala NT PDC's. > > > >> > > > >> what do i (basically) need to do/implement? any pointers to some > > > >> relevant docs would be great. thanks. > > > > > > > There is no such thing as the magic you describe. To get a little bit of > > > > this ideal solution, you'd have to define > > > > > > > > > > 1) which services this boxes have to provide > > > Samba 2.2.x (user authentication), Squid (proxy), IPFW (& NATD?) for > > > Internet access priviledges, Web-Caching, and maybe DNS. i'm sure there > > > are going to be a couple more services but this is basically the > > > basics/needed ones > > > > > > > 2) what the least acceptable working level of that service is > > > Samba and? DNS, since they need the user authentication for (domain) > > > logons and DNS to resolve? i'm not sure if this is what you meant by > > > 'least acceptable working level' > > > > > > > 3) how to detect the failure and > > > this is what i am looking into as well and i really can't answer this > > > one. i dont know if anyone that have done a lot of years of > > > administration knows when a server is going to make a boo-boo either. > > > maybe there is this someone and maybe he'll give me some pointers in > > > waht to lookout for :) but i really doubt it since there are basically a > > > lot of probable cause for a server to go down > > > > > > > 4) how to switch over that service safely to the second box. > > > i suppose this is the subject line. how does an NT server works in a DC > > > environment? basically, this is what i was thinking of doing but... how > > > do you make freebsd do something similar? (ie, synchronizing all datas - > > > if at all possible, which i doubt, at a certain interval time?) i dont > > > know, frankly. > > > > > > > each of those considerations is pretty complicated, and there is no such > > > > thing as a standard definition. Thus you have either to invest some time > > > > to think about it, or pay some amount of money to get somebody who does. > > > > > > > I have also thought about this a bit at our company. > > > > At lot depends on how "fancy" you want to get. A very workable system > > would be to have a 2nd server on a different IP, and do a tar using an > > "mtime" of 10 minutes (or whatever period) and output it through an NFS > > mount to the other system and untar it. This would transfer only what had > > recently changed to the other system. > > > > You could write a "watchdog" script to monitor the primary server > > from the secondary and initiate an ifconfig to the primary IP and > > a restart of Samba, etc on the new IP. > > > > Of course, there are many problems, like a partial failure of the > > primary that would be either difficult to detect, or would leave > > the primary running on it's IP and interfere with the new primary > > (the old secondary). Anyone who had a file open on Samba would get > > strange results! > > > > The only way to ensure a seamless transition would be to write > > everything to both servers all the time. I'm not aware of any > > way to do this, but maybe others are. > > > > Just some thoughts. > > > > How about using rsync in a script run by cron at specified intervals to > synchronise files from one server to another. To quote the man page: > > "The rsync remote-update protocol allows rsync to transfer just the > differences between two sets of files across the network link." > > Then you could have a replicated server (give or take a couple of > minutes of changes, depending on the sync interval), to which you could > cut over to if your "main server" croaks > > -- I wasn't familiar with it, but I found it in ports and read the package description. Sounds interesting, but if it is a cousin of rcp, it's probably unsafe in a secure environment as you would have to run portmap and rstatd. I'd feel better if it were using scp instead of rcp 8-) . -Jim To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message