From owner-freebsd-questions@FreeBSD.ORG Wed May 12 01:57:47 2004 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id CA2AB16A4CE for ; Wed, 12 May 2004 01:57:47 -0700 (PDT) Received: from smtp.nildram.co.uk (smtp.nildram.co.uk [195.112.4.54]) by mx1.FreeBSD.org (Postfix) with ESMTP id F093643D5D for ; Wed, 12 May 2004 01:57:46 -0700 (PDT) (envelope-from andyh@hhbb.co.uk) Received: from [10.0.0.25] (hedgie1.gotadsl.co.uk [82.133.95.107]) by smtp.nildram.co.uk (Postfix) with ESMTP id 0BBCB251DC0 for ; Wed, 12 May 2004 09:55:53 +0100 (BST) Mime-Version: 1.0 (Apple Message framework v613) Content-Transfer-Encoding: 7bit Message-Id: <2CBADBFE-A3F2-11D8-86C0-000D93511A6A@hhbb.co.uk> Content-Type: text/plain; charset=US-ASCII; format=flowed To: From: Andy Holyer Date: Wed, 12 May 2004 09:55:53 +0100 X-Mailer: Apple Mail (2.613) Subject: Mirroring Mysql databases - and secure tunneling, while I'm at it. X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 12 May 2004 08:57:47 -0000 I've looked in the docs, and used google, and I need a quick steer as to the best way to proceed. Our company is running two servers: one is a public web/mail/dns server sitting in a rack at Telecity, the other one is sitting here right next to me, and should never be seen outside of the office. Both are running FreeBSD-CURRENT. Both carry MySQL databases: the public one will carry cyrus mail, and authentication data for a radius server, the private one will carry our customer account data. What I'd like to do, following my principle that buildings tend to burn down one at a time, is to set the two databases to mirror each other, so that we would be able to reconstitute either database if the need were to arise. I'd like this to be as easy and automatic as possible. Is there a standard vanilla way of doing this, or do I have to get inventive? On the same tack, I'd like to have an encrypted pipe between the two servers (over which this company-confidential data will travel). Since one of the servers is behind a NAT (and soon will be behind a firewall, too), I'd like to use CIPE rather then IPSec. Am I correct in finding that CIPE is not implemented on FreeBSD? Do i have to use IPSec? Thanks for any leads. --- Andy Holyer, Technical stuff Hedgehog Broadband, 11 Marlborough Place Brighton BN1 1UB 08451 260895 x 241